September/2021 Latest Braindump2go AZ-303 Exam Dumps with PDF and VCE Free Updated Today! Following are some new AZ-303 Real Exam Questions!
QUESTION 255
You have an Azure key vault named KV1 and an Azure web app named WebApp1. WebApp1 runs in a Shared App Service plan.
You need to grant WebApp1 permissions to KV1.
What should you do?
A. Change to a Standard App Service plan.
B. Add a certificate to WebApp1.
C. Change to a Basic App Service plan.
D. Add a managed identity to WebApp1.
Answer: D
Explanation:
https://thecodeblogger.com/2020/06/03/azure-web-app-and-managed-identity-to-access-key-vault/
https://docs.microsoft.com/en-us/azure/app-service/app-service-key-vault-references
QUESTION 256
You have 10 Azure virtual machines on a subnet named Subnet1. Subnet1 is on a virtual network named VNet1.
You plan to deploy a public Azure Standard Load Balancer named LB1 to the same Azure region as the 10 virtual machines.
You need to ensure that traffic from all the virtual machines to the internet flows through LB1. The solution must block specific public IP addresses from being accessed by the virtual machines.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Add health probes to LB1.
B. Add the network interfaces of the virtual machines to the backend pool of LB1.
C. Add an inbound rule to LB1.
D. Add an outbound rule to LB1.
E. Associate a network security group (NSG) to Subnet1.
F. Associate a user-defined route to Subnet1.
Answer: ABD
Explanation:
A: To allow the Load Balancer to monitor the status of your app, you use a health probe. The health probe dynamically adds or removes VMs from the Load Balancer rotation based on their response to health checks.
B: To distribute traffic to the VMs, a backend address pool contains the IP addresses of the virtual (NICs) connected to the Load Balancer.
D: A Load Balancer rule is used to define how traffic is distributed to the VMs. Only outbound traffic is allowed.
https://docs.microsoft.com/en-us/azure/load-balancer/tutorial-load-balancer-standard-manage-portal
QUESTION 257
You have an Azure data factory named ADF1.
A pipeline in ADF1 must authenticate to an Azure SQL database to perform scheduled data exports.
You need to recommend an authentication solution for the connection. The solution must minimize the risks associated with stored usernames and passwords.
Which type of authentication should you recommend?
A. Azure Active Directory -Universal with MFA
B. Windows Authentication
C. SQL Server authentication
D. Managed Service Identity (MSI)
Answer: D
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
QUESTION 258
You have an Azure Kubernetes Service (AKS) cluster named aks1.
You need to enable the cluster autoscaler on aks1.
Which command should you run in Azure CLI?
A. kubectl autoscale
B. az aks scale
C. kubectl apply
D. az aks update
Answer: D
Explanation:
https://docs.microsoft.com/en-us/azure/aks/cluster-autoscaler#create-an-aks-cluster-and-enable-the-cluster-autoscaler
QUESTION 259
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company is deploying an on-premises application named App1. Users will access App1 by using a URL of https://app1.contoso.com.
You register App1 in Azure Active Directory (Azure AD) and publish App1 by using the Azure AD Application Proxy.
You need to ensure that App1 appears in the My Apps portal for all the users.
Solution: You configure the delegated permission for App1 in Azure AD.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation::
Instead, you modify User and Groups for App1.
https://cloud.google.com/architecture/identity/integrating-google-services-and-apps-with-azure-ad-portal#adding_links
QUESTION 260
You have an Azure subscription named Sub1 that has a subscription ID of 12ab3cd4-5e67-8901-f234-g5hi67jkl8m9.
In Sub1, you create an Azure Storage account named storage1 and a table named Table1.
Which URI should you use to access Table1?
A. https://storage.core.windons.net/12ab3cd4-5e67-8901-f234-g5hi67jkl8m9/storagel/table1
B. https://sub1.core.windows.net/storagel/table1
C. https://table1.table.core.windows.net/storage1
D. https://storagel.table.core.windows.net/table1
Answer: D
Explanation:
https://docs.microsoft.com/en-us/azure/storage/tables/table-storage-overview
QUESTION 261
You monitor Azure virtual machines by using Azure Monitor.
You plan to restart the virtual machines when CPU usage exceeds 95 percent for more than 30 minutes.
You need to create an alert in Azure Monitor to restart the virtual machines. The solution must minimize administrative effort.
Which type of action should you use in the alert?
A. ITSM
B. Webhook
C. Automation Runbook
D. Logic App
Answer: C
Explanation::
Automation runbooks allows you to automatically perform standard remediations in response to VM alerts, like restarting or stopping the VM.
Previously, during VM alert rule creation you were able to specify an Automation webhook to a runbook in order to run the runbook whenever the alert triggered. However, this required you to do the work of creating the runbook, creating the webhook for the runbook, and then copying and pasting the webhook during alert rule creation. With this new release, the process is much easier because you can directly choose a runbook from a list during alert rule creation, and you can choose an Automation account which will run the runbook or easily create an account.
https://azure.microsoft.com/en-us/blog/automatically-remediate-azure-vm-alerts-with-automation-runbooks/
QUESTION 262
Hotspot Question
You have an on-premises server that runs Windows Server 2019 and hosts a web app named App1.
You have an Azure subscription named Subscription1.
You plan to migrate App1 to Subsciption1 by using Azure Migrate.
To which type of Azure service will App1 be migrated, and what should you provide during the migration? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
https://docs.microsoft.com/en-us/learn/modules/migrate-app-service-migration-assistant/6-exercise-migration
QUESTION 263
Hotspot Question
You have an Azure subscription that contains 20 virtual machines. The virtual machines run Windows Server 2019.
You need to enable Update Management and deploy the required agents to the virtual machines.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
https://docs.microsoft.com/en-us/azure/automation/update-management/enable-from-automation-account
QUESTION 264
Hotspot Question
You have an Azure App Service web app named webapp1 and an Azure key vault named kv1.
You need to ensure that webapp1 can retrieve secrets stored in kv1.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: Enable a system-assigned managed identity.
A managed identity automatically manages application credentials and can be used to authenticate to Key Vault.
Box 2:
Modify the default firewall and virtual network settings.
You can reduce the exposure of your vaults by specifying which IP addresses have access to them. The virtual network service endpoints for Azure Key Vault allow you to restrict access to a specified virtual network.
https://docs.microsoft.com/en-us/azure/key-vault/general/tutorial-net-create-vault-azure-web-app
https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
https://docs.microsoft.com/en-us/azure/key-vault/general/security-features
QUESTION 265
Drag and Drop Question
You have an Azure subscription that contains a Basic App Service plan named webapp1plan. Webapp1plan contains a web app named webapp1.
You need to deploy a new version of webapp1. The solution must meet the following requirements:
– Enable testing of new versions before their production release.
– Minimize downtime of webapp1 during the deployment.
– Minimize costs.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
When you deploy your web app to Azure App Service, you can use a separate deployment slot instead of the default production slot when you’re running in the Standard, Premium, or Isolated App Service plan tier. Deployment slots are live apps with their own host names. App content and configurations elements can be swapped between two deployment slots, including the production slot.
Box 1: Upgrade webapp1plan to Standard.
The app must be running in the Standard, Premium, or Isolated tier in order for you to enable multiple deployment slots.
Box 2: Add a deployment slot to webapp1.
Box 3: Deploy the new version of webapp1.
The new deployment slot has no content, even if you clone the settings from a different slot. You can deploy to the slot from a different repository branch or a different repository.
Box 4: Perform a slot swap.
https://docs.microsoft.com/en-us/azure/app-service/deploy-staging-slots
Resources From:
1.2021 Latest Braindump2go AZ-303 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/az-303.html
2.2021 Latest Braindump2go AZ-303 PDF and AZ-303 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1l4-Ncx3vdn9Ra2pN5d9Lnjv3pxbJpxZB?usp=sharing
3.2021 Free Braindump2go AZ-303 Exam Questions Download:
https://www.braindump2go.com/free-online-pdf/AZ-303-PDF-Dumps247-265).pdf
Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!