• Home
  • Articles
  • New (2021) Microsoft AZ-303 Exam Dumps [Q14-Q33]

New (2021) Microsoft AZ-303 Exam Dumps [Q14-Q33]

Share

New (2021) Microsoft AZ-303  Exam Dumps

Best Way To Study For Microsoft AZ-303 Exam Brilliant AZ-303 Exam Questions PDF

NEW QUESTION 14
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are planning to create a virtual network that has a scale set that contains six virtual machines (VMs).
A monitoring solution on a different network will need access to the VMs inside the scale set.
You need to define public access to the VMs.
Solution: Implement an Azure Load Balancer.
Does the solution meet the goal?

  • A. No
  • B. Yes

Answer: A

Explanation:
Section: [none]

 

NEW QUESTION 15
You have a hierarchy of management groups and Azure subscriptions as shown in the following table.

You create the Azure resources shown in the following table.

You assign roles to users as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point

Answer:

Explanation:

 

NEW QUESTION 16
You have an Azure Active Directory (Azure AD) tenant that contains the user groups shown in the following table.

You enable self-service password reset (SSPR) for Group1.
You configure the Notifications settings as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Box 1: Yes
Notify all admins when other admins reset their passwords: Yes.
Box 2: No
Notify users on password resets: No.
Box 3: No
* Notify users on password resets
If this option is set to Yes, then users resetting their password receive an email notifying them that their password has been changed. The email is sent via the SSPR portal to their primary and alternate email addresses that are on file in Azure AD. No one else is notified of the reset event.
* Notify all admins when other admins reset their passwords
If this option is set to Yes, then all administrators receive an email to their primary email address on file in Azure AD. The email notifies them that another administrator has changed their password by using SSPR.
Example: There are four administrators in an environment. Administrator A resets their password by using SSPR. Administrators B, C, and D receive an email alerting them of the password reset.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks
https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr

 

NEW QUESTION 17
You have an Azure virtual machine named VM1 that runs Windows Server 2016.
You install a line-of-business application on VM1.
You need to create a scale set by using VM1 as a custom image.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/tutorial-use-custom-image-powershell

 

NEW QUESTION 18
You have Azure virtual machines that have Update Management enabled. The virtual machines are configured as shown in the following table.

You need to ensure that all critical and security updates are applied to each virtual machine every month. What is the minimum number of update deployments you should create?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: D

 

NEW QUESTION 19
You plan to deploy five virtual machines to a virtual network subnet.
Each virtual machine will have a public IP address and a private IP address.
Each virtual machine requires the same inbound and outbound security rules.
What is the minimum number of network interfaces and network security groups that you require? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

By Default Inbound and Outbound Security Rules are same for all VMs. Therefore, if default rules suffice, then there is no need for NSG at all. 5 NICs and 1 NSG for non-default Inbound and Outbound Rules 5 Nics and 0 NSG for default Inbound and Outbound Rules.

 

NEW QUESTION 20

Subnet1 contains a virtual appliance named VM1 that operates as a router.
You create a routing table named RT1.
You need to route all inbound traffic to VNet1 through VM1.
How should you configure RT1? To answer, select the appropriate options in the answer area.
You have an Azure subscription that contains a virtual network named VNet1. VNet1 uses an IP address space of 10.0.0.0/16 and contains the subnets in the following table.

Answer:

Explanation:

 

NEW QUESTION 21
HOTSPOT
You create and save an Azure Resource Manager template named Template1 that includes the following four sections.
Section1.

Section2.

Section3.

Section4.

You deploy Template1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:

Explanation:

Section: [none]

 

NEW QUESTION 22
You have an Azure Resource Manager template for a virtual machine named Template1. Template1 has the following parameters section.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Box 1: Yes
The Resource group is not specified.
Box 2: No
The default value for the operating system is Windows 2016 Datacenter.
Box 3: Yes
Location is no default value.
References:
https://docs.microsoft.com/bs-latn-ba/azure/virtual-machines/windows/ps-template

 

NEW QUESTION 23
A company runs multiple Windows virtual machines (VMs) in Azure.
The IT operations department wants to apply the same policies as they have for on-premises VMs to the VMs running in Azure, including domain administrator permissions and schema extensions.
You need to recommend a solution for the hybrid scenario that minimizes the amount of maintenance required.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

References:
https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/identity/

 

NEW QUESTION 24
SIMULATION
Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.






When you are finished performing all the tasks, click the 'Next' button.
Note that you cannot return to the lab once you click the 'Next' button. Scoring occur in the background while you complete the rest of the exam.
Overview
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment.
While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab
You may start the lab by clicking the Next button.
Your on-premises network uses an IP address range of 131.107.2.0 to 131.107.2.255.
You need to ensure that only devices from the on-premises network can connect to the rg1lod8322490n1 storage account.
What should you do from the Azure portal?

Answer:

Explanation:
See solution below.
Section: [none]
Explanation:
Step 1: Navigate to the rg1lod8322490n1 storage account.
Step 2: Click on the settings menu called Firewalls and virtual networks.
Step 3: Ensure that you have elected to allow access from 'Selected networks'.
Step 4: To grant access to an internet IP range, enter the address range of 131.107.2.0 to 131.107.2.255 (in CIDR format) under Firewall, Address Ranges.
References:
https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security

 

NEW QUESTION 25
Your network contains an on-premises Active Directory domain named contoso.com that contains a member server named Server1.
You have the accounts shown in the following table.

You are installing Azure AD Connect on Server1.
You need to specify the account for Azure AD Connect synchronization. The solution must use the principle of least privilege.
Which account should you specify?

  • A. CONTOSO\User2
  • B. SERVER1\User4
  • C. CONTOSO\User3
  • D. CONTOSO\User1

Answer: A

Explanation:
Explanation
The default Domain User permissions are sufficient
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-accounts-permissions

 

NEW QUESTION 26
HOTSPOT
You have Azure Storage accounts as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:

Answer:

Explanation:

Section: [none]
Explanation:
Box 1: storageaccount1 and storageaccount2 only
Box 2: All the storage accounts
Note: The three different storage account options are: General-purpose v2 (GPv2) accounts, General-purpose v1 (GPv1) accounts, and Blob storage accounts.
* General-purpose v2 (GPv2) accounts are storage accounts that support all of the latest features for blobs, files, queues, and tables.
* Blob storage accounts support all the same block blob features as GPv2, but are limited to supporting only block blobs.
* General-purpose v1 (GPv1) accounts provide access to all Azure Storage services, but may not have the latest features or the lowest per gigabyte pricing.
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-options

 

NEW QUESTION 27
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription.
You have an on-premises file server named Server1 that runs Windows Server 2019.
You manage Server1 by using Windows Admin Center.
You need to ensure that if Server1 fails, you can recover Server1 files from Azure.
Solution: You create an Azure Storage account and an Azure Storage Sync service. You configure Azure File Sync for Server1.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: B

Explanation:
Explanation
Use Azure File Sync to centralize your organization's file shares in Azure Files, while keeping the flexibility, performance, and compatibility of an on-premises file server. Azure File Sync transforms Windows Server into a quick cache of your Azure file share.
Azure Files offers fully managed file shares in the cloud that are accessible via the industry standard Server Message Block (SMB) protocol. Azure file shares can be mounted concurrently by cloud or on-premises deployments of Windows, Linux, and macOS. Additionally, Azure file shares can be cached on Windows Servers with Azure File Sync for fast access near where the data is being used.
Azure file shares can be used to:
Replace or supplement on-premises file servers:
Azure Files can be used to completely replace or supplement traditional on-premises file servers or NAS devices. Popular operating systems such as Windows, macOS, and Linux can directly mount Azure file shares wherever they are in the world. Azure file shares can also be replicated with Azure File Sync to Windows Servers, either on-premises or in the cloud, for performance and distributed caching of the data where it's being used.
Reference:
https://docs.microsoft.com/en-us/azure/storage/files/storage-files-introduction

 

NEW QUESTION 28
You have the Azure SQL Database servers shown in the following table.

You plan to specify sqlserver1 as the primary server in a failover group.
Which servers can be used as a secondary server?

  • A. sqlserver4 and sqlserver5 only
  • B. sqlserver2 and sqlserver3 only
  • C. sqlserver2, sqlserver3, sqlserver4, and sqlserver5
  • D. sqlserver2 and sqlserver4 only

Answer: D

Explanation:
Section: [none]
Explanation:
The Resource Group must be the same.
The secondary server can have another location.
The secondary server cannot be the same as the primary server.
Reference:
https://docs.microsoft.com/en-us/azure/azure-sql/database/auto-failover-group-configure

 

NEW QUESTION 29
You have an Azure Active Directory (Azure AD) tenant that contains the user groups shown in the following table.

You enable self-service password reset (SSPR) for Group1.
You configure the Notifications settings as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
Box 1: Yes
Notify all admins when other admins reset their passwords: Yes.
Box 2: No
Notify users on password resets: No.
Box 3: No
Notify users on password resets
If this option is set to Yes, then users resetting their password receive an email notifying them that their password has been changed. The email is sent via the SSPR portal to their primary and alternate email addresses that are on file in Azure AD. No one else is notified of the reset event.
Notify all admins when other admins reset their passwords
If this option is set to Yes, then all administrators receive an email to their primary email address on file in Azure AD. The email notifies them that another administrator has changed their password by using SSPR.
Example: There are four administrators in an environment. Administrator A resets their password by using SSPR. Administrators B, C, and D receive an email alerting them of the password reset.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-howitworks
https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr

 

NEW QUESTION 30
You have an Azure virtual machine named VM1 that runs Windows Server 2016.
You install a line-to-business application on VM1.
You need to create an Azure virtual machine by using VM1 as a custom image.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation

Step 1: Run sysprep.exe on VM1.
If a template, or system image is used, System administrators must run the Sysprep tool to clear the SID information. The Sysprep tool is usually one of the last tasks performed by a system administrator when building a server image/template, that way each clone of the template will generalize a new unique SID for every server image copied from the template and will prepare the server for a first time boot.
The end result is a System template that functions as a new unique build every time it is deployed.
Step 2: From Azure CLI, deallocate VM1 and mark VM1 as generalized
To create an image, the VM needs to be deallocated. Deallocate the VM with Stop-AzVm. Then, set the state of the VM as generalized with Set-AzVm so that the Azure platform knows the VM is ready for use a custom image Step 3: Create a virtual machine scale set Now create a scale set with New-AzVmss that uses the -ImageName parameter to define the custom VM image created in the previous step.
References:
https://thesolving.com/server-room/when-and-how-to-use-sysprep/
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/tutorial-use-custom-image-powershell

 

NEW QUESTION 31
You create a virtual machine scale set named Scale1. Scale1 is configured as shown in the following exhibit.
The subscription contains the Azure SQL databases shown in the following table.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1:
The Autoscale scale out rule increases the number of VMs by 2 if the CPU threshold is 80% or higher. The initial instance count is 4 and rises to 6 when the 2 extra instances of VMs are added.
Box 2:
The Autoscale scale in rule decreases the number of VMs by 4 if the CPU threshold is 30% or lower. The initial instance count is 4 and thus cannot be reduced to 0 as the minimum instances is set to 2. Instances are only added when the CPU threshold reaches 80%.
References:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-overview
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-best-practices
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/autoscale-common-scale-patterns

 

NEW QUESTION 32
Your company has an Azure subscription.
You enable multi-factor authentication (MFA) for all users.
The company's help desk reports an increase in calls from users who receive MFA requests while they work from the company's main office.
You need to prevent the users from receiving MFA requests when they sign in from the main office.
What should you do?

  • A. From Conditional access in Azure Active Directory (Azure AD), create a custom control.
  • B. From Azure Active Directory (Azure AD), configure organizational relationships.
  • C. From Conditional access in Azure Active Directory (Azure AD), create a named location.
  • D. From the MFA service settings, create a trusted IP range.

Answer: D

Explanation:
The first thing you may want to do, before enabling Multi-Factor Authentication for any users, is to consider configuring some of the available settings. One of the most important features is a trusted IPs list. This will allow you to whitelist a range of IPs for your network. This way, when users are in the office, they will not get prompted with MFA, and when they take their devices elsewhere, they will. Here's how to do it:
Log in to your Azure Portal.
Navigate to Azure AD > Conditional Access > Named locations.
From the top toolbar select Configure MFA trusted IPs.
References:
https://www.kraftkennedy.com/implementing-azure-multi-factor-authentication/ The Trusted IPs feature of Azure Multi-Factor Authentication bypasses multi-factor authentication prompts for users who sign in from a defined IP address range. You can set trusted IP ranges for your on-premises environments to when users are in one of those locations, there's no Azure Multi-Factor Authentication prompt.

 

NEW QUESTION 33
......


Topics of AZ-303: Microsoft Azure Architect Technologies Exam

Candidates should apprehend the examination topics before they begin of preparation. because it’ll extremely facilitate them in touch the core. Our AZ-303 dumps will include the following topics:

1. Deploy and configure infrastructure (40-45%)

Analyze resource utilization and consumption

  • create baseline for resources
  • create action groups
  • view Alerts in Azure Monitor logs
  • analyze alerts across subscription
  • utilize Log Search query functions
  • configure diagnostic settings on resources
  • report on spend
  • monitor spend
  • monitor for unused resources
  • analyze metrics across subscription
  • create and test alerts
  • visualize diagnostics data using Azure Monitor Workbooks

Create and configure storage accounts

  • implement Azure AD authentication for storage
  • generate Shared access signature
  • manage access keys
  • implement Azure storage replication
  • monitor Activity log by using Azure Monitor logs
  • implement Azure storage account failover
  • configure network access to the storage account
  • create and configure storage account
  • install and use Azure Storage Explorer

Create and configure a VM for Windows and Linux

  • configure Virtual Machine Size
  • configure Storage
  • configure Networking
  • deploy and configure scale sets
  • implement dedicated hosts
  • configure High Availability
  • configure Monitoring

Automate deployment of VMs

  • configure Location of new VMs
  • modify Azure Resource Manager template
  • configure VHD template
  • deploy from template
  • deploy Windows and Linux VMs
  • save a deployment as an Azure Resource Manager template

Create connectivity between virtual networks

  • create virtual network gateway
  • create and configure Vnet peering
  • create and configure Vnet to Vnet connections
  • verify virtual network connectivity

Implement and manage virtual networking

  • create and configure network routes
  • configure public IP addresses
  • create and configure Network Security Groups and Application Security Groups
  • create and configure subnets
  • create and configure network interface
  • create and configure virtual network
  • configure private IP addressing

Manage Azure Active Directory

  • implement conditional access policies
  • configure self-service password reset
  • manage multiple directories
  • configure Azure AD Join
  • configure Azure AD Identity Protection
  • add custom domains
  • perform an access review

Implement and manage hybrid identities

  • configure federation
  • configure single sign-on
  • troubleshoot password sync and writeback
  • manage and troubleshoot Azure AD Connect
  • install and configure Azure AD Connect

Implement solutions that use virtual machines (VM)

  • create Azure Resource Manager templates
  • provision VMs
  • configure Azure Disk Encryption for VMs
  • implement Azure Backup for VMs

2. Implement workloads and security (25-30%)

Migrate servers to Azure

  • migrate servers using Azure Migrate

Configure serverless computing

  • manage a Logic App Resource
  • create and manage objects
  • manage Service Bus
  • manage Event Grid
  • manage Azure Function app settings

Implement application load balancing

  • configure Azure Front Door service
  • configure Azure Traffic Manager
  • configure application gateway

Integrate on premises network with Azure virtual network

  • create and configure site to site VPN
  • troubleshoot on premises connectivity with Azure
  • verify on premises connectivity
  • create and configure Azure VPN Gateway
  • configure ExpressRoute
  • configure Virtual WAN

Implement multi factor authentication

  • configure bypass options
  • configure verification methods
  • configure user accounts for MFA
  • configure fraud alerts
  • configure Trusted IPs

Manage role-based access control

  • assign RBAC Roles
  • create a custom role
  • configure access to Azure resources by assigning roles
  • implement Azure Policies
  • troubleshoot RBAC
  • configure management access to Azure

3. Create and deploy apps (5-10%)

Create web apps by using PaaS

  • create an App Service Web App for Containers
  • enable diagnostics logging
  • create an App Service background task by using WebJobs
  • create an Azure app service Web App
  • create documentation for the API

Design and develop apps that run in containers

  • implement an application that runs on an Azure Container Instance
  • create a container image by using a Dockerfile
  • create an Azure Kubernetes Service
  • publish an image to the Azure Container Registry
  • configure diagnostic settings on resources
  • manage container settings by using code

4. Implement authentication and secure data (5-10%)

Implement authentication

  • create, read, update, and delete keys, secrets, and certificates by using the KeyVault API
  • implement Azure Confidential Compute
  • implement Managed Identities for Azure resources Service Principal authentication Implement secure data solutions
  • implement multi-factor authentication by using Azure AD
  • implement SSL/TLS communications
  • encrypt data with Always Encrypted
  • encrypt and decrypt data at rest and in transit
  • implement OAuth2 authentication
  • implement authentication by using certificates, forms-based authentication, tokens, or Windows-integrated authentication

5. Develop for the cloud and for Azure storage (15-20%)

Configure a message-based integration architecture

  • create and configure an Event Hub
  • configure Event Grid
  • create and configure a Service Bus
  • configure the Azure Relay service
  • configure an app or service to send emails
  • create and configure a Notification Hub

Develop for autoscaling

  • implement autoscaling rules and patterns (schedule, operational/system metrics)
  • implement code that addresses singleton application instances
  • implement code that addresses transient state

Develop solutions that use Cosmos DB storage

  • implement partitioning schemes
  • set the appropriate consistency level for operations
  • create, read, update, and delete data by using appropriate APIs

Develop solutions that use a relational database

  • create, read, update, and delete data tables by using code
  • configure elastic pools for Azure SQL Database
  • implement Azure SQL Database managed instances
  • provision and configure relational databases

 

Updated Verified Pass AZ-303 Exam - Real Questions & Answers: https://www.dumpsactual.com/AZ-303-actualtests-dumps.html

Related Articles

more
Microsoft AZ-303 Certification Practice Exam

Our exam study dumps are compiled through several times of checking and verification, which are with the high pass rate up to 98%. All the actual questions & answers are selected and confirmed according to strict standards with assurance for 100% pass.

Latest Exam Questions

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 DumpsActual NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy