Free Microsoft AZ-305 Practice Test & Real Exam Questions
You have an on-premises Oracle database named DB1.
You have an Azure subscription that contains an Azure Synapse Analytics workspace named WS1.
You need to migrate DB1 to a dedicated SQL pool in WS1. The solution must minimize migration effort.
What should you use?
You have an Azure subscription that contains an Azure Synapse Analytics workspace named WS1.
You need to migrate DB1 to a dedicated SQL pool in WS1. The solution must minimize migration effort.
What should you use?
Correct Answer: B
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
Hotspot Question
You plan to deploy multiple containerized microservice-based apps to Azure Kubernetes Service (AKS).
You need to recommend a solution that implements the following functions:
- State management
- Pub/sub messaging
- Traffic routing and splitting
The solution must minimize administrative effort.
What should you include in the recommendation for each function? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You plan to deploy multiple containerized microservice-based apps to Azure Kubernetes Service (AKS).
You need to recommend a solution that implements the following functions:
- State management
- Pub/sub messaging
- Traffic routing and splitting
The solution must minimize administrative effort.
What should you include in the recommendation for each function? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation:
Box 1: Dapr
Dapr (Distributed Application Runtime) helps developers build resilient, reliable microservices.
Configure the state store component
There are multiple ways to authenticate to external resources via Dapr. This example doesn't use the Dapr Secrets API at runtime, but uses an Azure-based state store. Therefore, you can forgo creating a secret store component and instead provide direct access from the node app to the blob store using Managed Identity. If you want to use a non-Azure state store or the Dapr Secrets API at runtime, you could create a secret store component. This component would load runtime secrets so you can reference them at runtime.
Box 2: Istio
Istio is a service mesh technology that allows developers to secure, connect, run, control, and monitor distributed microservices architectures regardless of the vendor or platform. It manages interactions between services in container-based and virtual machine-based workloads.
Box 3: Flux
Manage cluster configuration by using the Flux Kustomize controller
The Flux Kustomize controller is installed as part of the microsoft.flux cluster extension. It allows the declarative management of cluster configuration and application deployment by using Kubernetes manifests synced from a Git repository. These Kubernetes manifests can optionally include a kustomize.yaml file.
Reference:
https://learn.microsoft.com/en-us/azure/container-apps/microservices-dapr
https://www.solo.io/topics/istio/istio-kubernetes/
https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/tutorial-use-gitops-flux2
You have an Azure subscription.
You need to recommend a solution to provide developers with the ability to provision Azure virtual machines. The solution must meet the following requirements:
- Only allow the creation of the virtual machines in specific regions.
- Only allow the creation of specific sizes of virtual machines.
What should you include in the recommendation?
You need to recommend a solution to provide developers with the ability to provision Azure virtual machines. The solution must meet the following requirements:
- Only allow the creation of the virtual machines in specific regions.
- Only allow the creation of specific sizes of virtual machines.
What should you include in the recommendation?
Correct Answer: B
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
A company wants to migrate workloads from on-premises to the cloud.
What are the three main migration effort phases that you would advise the company to prepare for?
What are the three main migration effort phases that you would advise the company to prepare for?
Correct Answer: B,C,D
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
You plan provision a High Performance Computing (HPC) cluster in Azure that will use a third- party scheduler.
You need to recommend a solution to provision and manage the HPC cluster node.
What should you include in the recommendation?
You need to recommend a solution to provision and manage the HPC cluster node.
What should you include in the recommendation?
Correct Answer: D
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is being deployed and configured for on-premises to Azure connectivity.
Several virtual machines exhibit network connectivity issues.
You need to analyze the network traffic to identify whether packets are being allowed or denied to the virtual machines.
Solution: Use Azure Traffic Analytics in Azure Network Watcher to analyze the network traffic.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is being deployed and configured for on-premises to Azure connectivity.
Several virtual machines exhibit network connectivity issues.
You need to analyze the network traffic to identify whether packets are being allowed or denied to the virtual machines.
Solution: Use Azure Traffic Analytics in Azure Network Watcher to analyze the network traffic.
Does this meet the goal?
Correct Answer: A
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
You have an Azure web app that uses an Azure key vault named KeyVault1 in the West US Azure region.
You are designing a disaster recovery plan for KeyVault1.
You plan to back up the keys in KeyVault1.
You need to identify to where you can restore the backup.
What should you identify?
You are designing a disaster recovery plan for KeyVault1.
You plan to back up the keys in KeyVault1.
You need to identify to where you can restore the backup.
What should you identify?
Correct Answer: A
Vote an answer
Explanation: Only visible for Pass4Leader members. You can sign-up / login (it's free).
Hotspot Question
Your company has 20 web APIs that were developed in-house.
The company is developing 10 web apps that will use the web APIs. The web apps and the APIs are registered in the company s Azure Active Directory (Azure AD) tenant. The web APIs are published by using Azure API Management.
You need to recommend a solution to block unauthorized requests originating from the web apps from reaching the web APIs. The solution must meet the following requirements:
- Use Azure AD-generated claims.
- Minimize configuration and management effort.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your company has 20 web APIs that were developed in-house.
The company is developing 10 web apps that will use the web APIs. The web apps and the APIs are registered in the company s Azure Active Directory (Azure AD) tenant. The web APIs are published by using Azure API Management.
You need to recommend a solution to block unauthorized requests originating from the web apps from reaching the web APIs. The solution must meet the following requirements:
- Use Azure AD-generated claims.
- Minimize configuration and management effort.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation:
Box 1: Azure AD
Authorization workflow
A user or application acquires a token from Azure AD with permissions that grant access to the backend-app.
Box 2: Azure API Management
The token is added in the Authorization header of API requests to API Management.
API Management validates the token by using the validate-jwt policy.
If a request doesn't have a valid token, API Management blocks it.
If a request is accompanied by a valid token, the gateway can forward the request to the API.
Reference:
https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad
https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies#ValidateJWT
