Az 305 Comprehensive
Questions with Verified
Answers Graded A+
You have an Azure subscription that contains a custom application named Application1.
Application1 was developed by an external company named Fabrikam,Ltd. Developers at
Fabrikam were assigned role-based access control (RBAC) permissions to the Application1
components. All users are licensed for theMicrosoft 365 E5 plan.You need to recommend a
solution to verify whether the Fabrikam developers still require permissions to Application1.
The solution must meet the following requirements:✑ To the manager of the developers, send a
monthly email message that lists the access permissions to Application1.✑ If the manager does
not verify an access permission, automatically revoke that permission.✑ Minimize development
effort.What should you recommend? - Answer: In Azure Active Directory (Azure AD), create an
access review of Application1
You have an Azure subscription. The subscription has a blob container that contains multiple
blobs.Ten users in the finance department of your company plan to access the blobs during the
month of April.You need to recommend a solution to enable access to the blobs during the
month of April only.Which security solution should you include in the recommendation? -
Answer: shared access signatures (SAS)
You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active
Directory domain.You have an internal web app named WebApp1 that is hosted on-premises.
WebApp1 uses Integrated Windows authentication.Some users work remotely and do NOT have
VPN access to the on-premises network.You need to provide the remote users with single sign-
on (SSO) access to WebApp1.Which two features should you include in the solution? Each
correct answer presents part of the solution.NOTE: Each correct selection is worth one point. -
Answer: Azure AD Application Proxy and Azure AD enterprise applications
Questions with Verified
Answers Graded A+
You have an Azure subscription that contains a custom application named Application1.
Application1 was developed by an external company named Fabrikam,Ltd. Developers at
Fabrikam were assigned role-based access control (RBAC) permissions to the Application1
components. All users are licensed for theMicrosoft 365 E5 plan.You need to recommend a
solution to verify whether the Fabrikam developers still require permissions to Application1.
The solution must meet the following requirements:✑ To the manager of the developers, send a
monthly email message that lists the access permissions to Application1.✑ If the manager does
not verify an access permission, automatically revoke that permission.✑ Minimize development
effort.What should you recommend? - Answer: In Azure Active Directory (Azure AD), create an
access review of Application1
You have an Azure subscription. The subscription has a blob container that contains multiple
blobs.Ten users in the finance department of your company plan to access the blobs during the
month of April.You need to recommend a solution to enable access to the blobs during the
month of April only.Which security solution should you include in the recommendation? -
Answer: shared access signatures (SAS)
You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active
Directory domain.You have an internal web app named WebApp1 that is hosted on-premises.
WebApp1 uses Integrated Windows authentication.Some users work remotely and do NOT have
VPN access to the on-premises network.You need to provide the remote users with single sign-
on (SSO) access to WebApp1.Which two features should you include in the solution? Each
correct answer presents part of the solution.NOTE: Each correct selection is worth one point. -
Answer: Azure AD Application Proxy and Azure AD enterprise applications
