AZ-305 Assessment
Comprehensive Questions with
Verified Answers Graded A+
Access Reviews - Answer: Azure AD P2 feature under identity governments, helps to analyze
who has certain roles, whose in certain groups, who as access to certain apps, etc., to validate if
people still need the role they have.
Just-in-time (JIT) - Answer: Allows permissions only when needed via authenticating through a
strong authentication service such as AAD w/ multifactor authentication. P2 Feature
Permissions only given temporarily through privilidged identity management.
How to work with partners who have their own tenant? - Answer: They will use AAD, gmail,
SAML, or something else (OTP) for authentication using their tenant provider. We will use B2B
to create guests accounts that will authorize those guest users with trust to that tenant and
assign them permissions
Azure AD Domain Services - Answer: Provides a managed AD in a particular virtual network for
you. Good if you need to use kerberos, ldap, NTLM, etc., in an Azure subscription and don't have
regular domain.
You have an app that you want to make available to your customers and allow them to use
social accounts or create local accounts for authentication, what AAD service do you use? -
Answer: AAD B2C
, You want to give a set of resources the same set of permissions, what do you need to use? -
Answer: User Assigned Identity, gives a created identity associated with authorized access
policies to resources separate from the lifecycle of the resource (unlike System Assigned
Managed Identity)
You can keep logs in a logs analytic workspace for how long? - Answer: 2 years
Where do you specify where logs will go for your resources? - Answer: Diagnostic Settings
How would you balance L7 load balancers in separate regions, such as if one fails? - Answer: Use
Azure Front Door
How would you balance L4 load balancers in separate regions such as if one fails? - Answer:
Azure Traffic Manager which will route based on DNS to the closest user.
What SQL server offering would you recommend if the client needs good compatibility for
things like common language runtime, cross database transactions, and SQL Server Agent, but
wants to minimize maintenance overhead? - Answer: SQL Server Managed Instance meets
these requirements
What SQL solution would you use for IoT devices that is lightweight? - Answer: Azure SQL Edge.
Containerized version of SQL on linux. Connected mode is pulled down from marketplace and
disconnected mode is docker image.
Azure event hub is for events while Azure Service Bus is for ___ - Answer: Messages, enterprise
solution, consists of queues of 1:1 or Topics 1:N
T or F, AKS can use CI for burst scenarios - Answer: Yes, AKS can use Container Instances for
burst scenarios for temporary performance boosts
Comprehensive Questions with
Verified Answers Graded A+
Access Reviews - Answer: Azure AD P2 feature under identity governments, helps to analyze
who has certain roles, whose in certain groups, who as access to certain apps, etc., to validate if
people still need the role they have.
Just-in-time (JIT) - Answer: Allows permissions only when needed via authenticating through a
strong authentication service such as AAD w/ multifactor authentication. P2 Feature
Permissions only given temporarily through privilidged identity management.
How to work with partners who have their own tenant? - Answer: They will use AAD, gmail,
SAML, or something else (OTP) for authentication using their tenant provider. We will use B2B
to create guests accounts that will authorize those guest users with trust to that tenant and
assign them permissions
Azure AD Domain Services - Answer: Provides a managed AD in a particular virtual network for
you. Good if you need to use kerberos, ldap, NTLM, etc., in an Azure subscription and don't have
regular domain.
You have an app that you want to make available to your customers and allow them to use
social accounts or create local accounts for authentication, what AAD service do you use? -
Answer: AAD B2C
, You want to give a set of resources the same set of permissions, what do you need to use? -
Answer: User Assigned Identity, gives a created identity associated with authorized access
policies to resources separate from the lifecycle of the resource (unlike System Assigned
Managed Identity)
You can keep logs in a logs analytic workspace for how long? - Answer: 2 years
Where do you specify where logs will go for your resources? - Answer: Diagnostic Settings
How would you balance L7 load balancers in separate regions, such as if one fails? - Answer: Use
Azure Front Door
How would you balance L4 load balancers in separate regions such as if one fails? - Answer:
Azure Traffic Manager which will route based on DNS to the closest user.
What SQL server offering would you recommend if the client needs good compatibility for
things like common language runtime, cross database transactions, and SQL Server Agent, but
wants to minimize maintenance overhead? - Answer: SQL Server Managed Instance meets
these requirements
What SQL solution would you use for IoT devices that is lightweight? - Answer: Azure SQL Edge.
Containerized version of SQL on linux. Connected mode is pulled down from marketplace and
disconnected mode is docker image.
Azure event hub is for events while Azure Service Bus is for ___ - Answer: Messages, enterprise
solution, consists of queues of 1:1 or Topics 1:N
T or F, AKS can use CI for burst scenarios - Answer: Yes, AKS can use Container Instances for
burst scenarios for temporary performance boosts
