[3-Aug-2020 Update] Exam AZ-303 VCE Dumps and AZ-303 PDF Dumps from PassLeader

Valid AZ-303 Dumps shared by PassLeader for Helping Passing AZ-303 Exam! PassLeader now offer the newest AZ-303 VCE dumps and AZ-303 PDF dumps, the PassLeader AZ-303 exam questions have been updated and ANSWERS have been corrected, get the newest PassLeader AZ-303 dumps with VCE and PDF here: https://www.passleader.com/az-303.html (128 Q&As Dumps –> 167 Q&As Dumps –> 210 Q&As Dumps –> 222 Q&As Dumps –> 246 Q&As Dumps –> 265 Q&As Dumps –> 289 Q&As Dumps)

BTW, DOWNLOAD part of PassLeader AZ-303 dumps from Cloud Storage: https://drive.google.com/drive/folders/176HrMWNv2qpK0-7e8ACdvMjBEr5xXCcr

You are designing an Azure solution. The solution must meet the following requirements:
– Distribute traffic to different pools of dedicated virtual machines (VMs) based on rules.
– Provide SSL offloading capabilities.
You need to recommend a solution to distribute network traffic. Which technology should you recommend?

A.    Azure Application Gateway
B.    Azure Load Balancer
C.    Azure Traffic Manager
D.    server-level firewall rules

Answer: A
If you require “SSL offloading”, application layer treatment, or wish to delegate certificate management to Azure, you should use Azure’s layer 7 load balancer Application Gateway instead of the Load Balanacer.
Not D: Because Load Balancer is agnostic to the TCP payload and TLS offload (“SSL”) is not provided.

You are implementing authentication for applications in your company. You plan to implement self-service password reset (SSPR) and multifactor authentication (MFA) in Azure Active Directory (Azure AD). You need to select authentication mechanisms that can be used for both MFA and SSPR. Which two authentication methods should you use? (Each correct answer presents a complete solution. Choose two.)

A.    Authenticator app
B.    Email addresses
C.    App passwords
D.    Short Message Service (SMS) messages
E.    Security questions

Answer: AD
The following authentication mechanisms can be used for both MFA and SSPR:
– Short Message Service (SMS) messages
– Azure AD passwords
– Microsoft Authenticator app
– Voice call
Not B and E: The following authentication mechanisms are used for SSPR only:
– Email addresses
– Security questions
C: App passwords authentication mechanisms can be used for MFA only, but only in certain cases.

You have SQL Server on an Azure virtual machine named SQL1. You need to automate the backup of the databases on SQL1 by using Automated Backup v2 for the virtual machines. The backups must meet the following requirements:
– Meet a recovery point objective (RPO) of 15 minutes.
– Retain the backups for 30 days.
– Encrypt the backups at rest.
What should you provision as part of the backup solution?

A.    Elastic Database jobs
B.    Azure Key Vault
C.    an Azure Storage account
D.    a Recovery Services vault

Answer: C
An Azure storage account is used for storing Automated Backup files in blob storage. A container is created at this location to store all backup files. The backup file naming convention includes the date, time, and database GUID.

You have resources in three Azure regions. Each region contains two virtual machines. Each virtual machine has a public IP address assigned to its network interface and a locally installed application named App1. You plan to implement Azure Front Door-based load balancing across all the virtual machines. You need to ensure that App1 on the virtual machines will only accept traffic routed from Azure Front Door. What should you implement?

A.    Azure Private Link
B.    service endpoints
C.    network security groups (NSGs) with service tags
D.    network security groups (NSGs) with application security groups

Answer: C
Configure IP ACLing for your backends to accept traffic from Azure Front Door’s backend IP address space and Azure’s infrastructure services only.

You have a server named Server1 that runs Windows Server 2019. Server1 is a container host. You are creating a Dockerfile to build a container image. You need to add a file named File1.txt from Server1 to a folder named C:\Folder1 in the container image.
Solution: You add the following line to the Dockerfile:
COPY File1.txt /Folder1/
You then build the container image.
Does this meet the goal?

A.    Yes
B.    No

Answer: A
Copy is the correct command to copy a file to the container image.

You have an Azure Active Directory (Azure AD) tenant named contoso.com. A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers that the Access reviews settings are unavailable. Admin1 discovers that all the other identity Governance settings are available. Admin1 is assigned the User administrator, Compliance administrator, and Security administrator roles. You need to ensure that Admin1 can create access reviews in contoso.com.
Solution: You assign the Global administrator role to Admin1.
Does this meet the goal?

A.    Yes
B.    No

Answer: B
Instead use Azure AD Privileged Identity Management. Note: PIM essentially helps you manage the who, what, when, where, and why for resources that you care about.

You have an Azure subscription named Subscription1. You create several Azure virtual machines in Subscription1. All of the virtual machines belong to the same virtual network. You have an on-premises Hyper-V server named Server1. Server1 hosts a virtual machine named VM1. You plan to replicate VM1 to Azure. You need to create additional objects in Subscription1 to support the planned deployment. Which three objects should you create? (Each correct answer presents part of the solution. Choose three.)

A.    Hyper-V site
B.    Azure Recovery Services Vault
C.    storage account
D.    replication policy
E.    Azure Traffic Manager instance
F.    endpoint

Answer: ABD

You create an Azure virtual machine named VM1 in a resource group named RG1. You discover that VM1 performs slower than expected. You need to capture a network trace on VM1. What should you do?

A.    From Diagnostic settings for VM1, configure the performance counters to include network counters.
B.    From the VM1 blade, configure Connection troubleshoot.
C.    From the VM1 blade, install performance diagnostics and run advanced performance analysis.
D.    From Diagnostic settings for VM1, configure the log level of the diagnostic agent.

Answer: C

A company plans to use third-party application software to perform complex data analysis processes. The software will use up to 500 identical virtual machines (VMs) based on an Azure Marketplace VM image. You need to design the infrastructure for the third-party application server. The solution must meet the following requirements:
– The number of VMs that are running at any given point in time must change when the user workload changes.
– When a new version of the application is available in Azure Marketplace it must be deployed without causing application downtime.
– Use VM scale sets.
– Minimize the need for ongoing maintenance.
Which two technologies should you recommend? (Each correct answer presents part of the solution. Choose two.)

A.    single storage account
B.    autoscale
C.    single placement group
D.    managed disks

Answer: BD

You have a resource group named RG1 that contains the following:
– A virtual network that contains two subnets named Subnet1 and Subnet2
– An Azure Storage account named contososa1
– An Azure firewall deployed to Subnet2
You need to ensure that contososa1 is accessible from Subnet1 over the Azure backbone network. What should you do?

A.    Deploy an Azure firewall to Subnet1.
B.    Remove the Azure firewall.
C.    Implement a virtual network service endpoint.
D.    Create a stored access policy for contososa1.

Answer: C
Virtual Network (VNet) service endpoints extend your virtual network private address space and the identity of your VNet to the Azure services, over a direct connection. Endpoints allow you to secure your critical Azure service resources to only your virtual networks. Traffic from your VNet to the Azure service always remains on the Microsoft Azure backbone network.

A company is migrating an existing on-premises third-party website to Azure. The website is stateless. The company does not have access to the source code for the website. They have the original installer. The number of visitors at the website varies throughout the year. The on-premises infrastructure was resized to accommodate peaks but the extra capacity was not used. You need to implement a virtual machine scale set instance. What should you do?

A.    Use a webhook to log autoscale failures.
B.    Use an autoscale setting to scale instances vertically.
C.    Use only default diagnostics metrics to trigger autoscaling.
D.    Use an autoscale setting to define more profiles that have one or more autoscale rules.

Answer: C
In-guest VM metrics with the Azure diagnostics extension The Azure diagnostics extension is an agent that runs inside a VM instance. The agent monitors and saves performance metrics to Azure storage. These performance metrics contain more detailed information about the status of the VM, such as AverageReadTime for disks or PercentIdleTime for CPU. You can create autoscale rules based on a more detailed awareness of the VM performance, not just the percentage of CPU usage or memory consumption.

You create a container image named Image1 on a developer workstation. You plan to create an Azure Web App for Containers named WebAppContainer that will use Image1. You need to upload Image1 to Azure. The solution must ensure that WebAppContainer can use Image1. To which storage type should you upload Image1?

A.    Azure Container Registry
B.    an Azure Storage account that contains a blob container
C.    an Azure Storage account that contains a file share
D.    Azure Container Instances

Answer: A
Configure registry credentials in web app. App Service needs information about your registry and image to pull the private image. In the Azure portal, go to Container settings from the web app and update the Image source, Registry and save.

A company’s development team is currently developing a Docker/Go based application. The application needs to be deployed to the Azure Web App service using containers on the Linux platform. Currently there are no resource groups in place in the company’s Azure account that supports the Linux platform. You must advise on the necessary and minimum number of steps to provide the ability to host the application in the company’s Azure account. Which of the following Azure CLI commands would you recommend implementing for this requirement? (Choose three.)

A.    az group update
B.    az webapp update
C.    az group create
D.    az appservice plan create
E.    az webapp create

Answer: CDE

A company has an on-premise setup and a setup defined in Azure. They have gone ahead and created an Azure Logic App named lead2pass-app. They need this app to query an on-premise SQL database server. Which of the following steps need to be performed to fulfil this requirement? (Choose three.)

A.    Create a Virtual Machine in Azure.
B.    Install the On-premise data gateway on the Azure Virtual Machine.
C.    From the Azure portal, create an on-premise data gateway.
D.    On a computer in the on-premise network, install an on-premise data gateway.
E.    From the Logic App Designer, add a connector.

Answer: CDE

Your company needs to migrate a Virtual Machine, lead2pass-vm, hosted in Amazon Web Services to Azure using Azure Site Recovery. The following resources have been created for the implementation:
– A Virtual Network in Azure
– A Replication Policy
– A Recovery Services vault
– An Azure storage account
Which of the following steps would you carry out for the migration? (Choose three.)

A.    Install Azure Site Recovery Unified Setup.
B.    Enable Windows Powershell remoting on whizlabs-vm.
C.    Enable replication for whizlabs-vm.
D.    Create an Azure Migrate project.
E.    Deploy another server in Amazon Web Services as the configuration server.

Answer: ACE

A company wants to sync their on-premise AD with Azure AD. They have setup Azure AD connect and configured the setup for Password hash synchronization, Single Sign-On and staging mode is also enabled. After an initial review it can be seen that the Synchronization Service Manager is not displaying any sync jobs. Which of the following step would need to be carried out to resolve this issue?

A.    Be sure to configure, Azure AD for Pass-through Authentication.
B.    Run a full import using the Service Manager.
C.    From Azure AD Connect, ensure to disable staging mode.
D.    Run a full import from the local on-premise AD.

Answer: C

A company has a number of VMWare Virtual Machines that need to be migrated onto Azure. You first have to discover and assess the virtual machines for the migration. Which of the following steps would you implement for this requirement? (Choose four.)

A.    From the Azure Portal, download the OVA file.
B.    Create a collector virtual Machine.
C.    From the Azure Portal, download the Azure Site Recovery agent.
D.    Configure the collector to start the discovery.
E.    Create an assessment.
F.    Create a backup policy.

Answer: ABDE

A company has a web application named lead2pass-app deployed to Azure. The Web App is deployed using the Azure App Service based on the D1 pricing tier. The application is now being modified and needs to accept connections on HTTPS. You have to ensure that the cost is minimized for any changes made. Which of the following needs to be done to ensure this requirement can be fulfilled?

A.    Scale out the App Service Plan
B.    Scale up the App Service Plan
C.    Change the properties of the Web App
D.    Change the Quota of the Web App

Answer: B
Option A is incorrect since this option is used for Autoscaling purpose. Options C and D are incorrect since these are read-only features.

Your company has an Azure Container Registry named Registry1. You have an Azure virtual machine named Serverl that runs Windows Server 2019. From Serverl, you create a container image named image1. You need to add image1 to Registry1. Which command should you run on Server1? (To answer, select the appropriate options in the answer area.)

An Azure container registry stores and manages private Docker container images, similar to the way Docker Hub stores public Docker images. You can use the Docker command-line interface (Docker CLI) for login, push, pull, and other operations on your container registry.

Drag and Drop
You have an Azure subscription that contains the resources shown in the following table:
In RG2, you need to create a new virtual machine named VM2 that will connect to VNET1. VM2 will use a network interface named VM2_Interface. In which region should you create VM2 and VM2_Interface? (To answer, drag the appropriate regions to the correct targets. Each region may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

VM2: West US. In RG2, which is in West US, you need to create a new virtual machine named VM2.
VM2_interface: East US. VM2 will use a network interface named VM2_Interface to connect to VNET1, which is in East US.


Get the newest PassLeader AZ-303 VCE dumps here: https://www.passleader.com/az-303.html (128 Q&As Dumps –> 167 Q&As Dumps –> 210 Q&As Dumps –> 222 Q&As Dumps –> 246 Q&As Dumps –> 265 Q&As Dumps –> 289 Q&As Dumps)

And, DOWNLOAD the newest PassLeader AZ-303 PDF dumps from Cloud Storage for free: https://drive.google.com/drive/folders/176HrMWNv2qpK0-7e8ACdvMjBEr5xXCcr