Massive Halloween Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

AZ-303 Questions and Answers

Question # 4

You are planning the move of App1 to Azure.

You create a network security group (NSG).

You need to recommend a solution to provide users with access to App1.

What should you recommend?

A.

Create an outgoing security rule for port 443 from the Internet. Associate the NSG to all the subnets.

B.

Create an incoming security rule for port 443 from the Internet. Associate the NSG to all the subnets.

C.

Create an incoming security rule for port 443 from the Internet. Associate the NSG to the subnet that contains the web servers.

D.

Create an outgoing security rule for port 443 from the Internet. Associate the NSG to the subnet that contains the web servers.

Full Access
Question # 5

You need to identify the storage requirements for Contoso.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Full Access
Question # 6

You need to meet the user requirement for Admin1.

What should you do?

A.

From the Subscriptions blade, select the subscription, and then modify the Properties.

B.

From the Subscriptions blade, select the subscription, and then modify the Access control (IAM) settings.

C.

From the Azure Active Directory blade, modify the Properties.

D.

From the Azure Active Directory blade, modify the Groups.

Full Access
Question # 7

You need to implement a backup solution for App1 after the application is moved.

What should you create first?

A.

a recovery plan

B.

an Azure Backup Server

C.

a backup policy

D.

a Recovery Services vault

Full Access
Question # 8

You need to recommend an identify solution that meets the technical requirements.

What should you recommend?

A.

federated single-on (SSO) and Active Directory Federation Services (AD FS)

B.

password hash synchronization and single sign-on (SSO)

C.

cloud-only user accounts

D.

Pass-through Authentication and single sign-on (SSO)

Full Access
Question # 9

Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a server named Server1 that runs Windows Server 2019. Server1 is a container host.

You are creating a Dockerfile to build a container image.

You need to add a file named File1.txt from Server1 to a folder named C:\Folder1 in the container image.

Solution: You add the following line to the Dockerfile.

XCOPY File1.txt C:\Folder1\

You then build the container image.

Does this meet the goal?

A.

Yes

B.

No

Full Access
Question # 10

You have a virtual network named VNet1 as shown in the exhibit.

No devices are connected to VNet1.

You plan to peer VNet1 to another virtual network named Vnet2 in the same region. VNet2 has an address space of 10.2.0.0/16.

You need to create the peering.

What should you do first?

A.

Modify the address space of VNet1.

B.

Configure a service endpoint on VNet2

C.

Add a gateway subnet to VNet1.

D.

Create a subnet on VNet1 and VNet2.

Full Access
Question # 11

You have an Azure Storage account named storage! that is accessed by several applications.

An administrator manually rotates me access keys for storage1.

After the rotation the applications fail to access the storage account

A developer manually modifies the applications to resolve the issue.

You need to implement a solution to rotate the access keys automatically. The solution must minimize the need to update the applications once the solution is implemented.

What should you include in the solution?

A.

Azure Key Vault

B.

an Azure Dewed State Configuration (DSC) extension

C.

Azure Logic Apps

D.

an Azure AD enterprise application

Full Access
Question # 12

You migrate WebApp1 to Azure.

You need to implement a traffic filtering solution for WebApp1. The solution must meet the security requirements.

What should you do?

A.

Configure the Threat intelligence settings for FW1.

B.

Deploy an Azure Application Gateway to VNet1.

C.

Deploy Azure Bastion to VNet1

D.

Configure an inbound rule on FW1.

Full Access
Question # 13

You create and publish the BP1 blueprint.

You need to ensure that you can use BP1 to configure permissions for RG1. The solution must meet the authentication and authorization requirements.

What should you do?

A.

Add a read-only resource lock to Sub1.

B.

Assign an Azure role-based access control (Azure RBAC) role to Sub1.

C.

Assign an Azure role-based access control (Azure RBAC) role to BP1.

D.

Select the Read Only blueprint lock mode for the BP1 assignment.

Full Access
Question # 14

You need to recommend a solution to provide KV1 with access to the on-premises network of Litware. The solution must meet the security requirements.

What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 15

You plan to migrate WebApp1 to Azure.

You need to implement the AKS cluster that will host WebApp1. The solution must meet the deployment requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 16

You migrate WebApp1 to Azure.

You need to configure the AKS cluster to enable WebApp1 to access KV1. The solution must meet the authentication and authorization requirements.

What should you do?

A.

Configure Azure role-based access control (Azure R8AQ for Kubernetes Authorization.

B.

Configure a pod-managed identity.

C.

Implement pod security policies.

D.

Implement the Secrets Store CSl Driver.

Full Access
Question # 17

You need to ensure that you can implement Azure AD Seamless SSO for Fabrikam. The solution must meet the following requirements:

  • Support the planned changes.
  • Meet the authentication and authorization requirements.

What should you do?

A.

Create a new Azure AD tenant named fabrikam.com

B.

From the Fabrikam forest, configure an additional UPN suffix of Litware.com.

C.

From the Fabrikam forest, configure all users to have a UPN suffix ofLitware.com.

D.

From the Litware.com tenant, add a custom domain named fabrikam com.

Full Access
Question # 18

You need to ensure that the virtual machine disks are encrypted. The solution must meet the security requirements.

Which three actions should you perform in Sub1 in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Full Access
Question # 19

You need to ensure that the NoSQL data is encrypted. The solution must meet the security requirements.

What should you do first?

A.

Upgrade storage2 to StorageV2 (general purpose v2).

B.

Create a new general-purpose v2 storage account.

C.

Create a new Azure Blob storage account.

D.

Modify the Encryption settings of storage2.

Full Access
Question # 20

You need to configure Azure AD Seamless SSO for Fabrikam. The solution must meet the authentication and authorization requirements.

What should you install first?

A.

the Azure AD Connect provisioning agent on SERVER1

B.

the Azure AD Connect provisioning agent on DC1

C.

Azure AD Connect in staging mode on SERVER1

D.

an Azure AD Connect primary server on SERVER1

Full Access
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 27 Oct 2021