AZ-300 Practice Exam Free – 50 Questions to Simulate the Real Exam
Are you getting ready for the AZ-300 certification? Take your preparation to the next level with our AZ-300 Practice Exam Free – a carefully designed set of 50 realistic exam-style questions to help you evaluate your knowledge and boost your confidence.
Using a AZ-300 practice exam free is one of the best ways to:
Experience the format and difficulty of the real exam
Identify your strengths and focus on weak areas
Improve your test-taking speed and accuracy
Below, you will find 50 realistic AZ-300 practice exam free questions covering key exam topics. Each question reflects the structure and challenge of the actual exam.
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant that contains a group named Group1.
You need to enable multi-factor authentication (MFA) for the users in Group1 only.
Solution: From Multi-Factor Authentication, you select Bulk update, and you provide a CSV file that contains the members of Group1.
Does this meet the goal?
A. Yes
B. No
Suggested Answer: B
We should use a Conditional Access policy.
Note: There are two ways to secure user sign-in events by requiring multi-factor authentication in Azure AD. The first, and preferred, option is to set up a
Conditional Access policy that requires multi-factor authentication under certain conditions. The second option is to enable each user for Azure Multi-Factor
Authentication. When users are enabled individually, they perform multi-factor authentication each time they sign in (with some exceptions, such as when they sign in from trusted IP addresses or when the remembered devices feature is turned on).
Enabling Azure Multi-Factor Authentication using Conditional Access policies is the recommended approach. Changing user states is no longer recommended unless your licenses don’t include Conditional Access as it requires users to perform MFA every time they sign in.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates
DRAG DROP -
You have an on-premises network that you plan to connect to Azure by using a site-to-site VPN.
In Azure, you have an Azure virtual network named VNet1 that uses an address space of 10.0.0.0/16. VNet1 contains a subnet named Subnet1 that uses an address space of 10.0.0.0/24.
You need to create a site-to-site VPN to Azure.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.
Select and Place:
You have a virtual network named VNet1 as shown in the exhibit. (Click the Exhibit tab.)
No devices are connected to VNet1.
You plan to peer VNet1 to another virtual network named VNet2 in the same region. VNet2 has an address space of 10.2.0.0/16.
You need to create the peering.
What should you do first?
HOTSPOT -
You have an Azure subscription named Subscription1. Subscription1 contains the resources in the following table:
VNet1 is in RG1. VNet2 is in RG2. There is no connectivity between VNet1 and VNet2. An administrator named Admin1 creates an Azure virtual machine VM1 in
RG1. VM1 uses a disk named Disk1 and connects to VNet1. Admin1 then installs a custom application in VM1.
You need to move the custom application to VNet2. The solution must minimize administrative effort.
Which two actions should you perform? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.
You need to meet the vendor notification requirement.
Solution: Update the Delivery API to send emails by using a Microsoft Office 365 SMTP server.
Does the solution meet the goal?
You have an Azure subscription that contains the resources in the following table.
Store1 contains a file share named Data. Data contains 5,000 files.
You need to synchronize the files in Data to an on-premises server named Server1.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Download an automation script
B. Create a sync group
C. Install the Azure File Sync agent on Server1
D. Create a container instance
E. Register Server1
Suggested Answer: BCE
Step 1 (C): Install the Azure File Sync agent on Server1
The Azure File Sync agent is a downloadable package that enables Windows Server to be synced with an Azure file share
Step 2 (E): Register Server1.
Register Windows Server with Storage Sync Service
Registering your Windows Server with a Storage Sync Service establishes a trust relationship between your server (or cluster) and the Storage Sync Service.
Step 3 (B): Create a sync group and a cloud endpoint.
A sync group defines the sync topology for a set of files. Endpoints within a sync group are kept in sync with each other. A sync group must contain one cloud endpoint, which represents an Azure file share and one or more server endpoints. A server endpoint represents a path on registered server.
References: https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deployment-guide
Your company has an Azure subscription.
You enable multi-factor authentication (MFA) for all users.
The company's help desk reports an increase in calls from users who receive MFA requests while they work from the company's main office.
You need to prevent the users from receiving MFA requests when they sign in from the main office.
What should you do?
A. From Azure Active Directory (Azure AD), configure organizational relationships.
B. From the MFA service settings, create a trusted IP range.
C. From Conditional access in Azure Active Directory (Azure AD), create a custom control.
D. From Conditional access in Azure Active Directory (Azure AD), create a named location.
Suggested Answer: B
The first thing you may want to do, before enabling Multi-Factor Authentication for any users, is to consider configuring some of the available settings. One of the most important features is a trusted IPs list. This will allow you to whitelist a range of IPs for your network. This way, when users are in the office, they will not get prompted with MFA, and when they take their devices elsewhere, they will. Here’s how to do it:
Log in to your Azure Portal.
Navigate to Azure AD > Conditional Access > Named locations.
From the top toolbar select Configure MFA trusted IPs.
References: https://www.kraftkennedy.com/implementing-azure-multi-factor-authentication/
SIMULATION -
Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.
When you are finished performing all the tasks, click the "ËœNext' button.
Note that you cannot return to the lab once you click the "ËœNext' button. Scoring occur in the background while you complete the rest of the exam.
Overview -
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab -
You may start the lab by clicking the Next button.
Your company plans to store several documents on a public website.
You need to create a container named bios that will host the documents in the storagelod8322489 storage account. The solution must ensure anonymous access and must ensure that users can browse folders in the container.
What should you do from the Azure portal?
Suggested Answer: See explanation below.
Azure portal create public container
To create a container in the Azure portal, follow these steps:
Step 1: Navigate to your new storage account in the Azure portal.
Step 2: In the left menu for the storage account, scroll to the lob service section, then select Blobs.
Select the + Container button.
Type a name for your new container: bios
Set the level of public access to the container: Select anonymous access.
Step 3: Select OK to create the container.
References: alt=”Reference Image” />
Step 3: Select OK to create the container.
References: https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal
You have an Azure subscription that contains the resources shown in the following table.
Subnet1 is on VNET1. VM1 connects to Subnet1.
You plan to create a virtual network gateway on VNET1.
You need to prepare the environment for the planned virtual network gateway.
What are two ways to achieve this goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
You have an Azure Service Bus.
You need to implement a Service Bus queue that guarantees first-in-first-out (FIFO) delivery of messages.
What should you do?
You have an Azure subscription that contains a resource group named RG1. RG1 contains 100 virtual machines.
Your company has three cost centers named Manufacturing, Sales, and Finance.
You need to associate each virtual machine to a specific cost center.
What should you do?
A. Add an extension to the virtual machines
B. Modify the inventory settings of the virtual machine
SIMULATION -
Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.
When you are finished performing all the tasks, click the "ËœNext' button.
Note that you cannot return to the lab once you click the "ËœNext' button. Scoring occur in the background while you complete the rest of the exam.
Overview -
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab -
You may start the lab by clicking the Next button.
You need to deploy two Azure virtual machines named VM1003a and VM1003b based on an Ubuntu Server image. The deployment must meet the following requirements:
- Provide a Service Level Agreement (SLA) of 99.95 percent availability
- Use managed disks
What should you do from the Azure portal?
Suggested Answer: See solution below.
Step 1: Open the Azure portal.
Step 2: On the left menu, select All resources. You can sort the resources by Type to easily find your images.
Step 3: Select the image you want to use from the list. The image Overview page opens.
Step 4: Select Create VM from the menu.
Step 5: Enter the virtual machine information. Select VM1003a as the name for the first Virtual machine.The user name and password entered here will be used to log in to the virtual machine. When complete, select OK. You can create the new VM in an existing resource group, or choose Create new to create a new resource group to store the VM.
Step 6: Select a size for the VM. To see more sizes, select View all or change the Supported disk type filter.
Step 7: Under Settings, make changes as necessary and select OK.
Step 8: On the summary page, you should see your image name listed as a Private image. Select Ok to start the virtual machine deployment.
Repeat the procedure for the second VM and name it VM1003b.
References: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/create-vm-generalized-managed
– AG2 must load balance incoming traffic in the following manner:
– http://www.adatum.com will be load balanced across Pool21.
– http://fabrikam.com will be load balanced across Pool22.
You need to configure an Azure Application Gateway with multi-site listeners to direct different URLs to different pools.
References:http://www.adatum.com
will be load balanced across Pool21.
– http://fabrikam.com
will be load balanced across Pool22.
You need to configure an Azure Application Gateway with multi-site listeners to direct different URLs to different pools.
References: https://docs.microsoft.com/en-us/azure/application-gateway/multiple-site-overview
HOTSPOT -
You create a virtual machine scale set named Scale1. Scale1 is configured as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are planning to create a virtual network that has a scale set that contains six virtual machines (VMs).
A monitoring solution on a different network will need access to the VMs inside the scale set.
You need to define public access to the VMs.
Solution: Design a scale set to automatically assign public IP addresses to all VMs.
Does the solution meet the goal?
You have an Azure virtual machine named VM1 that you use for testing. VM1 is protected by Azure Backup.
You delete VM1.
You need to remove the backup data stored for VM1.
What should you do first?
A. Delete the storage account
B. Stop the backup
C. Modify the backup policy
D. Delete the Recovery Services vault
Suggested Answer: C
Azure Backup provides backup for virtual machines “” created through both the classic deployment model and the Azure Resource Manager deployment model “” by using custom-defined backup policies in a Recovery Services vault.
With the release of backup policy management, customers can manage backup policies and model them to meet their changing requirements from a single window. Customers can edit a policy, associate more virtual machines to a policy, and delete unnecessary policies to meet their compliance requirements.
Incorrect Answers:
D: You can’t delete a Recovery Services vault if it is registered to a server and holds backup data. If you try to delete a vault, but can’t, the vault is still configured to receive backup data.
References: https://azure.microsoft.com/en-in/updates/azure-vm-backup-policy-management/
You are the global administrator for an Azure Active Directory (Azure AD) tenant named adatum.com.
You need to enable two-step verification for Azure users.
What should you do?
A. Create an Azure AD conditional access policy.
B. Configure a playbook in Azure Security Center.
C. Enable Azure AD Privileged Identity Management.
Your company is developing an e-commerce Azure App Service Web App to support hundreds of restaurant locations around the world.
You are designing the messaging solution architecture to support the e-commerce transactions and messages. The solution will include the following features:
You need to design a solution for the Inventory Distribution feature.
A. Azure Service Bus
B. Azure Relay
C. Azure Event Grid
D. Azure Event Hub
Suggested Answer: A
Microsoft Azure Service Bus is a fully managed enterprise integration message broker. Service Bus is most commonly used to decouple applications and services from each other, and is a reliable and secure platform for asynchronous data and state transfer.
One common messaging scenario is Messaging: transfer business data, such as sales or purchase orders, journals, or inventory movements.
Incorrect Answers:
B: The Azure Relay service enables you to securely expose services that run in your corporate network to the public cloud.
References: https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-messaging-overview
You manage a solution in Azure that consists of a single application which runs on a virtual machine (VM). Traffic to the application has increased dramatically.
The application must not experience any downtime and scaling must be dynamically defined.
You need to define an auto-scale strategy to ensure that the VM can handle the workload.
Which three options should you recommend? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. Deploy application automatic vertical scaling.
B. Create a VM availability set.
C. Create a VM scale set.
D. Deploy application automatic horizontal scaling.
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates.
You need to view the date and time when the resources were created in RG1.
Solution: From the RG1 blade, you click Deployments.
Does this meet the goal?
HOTSPOT -
You have an Azure Storage accounts as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
A company is migrating an existing on-premises third-party website to Azure. The website is stateless.
The company does not have access to the source code for the website. They have the original installer.
The number of visitors at the website varies throughout the year. The on-premises infrastructure was resized to accommodate peaks but the extra capacity was not used.
You need to implement a virtual machine scale set instance.
What should you do -
A. Use a webhook to log autoscale failures.
B. Use an autoscale setting to scale instances vertically.
C. Use only default diagnostics metrics to trigger autoscaling
D. Use an autoscale setting to define more profiles that have one or more autoscale rules.
Suggested Answer: C
In-guest VM metrics with the Azure diagnostics extension
The Azure diagnostics extension is an agent that runs inside a VM instance. The agent monitors and saves performance metrics to Azure storage. These performance metrics contain more detailed information about the status of the VM, such as AverageReadTime for disks or PercentIdleTime for CPU. You can create autoscale rules based on a more detailed awareness of the VM performance, not just the percentage of CPU usage or memory consumption.
Reference: https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-autoscale-overview
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant that contains a group named Group1.
You need to enable multi-factor authentication (MFA) for the users in Group1 only.
Solution: From the Azure portal, you configure an authentication method policy.
Does this meet the goal?
A. Yes
B. No
Suggested Answer: B
We should use a Conditional Access policy.
Note: There are two ways to secure user sign-in events by requiring multi-factor authentication in Azure AD. The first, and preferred, option is to set up a
Conditional Access policy that requires multi-factor authentication under certain conditions. The second option is to enable each user for Azure Multi-Factor
Authentication. When users are enabled individually, they perform multi-factor authentication each time they sign in (with some exceptions, such as when they sign in from trusted IP addresses or when the remembered devices feature is turned on).
Enabling Azure Multi-Factor Authentication using Conditional Access policies is the recommended approach. Changing user states is no longer recommended unless your licenses don’t include Conditional Access as it requires users to perform MFA every time they sign in.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates
A company hosts virtual machines (VMs) in an on-premises datacenter and in Azure. The on-premises and Azure-based VMs communicate using ExpressRoute.
The company wants to be able to continue regular operations if the ExpressRoute connection fails. Failover connections must use the Internet and must not require Multiprotocol Label Switching (MPLS) support.
You need to recommend a solution that provides continued operations.
What should you recommend?
A. Set up a second ExpressRoute connection.
B. Increase the bandwidth of the existing ExpressRoute connection.
C. Increase the bandwidth for the on-premises internet connection.
DRAG DROP -
You develop a web app that uses the tier D1 app service plan by using the Web Apps feature of Microsoft Azure App Service.
Spikes in traffic have caused increases in page load times.
You need to ensure that the web app automatically scales when CPU load is about 85 percent and minimize costs.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.
Select and Place:
HOTSPOT -
Your organization has developed and deployed several Azure App Service Web and API applications. The applications use Azure SQL Database to store and retrieve data. Several departments have the following requests to support the applications:
You need to recommend the appropriate Azure service for each department request.
What should you recommend? To answer, configure the appropriate options in the dialog box in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
HOTSPOT -
You have an Azure Active Directory (Azure AD) tenant.
You need to create a conditional access policy that requires all users to use multi-factor authentication when they access the Azure portal.
Which three settings should you configure? To answer, select the appropriate settings to the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
You have a web app named WebApp1 that uses an Azure App Service plan named Plan1. Plan1 uses the D1 pricing tier and has an instance count of 1.
You need to ensure that all connections to WebApp1 use HTTPS.
What should you do first?
A. Scale up Plan1.
B. Modify the connection strings for WebApp1.
C. Scale out Plan1.
D. Disable anonymous access to WebApp1.
Suggested Answer: A
The D1 (Shared) pricing tier does not support HTTPS.
You have an Azure SQL database named Db1 that runs on an Azure SQL server named SQLserver1.
You need to ensure that you can use the query editor on the Azure portal to query Db1.
What should you do?
A. Modify the Advanced Data Security settings of Db1
B. Configure the Firewalls and virtual networks settings for SQLserver1
C. Copy the ADO.NET connection string of Db1 and paste the string to the query editor
D. Approve private endpoint connections for SQLserver1
You have an Azure Active Directory (Azure AD) tenant.
You have an existing Azure AD conditional access policy named Policy1. Policy1 enforces the use of Azure AD-joined devices when members of the Global
Administrators group authenticate to Azure AD from untrusted locations.
You need to ensure that members of the Global Administrators group will also be forced to use multi-factor authentication when authenticating from untrusted locations.
What should you do?
A. From the Azure portal, modify session control of Policy1.
B. From multi-factor authentication page, modify the user settings.
C. From multi-factor authentication page, modify the service settings.
D. From the Azure portal, modify grant control of Policy1.
You have an Azure web app named App1 that is configured to run between two and five instances. There are currently three instances of App1 running.
App1 has the following autoscale rules:
✑ Increase the instance count by one when the CPU percentage is greater or equal to 80.
✑ Decrease the instance count by one when the CPU percentage is less than or equal to 60.
You are evaluating the following CPU percentage of utilization for App1:
✑ 60%
✑ 55%
✑ 50%
✑ 45%
You need to identify which utilizations will cause App1 to scale in.
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named
Developers. Subscription1 contains a resource group named Dev.
You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.
Solution: On Subscription1, you assign the DevTest Labs User role to the Developers group.
Does this meet the goal?
Which blade should you instruct the finance department auditors to use?
A. Partner information
B. Cost analysis
C. Resource providers
D. Invoices
Suggested Answer: D
You can opt in and configure additional recipients to receive your Azure invoice in an email. This feature may not be available for certain subscriptions such as support offers, Enterprise Agreements, or Azure in Open.
1. Select your subscription from the Subscriptions page. Opt-in for each subscription you own. Click Invoices then Email my invoice.
2. Click Opt in and accept the terms.
Scenario: During the testing phase, auditors in the finance department must be able to review all Azure costs from the past week.
References: alt=”Reference Image” />
2. Click Opt in and accept the terms.
Scenario: During the testing phase, auditors in the finance department must be able to review all Azure costs from the past week.
References: https://docs.microsoft.com/en-us/azure/billing/billing-download-azure-invoice-daily-usage-date
SIMULATION -
Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.
When you are finished performing all the tasks, click the "ËœNext' button.
Note that you cannot return to the lab once you click the "ËœNext' button. Scoring occur in the background while you complete the rest of the exam.
Overview -
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab -
You may start the lab by clicking the Next button.
You plan to store media files in the rg1lod8322490 storage account.
You need to configure the storage account to store the media files. The solution must ensure that only users who have access keys can download the media files and that the files are accessible only over HTTPS.
What should you do from the Azure portal?
Suggested Answer: See solution below.
We should create an Azure file share.
Step 1: In the Azure portal, select All services. In the list of resources, type Storage Accounts. As you begin typing, the list filters based on your input. Select
Storage Accounts.
On the Storage Accounts window that appears.
Step 2: Locate the rg1lod8322490 storage account.
Step 3: On the storage account page, in the Services section, select Files.
Step 4: On the menu at the top of the File service page, click + File share. The New file share page drops down.
Step 5: In Name type myshare. Click OK to create the Azure file share.
References: alt=”Reference Image” />
Step 4: On the menu at the top of the File service page, click + File share. The New file share page drops down.
Step 5: In Name type myshare. Click OK to create the Azure file share.
References: https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-portal
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.
You need to meet the vendor notification requirement.
Solution: Configure notifications in the Azure API Management instance.
Does the solution meet the goal?
You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named VNet1.
You need to ensure that you can configure a point-to-site connection from VNet1 to an on-premises computer.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
HOTSPOT -
You have several Azure virtual machines on a virtual network named VNet1.
You configure an Azure Storage account as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
You are developing an app that references data which is sharded across multiple Azure SQL databases.
The app must guarantee transactional consistency for changes across several different sharding key values.
You need to manage the transactions.
What should you implement?
A. Elastic database transactions with horizontal partitioning.
B. Distributed transactions coordinated by Microsoft Distributed Transaction Coordinator (MSDTC).
C. Server-coordinated transactions from .NET application.
D. Elastic database transactions with vertical partitioning.
SIMULATION -
Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.
When you are finished performing all the tasks, click the "ËœNext' button.
Note that you cannot return to the lab once you click the "ËœNext' button. Scoring occur in the background while you complete the rest of the exam.
Overview -
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab -
You may start the lab by clicking the Next button.
You need to add a deployment slot named staging to an Azure web app named
corplod@lab.LabInstance.Idn4
. The solution must meet the following requirements:
- When new code is deployed to staging, the code must be swapped automatically to the production slot.
- Azure-related costs must be minimized.
What should you do from the Azure portal?
Suggested Answer: See explanation below.
Step 1:
Locate and open the
corplod@lab.LabInstance.Idn4
web app.
1. In the Azure portal, on the left navigation panel, click Azure Active Directory.
2. In the Azure Active Directory blade, click Enterprise applications.
Step 2:
Open your app’s resource blade and Choose the Deployment slots option, then click Add Slot.
Step 3:
In the Add a slot blade, give the slot a name, and select whether to clone app configuration from another existing deployment slot. Click the check mark to continue.
The first time you add a slot, you only have two choices: clone configuration from the default slot in production or not at all.
References: alt=”Reference Image” />
Step 3:
In the Add a slot blade, give the slot a name, and select whether to clone app configuration from another existing deployment slot. Click the check mark to continue.
The first time you add a slot, you only have two choices: clone configuration from the default slot in production or not at all.
References: https://docs.microsoft.com/en-us/azure/app-service/web-sites-staged-publishing
You have a Recovery Service vault that you use to test backups. The test backups contain two protected virtual machines.
You need to delete the Recovery Services vault.
What should you do first?
A. From the Recovery Service vault, delete the backup data
B. Modify the disaster recovery properties of each virtual machines
C. Modify the locks of each virtual machine
D. From the Recovery Service vault, stop the backup of each backup item
Suggested Answer: D
You can’t delete a Recovery Services vault if it is registered to a server and holds backup data. If you try to delete a vault, but can’t, the vault is still configured to receive backup data.
Remove vault dependencies and delete vault
In the vault dashboard menu, scroll down to the Protected Items section, and click Backup Items. In this menu, you can stop and delete Azure File Servers, SQL
Servers in Azure VM, and Azure virtual machines.
References: alt=”Reference Image” />
References: https://docs.microsoft.com/en-us/azure/backup/backup-azure-delete-vault
SIMULATION -
Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.
When you are finished performing all the tasks, click the "ËœNext' button.
Note that you cannot return to the lab once you click the "ËœNext' button. Scoring occur in the background while you complete the rest of the exam.
Overview -
The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
To start the lab -
You may start the lab by clicking the Next button.
You plan to grant the members of a new Azure AD group named corp8548987 the rights to delegate administrative access to any resource in the resource group named corp8548987.
You need to create the Azure AD group, and then to assign the correct role to the group. The solution must use the principle of least privilege and minimize the number of role assignments.
What should you do from the Azure portal?
Suggested Answer: See explanation below.
Step 1:
Click Resource groups from the menu of services to access the Resource Groups blade
Step 2:
Click Add (+) to create a new resource group. The Create Resource Group blade appears. Enter corp8548987 as the Resource group name, and click the Create button.
Step 3:
Select Create.
Your group is created and ready for you to add members.
Now we need to assign a role to this resource group scope.
Step 4:
Choose the newly created Resource group, and Access control (IAM) to see the current list of role assignments at the resource group scope. Click +Add to open the Add permissions pane.
Step 5:
In the Role drop-down list, select a role Delegate administration, and select Assign access to: resource group corp8548987
References: alt=”Reference Image” />
Step 2:
Click Add (+) to create a new resource group. The Create Resource Group blade appears. Enter corp8548987 as the Resource group name, and click the Create button.
Step 3:
Select Create.
Your group is created and ready for you to add members.
Now we need to assign a role to this resource group scope.
Step 4:
Choose the newly created Resource group, and Access control (IAM) to see the current list of role assignments at the resource group scope. Click +Add to open the Add permissions pane.
Step 5:
In the Role drop-down list, select a role Delegate administration, and select Assign access to: resource group corp8548987
<img src=”https://www.examtopics.com/assets/media/exam-media/02758/0043600002.png” alt=”Reference Image” />
References: https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal https://www.juniper.net/documentation/en_US/vsrx/topics/task/multi-task/security-vsrx-azure-marketplace-resource-group.html
Which pricing tier should you recommend for WebApp1?
A. D1
B. P1v2
C. S1
D. B1
Suggested Answer: C
Standard supports up to 10 instances, and would be enough as the Standard plan includes auto scale that can automatically adjust the number of virtual machine instances running to match your traffic needs.
Scenario: Ensure that WebApp1 can adjust the number of instances automatically based on the load and can scale up to five instances
Incorrect Answers:
D: Basic supports only up to 3 instances.
References: https://azure.microsoft.com/en-us/pricing/details/app-service/windows/
You have an Azure Kubernetes Service (AKS) cluster named Clus1 in a resource group named RG1.
An administrator plans to manage Clus1 from an Azure AD-joined device.
You need to ensure that the administrator can deploy the YAML application manifest file for a container application.
You install the Azure CLI on the device.
Which command should you run next?
A. kubectl get nodes
B. az aks install-cli
C. kubectl apply “”f appl.yaml
D. az aks get-credentials –resource-group RG1 –name Clus1
Suggested Answer: C
kubectl apply “”f appl.yaml applies a configuration change to a resource from a file or stdin.
Incorrect Answers:
A: kubectl get nodes gets a list of all nodes.
B: az aks install-cli download and install the Kubernetes command-line tool.
D: az aks get-credentials gets access credentials for a managed Kubernetes cluster
References: https://kubernetes.io/docs/reference/kubectl/overview/
DRAG DROP -
You are developing Azure WebJobs.
You need to recommend a WebJob type for each scenario.
Which WebJob type should you recommend? To answer, drag the appropriate WebJob types to the correct scenarios. Each WebJob type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates.
You need to view the date and time when the resources were created in RG1.
Solution: From the RG1 blade, you click Automation script.
Does this meet the goal?
You download an Azure Resource Manager template based on an existing virtual machine. The template will be used to deploy 100 virtual machines.
You need to modify the template to reference an administrative password. You must prevent the password from being stored in plain text.
What should you create to store the password?
A. an Azure Key Vault and an access policy.
B. an Azure Storage account and an access policy.
C. Azure Active Directory (AD) Identity Protection and an Azure policy.
You create a social media application that users can use to upload images and other content.
Users report that adult content is being posted in an area of the site that is accessible to and intended for young children.
You need to automatically detect and flag potentially offensive content. The solution must not require any custom coding other than code to scan and evaluate images.
What should you implement?
A. Bing Visual Search
B. Bing Image Search
C. Custom Vision Search
D. Computer Vision API
Suggested Answer: D
Free Access Full AZ-300 Practice Exam Free
Looking for additional practice? Click here to access a full set of AZ-300 practice exam free questions and continue building your skills across all exam domains.
Our question sets are updated regularly to ensure they stay aligned with the latest exam objectives—so be sure to visit often!
No devices are connected to VNet1. You plan to peer VNet1 to another virtual network named VNet2 in the same region. VNet2 has an address space of 10.2.0.0/16. You need to create the peering. What should you do first?
VNet1 is in RG1. VNet2 is in RG2. There is no connectivity between VNet1 and VNet2. An administrator named Admin1 creates an Azure virtual machine VM1 in RG1. VM1 uses a disk named Disk1 and connects to VNet1. Admin1 then installs a custom application in VM1. You need to move the custom application to VNet2. The solution must minimize administrative effort. Which two actions should you perform? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Hot Area:
Store1 contains a file share named Data. Data contains 5,000 files. You need to synchronize the files in Data to an on-premises server named Server1. Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
When you are finished performing all the tasks, click the "ËœNext' button. Note that you cannot return to the lab once you click the "ËœNext' button. Scoring occur in the background while you complete the rest of the exam. Overview - The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task. Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided. Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab. To start the lab - You may start the lab by clicking the Next button. Your company plans to store several documents on a public website. You need to create a container named bios that will host the documents in the storagelod8322489 storage account. The solution must ensure anonymous access and must ensure that users can browse folders in the container. What should you do from the Azure portal?
Subnet1 is on VNET1. VM1 connects to Subnet1. You plan to create a virtual network gateway on VNET1. You need to prepare the environment for the planned virtual network gateway. What are two ways to achieve this goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
When you are finished performing all the tasks, click the "ËœNext' button. Note that you cannot return to the lab once you click the "ËœNext' button. Scoring occur in the background while you complete the rest of the exam. Overview - The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task. Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided. Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab. To start the lab - You may start the lab by clicking the Next button. You need to deploy two Azure virtual machines named VM1003a and VM1003b based on an Ubuntu Server image. The deployment must meet the following requirements: - Provide a Service Level Agreement (SLA) of 99.95 percent availability - Use managed disks What should you do from the Azure portal?
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. Hot Area:
You need to design a solution for the Inventory Distribution feature.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. Hot Area:
You need to recommend the appropriate Azure service for each department request. What should you recommend? To answer, configure the appropriate options in the dialog box in the answer area. NOTE: Each correct selection is worth one point. Hot Area:
When you are finished performing all the tasks, click the "ËœNext' button. Note that you cannot return to the lab once you click the "ËœNext' button. Scoring occur in the background while you complete the rest of the exam. Overview - The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task. Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided. Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab. To start the lab - You may start the lab by clicking the Next button. You plan to store media files in the rg1lod8322490 storage account. You need to configure the storage account to store the media files. The solution must ensure that only users who have access keys can download the media files and that the files are accessible only over HTTPS. What should you do from the Azure portal?
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. Hot Area:
When you are finished performing all the tasks, click the "ËœNext' button. Note that you cannot return to the lab once you click the "ËœNext' button. Scoring occur in the background while you complete the rest of the exam. Overview - The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task. Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided. Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab. To start the lab - You may start the lab by clicking the Next button. You need to add a deployment slot named staging to an Azure web app named corplod@lab.LabInstance.Idn4 . The solution must meet the following requirements: - When new code is deployed to staging, the code must be swapped automatically to the production slot. - Azure-related costs must be minimized. What should you do from the Azure portal?
When you are finished performing all the tasks, click the "ËœNext' button. Note that you cannot return to the lab once you click the "ËœNext' button. Scoring occur in the background while you complete the rest of the exam. Overview - The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task. Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided. Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab. To start the lab - You may start the lab by clicking the Next button. You plan to grant the members of a new Azure AD group named corp8548987 the rights to delegate administrative access to any resource in the resource group named corp8548987. You need to create the Azure AD group, and then to assign the correct role to the group. The solution must use the principle of least privilege and minimize the number of role assignments. What should you do from the Azure portal?
