AZ-303 Exam Prep Free – 50 Practice Questions to Get You Ready for Exam Day
Getting ready for the AZ-303 certification? Our AZ-303 Exam Prep Free resource includes 50 exam-style questions designed to help you practice effectively and feel confident on test day
Effective AZ-303 exam prep free is the key to success. With our free practice questions, you can:
- Get familiar with exam format and question style
- Identify which topics you’ve mastered—and which need more review
- Boost your confidence and reduce exam anxiety
Below, you will find 50 realistic AZ-303 Exam Prep Free questions that cover key exam topics. These questions are designed to reflect the structure and challenge level of the actual exam, making them perfect for your study routine.
HOTSPOT - You plan to implement an access review to meet the following requirements: ✑ The access review must be enforced until otherwise configured. ✑ Each user or group that has access to the Azure environment must be in the scope of the access review. ✑ The access review must be completed within two weeks. ✑ A lack of response must not cause changes in the operational environment. An administrator creates the access review shown in the answer area. Which two sections of the access review should you modify to meet the requirements? To answer, select the appropriate sections in the answer area. NOTE: Each correct selection is worth one point. Hot Area:
You have an Azure subscription that contains the web apps shown in the following table.For which web app can you configure a WebJob?
A. WebApp1
B. WebApp4
C. WebApp2
D. WebApp3
You set the multi-factor authentication status for a user named admin1@contoso.com to Enabled. Admin1 accesses the Azure portal by using a web browser. Which additional security verifications can Admin1 use when accessing the Azure portal?
A. a phone call, an email message that contains a verification code, and a text message that contains an app password.
B. an app password, a text message that contains a verification code, and a verification code sent from the Microsoft Authenticator app.
C. an app password, a text message that contains a verification code, and a notification sent from the Microsoft Authenticator app.
D. a phone call, a text message that contains a verification code, and a notification or a verification code sent from the Microsoft Authenticator app.
You have an Azure subscription that contains 10 virtual machines on a virtual network. You need to create a graph visualization to display the traffic flow between the virtual machines. What should you do from Azure Monitor?
A. From Activity log, use quick insights.
B. From Metrics, create a chart.
C. From Logs, create a new query.
D. From Workbooks, create a workbook.
You have an Azure Cosmos DB account named Account1. Account1 includes a database named DB1 that contains a container named Container1. The partition key for Container1 is set to /city. You plan to change the partition key for Container1. What should you do first?
A. Delete Container1.
B. Create a new container in DB1.
C. Implement the Azure Cosmos DB.NET.SDK.
D. Regenerate the keys for Account1.
HOTSPOT - Your company hosts multiple websites by using Azure virtual machine scale sets (VMSS) that run Internet Information Server (IIS). All network communications must be secured by using end to end Secure Socket Layer (SSL) encryption. User sessions must be routed to the same server by using cookie-based session affinity. The image shown depicts the network traffic flow for the websites to the VMSS.Use the drop-down menus to select the answer choice that answers each question. NOTE: Each correct selection is worth one point. Hot Area:
HOTSPOT - Your network contains an on-premises Active Directory domain named contoso.com that contains a user named User1. The domain syncs to Azure Active Directory (Azure AD). You have the Windows 10 devices shown in the following table.The User Sign-In settings are configured as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:
You have a virtual network named VNet1 as shown in the exhibit. (Click the Exhibit tab.)No devices are connected to VNet1. You plan to peer VNet1 to another virtual network named VNet2 in the same region. VNet2 has an address space of 10.2.0.0/16. You need to create the peering. What should you do first?
A. Add a gateway subnet to VNet1.
B. Create a subnet on VNet1 and VNet2
C. Modify the address space of VNet1
D. Configure a service endpoint on VNet2
You plan to automate the deployment of a virtual machine scale set that uses the Windows Server 2016 Datacenter image. You need to ensure that when the scale set virtual machines are provisioned, they have web server components installed. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Upload a configuration script.
B. Create an automation account.
C. Create a new virtual machine scale set in the Azure portal.
D. Create an Azure policy.
E. Modify the extensionProfile section of the Azure Resource Manager template.
HOTSPOT - You have an Azure subscription that includes an Azure key vault named Vault1. You create the Azure virtual machines shown in the following table.You enable Azure Disk Encryption for all the virtual machines and use the `"VolumeType All parameter. You add data disks to the virtual machines as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:
You need to implement a backup solution for App1 after the application is moved. What should you create first?
A. an Azure Backup Server
B. a Recovery Services vault
C. a recovery plan
D. a backup policy
You need to resolve the licensing issue before you attempt to assign the license again. What should you do?
A. From the Directory role blade, modify the directory role
B. From the Groups blade, invite the user accounts to a new group
C. From the Profile blade, modify the usage location
You create the following Azure role definition.You need to create Role1 by using the role definition. Which two values should you modify before you create Role1? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. AssignableScopes
B. Description
C. DataActions
D. IsCustom
E. Id
A company hosts virtual machines (VMs) in an on-premises datacenter and in Azure. The on-premises and Azure-based VMs communicate using ExpressRoute. The company wants to be able to continue regular operations if the ExpressRoute connection fails. Failover connections must use the Internet and must not require Multiprotocol Label Switching (MPLS) support. You need to recommend a solution that provides continued operations. What should you recommend?
A. Set up a second ExpressRoute connection.
B. Increase the bandwidth of the existing ExpressRoute connection.
C. Increase the bandwidth for the on-premises internet connection.
D. Set up a VPN connection.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a server named Server1 that runs Windows Server 2019. Server1 is a container host. You are creating a Dockerfile to build a container image. You need to add a file named File1.txt from Server1 to a folder named C:Folder1 in the container image. Solution: You add the following line to the Dockerfile. XCOPY File1.txt C:Folder1 You then build the container image. Does this meet the goal?
A. Yes
B. No
You plan to migrate an on-premises Hyper-V environment to Azure by using Azure Site Recovery. The Hyper-V environment is managed by using Microsoft System Center Virtual Machine Manager (VMM). The Hyper-V environment contains the virtual machines in the following table:Which virtual machine can be migrated by using Azure Site Recovery?
A. FS1
B. CA1
C. DC1
D. SQL1
HOTSPOT - Your network contains an Active Directory domain that is synced to Azure Active Directory (Azure AD) as shown in the following exhibit.You have a user account configured as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:
You create an Azure Kubernetes Service (AKS) cluster that uses B2s node size. The cluster configured as shown in the exhibit. (Click the Exhibit tab.)You deploy a containerized application named App1 to the agentPool node pool in AKScluster1. You need to create a containerized application named App2 that runs on four nodes of size DS3 v2. What should you do first?
A. Upgrade the AKS cluster.
B. Create a new node pool.
C. Modify the autoscaling settings for the agentPool node pool.
D. Enable virtual nodes for the AKS cluster.
HOTSPOT - You have an Azure subscription named Subscription1. In Subscription1, you create an alert rule named Alert1. The Alert1 action group is configured as shown in the following exhibit.Alert1 alert criteria is triggered every minute. Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. Hot Area:
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure subscription. You have an on-premises file server named Server1 that runs Windows Server 2019. You manage Server1 by using Windows Admin Center. You need to ensure that if Server1 fails, you can recover the data from Azure. Solution: From the Azure portal, you create a Recovery Services vault. On VM1, you install the Azure Backup agent and you schedule a backup. Does this meet the goal?
A. Yes
B. No
DRAG DROP - You have an on-premises file server named Server1 that runs Windows Server 2016. You have an Azure subscription that contains an Azure file share. You deploy an Azure File Sync Storage Sync Service, and you create a sync group. You need to synchronize files from Server1 to Azure. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Select and Place:
You have an Azure Service Bus. You need to implement a Service Bus queue that guarantees first-in-first-out (FIFO) delivery of messages. What should you do?
A. Enable partitioning
B. Enable duplicate detection
C. Set the Lock Duration setting to 10 seconds
D. Enable sessions
E. Set the Max Size setting of the queue to 5 GB
You have an Azure Kubernetes Service (AKS) cluster named Clus1 in a resource group named RG1. An administrator plans to manage Clus1 from an Azure AD-joined device. You need to ensure that the administrator can deploy the YAML application manifest file for a container application. You install the Azure CLI on the device. Which command should you run next?
A. kubectl get nodes
B. az aks install-cli
C. kubectl apply ג€”f appl.yaml
D. az aks get-credentials –resource-group RG1 –name Clus1
You have an Azure subscription named Subscription1 that is used by several departments at your company. Subscription1 contains the resources in the following table.Another administrator deploys a virtual machine named VM1 and an Azure Storage account named Storage2 by using a single Azure Resource Manager template. You need to view the template used for the deployment. From the Azure Portal, for which blade can you view the template that was used for the deployment?
A. Container1
B. VM1
C. Storage2
D. RG1
You create a container image named Image1 on a developer workstation. You plan to create an Azure Web App for Containers named WebAppContainer that will use Image1. You need to upload Image1 to Azure. The solution must ensure that WebAppContainer can use Image1. To which storage type should you upload Image1?
A. an Azure Storage account that contains a blob container
B. Azure Container Instances
C. Azure Container Registry
D. an Azure Storage account that contains a file share
You have an Azure subscription. You have an on-premises virtual machine named VM1. The settings for VM1 are shown in the exhibit. (Click the Exhibit tab.)You need to ensure that you can use the disks attached to VM1 as a template for Azure virtual machines. What should you modify on VM1?
A. the memory
B. Integration Services
C. the hard drive
D. the network adapters
E. the processor
HOTSPOT - You have an Azure Active Directory (Azure AD) tenant that contains the user groups shown in the following table.You enable self-service password reset (SSPR) for Group1. You configure the Notifications settings as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You are planning to create a virtual network that has a scale set that contains six virtual machines (VMs). A monitoring solution on a different network will need access to the VMs inside the scale set. You need to define public access to the VMs. Solution: Use Remote Desktop Protocol (RDP) to connect to the VM in the scale set. Does the solution meet the goal?
A. Yes
B. No
You have a web app named WebApp1 that uses an Azure App Service plan named Plan1. Plan1 uses the D1 pricing tier and has an instance count of 1. You need to ensure that all connections to WebApp1 use HTTPS. What should you do first?
A. Scale up Plan1.
B. Modify the connection strings for WebApp1.
C. Scale out Plan1.
D. Disable anonymous access to WebApp1.
You plan to automate the deployment of a virtual machine scale set that uses the Windows Server 2016 Datacenter image. You need to ensure that when the scale set virtual machines are provisioned, they have web server components installed. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Upload a configuration script.
B. Create an Azure policy.
C. Modify the extensionProfile section of the Azure Resource Manager template.
D. Create a new virtual machine scale set in the Azure portal.
E. Create an automation account.
HOTSPOT - Your company has a virtualization environment that contains the virtualization hosts shown in the following table.The virtual machines are configured as shown in the following table.
All the virtual machines use basic disks. VM1 is protected by using BitLocker Drive Encryption (BitLocker). You plan to migrate the virtual machines to Azure by using Azure Site Recovery. You need to identify which virtual machines can be migrated. Which virtual machines should you identify for each server? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Hot Area:
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG1. Solution: From the Subscription blade, you select the subscription, and then click Resource providers. Does this meet the goal?
A. Yes
B. No
You have an Azure subscription. You have 100 Azure virtual machines. You need to quickly identify underutilized virtual machines that can have their service tier changed to a less expensive offering. Which blade should you use?
A. Metrics
B. Customer insights
C. Monitor
D. Advisor
You develop an entertainment application where users can buy and trade virtual real estate. The application must scale to support thousands of users. The current architecture includes five Azure virtual machines (VM) that connect to an Azure SQL Database for account information and Azure Table Storage for backend services. A user interacts with these components in the cloud at any given time. ✑ Routing Service `" Routes a request to the appropriate service and must not persist data across sessions. ✑ Account Service `" Stores and manages all account information and authentication and requires data to persist across sessions ✑ User Service `" Stores and manages all user information and requires data to persist across sessions. ✑ Housing Network Service `" Stores and manages the current real-estate economy and requires data to persist across sessions. ✑ Trade Service `" Stores and manages virtual trade between accounts and requires data to persist across sessions. Due to volatile user traffic, a microservices solution is selected for scale agility. You need to migrate to a distributed microservices solution on Azure Service Fabric. Solution: Create a Service Fabric Cluster with a stateful Reliable Service for each component. Does the solution meet the goal?
A. Yes
B. No
HOTSPOT - You have an Azure subscription named Subscription1 that contains the resources in the following table.A web server runs on VM1 and VM2. When you request a webpage named Page1.htm from the Internet, LB1 balances the web requests to VM1 and VM2., and you receive a response. On LB1, you have a rule named Rule1 as shown in the Rule1 exhibit. (Click the Exhibit tab.)
You have a health probe named Probe1 as shown in the Probe1 exhibit. (Click the Exhibit tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:
You plan to create an Azure Storage account named storage1 that will store blobs and be accessed by Azure Databricks. You need to ensure that you can set permissions for individual blobs by using Azure Active Directory (Azure AD) authentication. Which Advanced setting should you enable for storage1?
A. Large file shares
B. Hierarchical namespace
C. NFS v3
D. Blob soft delete
Note: This question is part of series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You are planning to create a virtual network that has a scale set that contains six virtual machines (VMs). A monitoring solution on a different network will need access to the VMs inside the scale set. You need to define public access to the VMs. Solution: Deploy a standalone VM that has a public IP address to the virtual network. Does the solution meet the goal?
A. Yes
B. No
HOTSPOT - You have peering configured as shown in the following exhibit.Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. Hot Area:
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a server named Server1 that runs Windows Server 2019. Server1 is a container host. You are creating a Dockerfile to build a container image. You need to add a file named File1.txt from Server1 to a folder named C:Folder1 in the container image. Solution: You add the following line to the Dockerfile. ADD File1.txt C:/Folder1/ You then build the container image. Does this meet the goal?
A. Yes
B. No
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure Active Directory (Azure AD) tenant named contoso.com. A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers that the Access reviews settings are unavailable. Admin1 discovers that all the other identity Governance settings are available. Admin1 is assigned the User administrator, Compliance administrator, and Security administrator roles. You need to ensure that Admin1 can create access reviews in contoso.com. Solution: You assign the Global administrator role to Admin1. Does this meet the goal?
A. Yes
B. No
SIMULATION - Click to expand each objective. To connect to the Azure portal, type https://portal.azure.com in the browser address bar.
When you are finished performing all the tasks, click the `ËœNext' button. Note that you cannot return to the lab once you click the `ËœNext' button. Scoring occur in the background while you complete the rest of the exam. Overview - The following section of the exam is a lab. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design. Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task. Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided. Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab. To start the lab - You may start the lab by clicking the Next button. You plan to store media files in the corpdata7523690n1 storage account. You need to configure the storage account to store the media files. The solution must ensure that only users who have access keys can download the media files and that the files are accessible only over HTTPS. What should you do from the Azure portal?
DRAG DROP - You are developing a web app that uses a REST interface to connect to Azure Storage with HTTPS. This app uploads and streams video content that can be accessed from anywhere in the world. You have different storage requirements for each part of the app. A hierarchical namespace must be created. Which storage services should you implement? To answer, select the appropriate services to the correct actions. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. Select and Place:
A company plans to use third-party application software to perform complex data analysis processes. The software will use up to 500 identical virtual machines (VMs) based on an Azure Marketplace VM image. You need to design the infrastructure for the third-party application server. The solution must meet the following requirements: ✑ The number of VMs that are running at any given point in time must change when the user workload changes. ✑ When a new version of the application is available in Azure Marketplace it must be deployed without causing application downtime. ✑ Use VM scale sets. ✑ Minimize the need for ongoing maintenance. Which two technologies should you recommend? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. single storage account
B. autoscale
C. single placement group
D. managed disks
You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named VNet1. You need to ensure that you can configure a point-to-site connection from an on-premises computer to VNet1. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Add a service endpoint to VNet1.
B. Add a public IP address space to VNet1.
C. Create a route-based virtual network gateway.
D. Reset GW1.
E. Delete GW1.
F. Add a connection to GW1.
HOTSPOT - You have an Azure subscription that contains a resource group named RG1. You have a group named Group1 that is assigned the Contributor role for RG1. You need to enhance security for the virtual machines in RG1 to meet the following requirements: ✑ Prevent Group1 from assigning external IP addresses to the virtual machines. ✑ Ensure that Group1 can establish a Remote Desktop connection to the virtual machines through a shared external IP address. What should you use to meet each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Hot Area:
HOTSPOT - You have an Azure Resource Manager template named Template1 in the library as shown in the following exhibit.Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. Hot Area:
You have an Azure subscription that contains the resources shown in the following table.Subnet1 is on VNET1. VM1 connects to Subnet1. You plan to create a virtual network gateway on VNET1. You need to prepare the environment for the planned virtual network gateway. What should you do?
A. Create a local network gateway.
B. Modify the address space used by Subnet1.
C. Create a subnet named GatewaySubnet on VNET1.
D. Modify the address space used by VNET1.
E. Delete Subnet1.
You have an Azure SQL database named Db1 that runs on an Azure SQL server named SQLserver1. You need to ensure that you can use the query editor on the Azure portal to query Db1. What should you do?
A. Copy the ADO.NET connection string of Db1 and paste the string to the query editor.
B. Approve private endpoint connections for SQLserver1.
C. Modify the Advanced Data Security settings of Db1.
D. Configure the Firewalls and virtual networks settings for SQLserver1.
You have the following Azure Active Directory (Azure AD) tenants: ✑ Contoso.onmicrosoft.com: Linked to a Microsoft 365 tenant and syncs to an Active Directory forest named contoso.com by using password hash synchronization ✑ Contosoazure.onmicrosoft.com: Linked to an Azure subscription named Subscription1 You need to ensure that you can assign the users in contoso.com access to the resources in Subscription1. What should you do?
A. Create an Azure management group that contains Subscription1.
B. Configure contoso.onmicrosoft.com to use pass-through authentication.
C. Create guest accounts for all the contoso.com users in contosoazure.onmicrosoft.com.
D. Configure Active Directory Federation Services (AD FS) federation between contosoazure.onmicrosoft.com and contoso.com.
An administrator plans to create a function app in Azure that will have the following settings: ✑ Runtime stack: .NET Core ✑ Operating System: Linux ✑ Plan type: Consumption ✑ Enable Application Insights: Yes You need to ensure that you can back up the function app. Which settings should you recommend changing before creating the function app?
A. Runtime stack
B. Enable Application Insights
C. Operating System
D. Plan type
Access Full AZ-303 Exam Prep Free
Want to go beyond these 50 questions? Click here to unlock a full set of AZ-303 exam prep free questions covering every domain tested on the exam.
We continuously update our content to ensure you have the most current and effective prep materials.
Good luck with your AZ-303 certification journey!