Valid AZ-303 Dumps shared by PassLeader for Helping Passing AZ-303 Exam! PassLeader now offer the newest AZ-303 VCE dumps and AZ-303 PDF dumps, the PassLeader AZ-303 exam questions have been updated and ANSWERS have been corrected, get the newest PassLeader AZ-303 dumps with VCE and PDF here: https://www.passleader.com/az-303.html (222 Q&As Dumps –> 246 Q&As Dumps –> 265 Q&As Dumps –> 289 Q&As Dumps)
BTW, DOWNLOAD part of PassLeader AZ-303 dumps from Cloud Storage: https://drive.google.com/drive/folders/176HrMWNv2qpK0-7e8ACdvMjBEr5xXCcr
NEW QUESTION 211
You are creating an app that will transcribe speech-to-text in Chinese. The app will use the Speech service in Azure and will authenticate by using a service principal. You configure the app to use the Application ID of the service principal and the client secret. Which other value should you add to the app to authenticate to the Speech service?
A. Subscription ID
B. Tenant ID
C. Application Name
D. Resource Group ID
Answer: D
NEW QUESTION 212
You have an Azure subscription that contains the resources shown in the following table:
……
A certificate named Certificate1 is stored in Vault1. You need to grant VM1 and VM2 access to Certificate1 by using the same security principal. What should you do?
A. Create an Azure Active Directory (Azure AD) user.
Create an access policy for Vault1.
Assign the access policy to the user.
Configure a user-assigned managed identity for VM1 and VM2.
B. Create a managed identity.
Assign the Key Vault Reader role-based acc ss control (RBAC) role for Vault1 to the managed identity.
Configure a system-assigned managed identity for VM1 and VM2.
C. Create an Azure Active Directory (Azure AD) user.
Assign the Key Vault Reader role-based access control (RBAC) role for Vault1 to the user.
Configure a user-assigned managed identity for VM1 and VM2.
D. Create a managed identity.
Add the Vaultl access policy to the managed identity.
Configure a user-assigned managed identity for VM1 and VM2.
Answer: C
NEW QUESTION 213
You manage a solution in Azure that consists of a single application which runs on a virtual machine (VM). Traffic to the application has increased dramatically. The application must not experience any downtime and scaling must be dynamically defined. You need to define an auto-scale strategy to ensure that the VM can handle the workload. Which three options should you recommend? (Each correct answer presents a complete solution. Choose three.)
A. Deploy application automatic vertical scaling.
B. Create a VM availability set.
C. Create a VM scale set.
D. Deploy application automatic horizontal scaling.
E. Deploy a custom auto-scale implementation.
Answer: CDE
NEW QUESTION 214
You have an Azure Active Directory (Azure AD) tenant named contoso.com. A user named Admin1 attempts to create an access review from the Azure Active Directory admin center and discovers that the Access reviews settings are unavailable. Admin1 discovers that all the other Identity Governance settings are available, Admin1 is assigned the User administrator. Compliance administrator, and Security administrator roles. You need to ensure that Admin1 can create access reviews in contoso.com.
Solution: You purchase an Azure Active Directory Premium P2 license for contoso.com.
Does this meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 215
You monitor Azure virtual machines by using Azure Monitor. You plan to restart the virtual machines when CPU usage exceeds 95 percent for more than 30 minutes. You need to create an alert in Azure Monitor to res art the virtual machines. The solution must minimize administrative effort. Which type of action should you use in the alert?
A. Automation Runbook
B. Logic App
C. Webhook
D. ITSM
Answer: A
Explanation:
Automation runbooks allows you to automatically perform standard remediations in response to VM alerts, like r starting or stopping the VM. Previously, during VM alert rule creation you were able to specify an Automation webhook to a runbook in order to run the runbook whenever the alert triggered. However, this required you to do the work of creating the runbook, creating the webhook for the runbook, and then copying and pasting the webhook during alert rule creation. With this new release, the process is much easier because you can directly choose a runbook from a list during alert rule creation, and you can choose an Automation account which will run the runbook or easily create an account.
https://azure.microsoft.com/en-us/blog/automatically-remediate-azure-vm-alerts-with-automation-runbooks/
NEW QUESTION 216
You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named Vnet1. You need to ensure that you can configure a point to-site connection from an on-premises computer to VNet1. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Delete GW1.
B. Reset GW1.
C. Add a service endpoint to VNet1.
D. Add a connection to GW1.
E. Add a public IP address space to VNet1.
F. Create a route-based virtual network gateway.
Answer: AF
NEW QUESTION 217
You have a server named Server1 that runs Windows Server 2019. Server1 is a container host. You plan to create a container image. You create the following instructions in a text editor:
……
You need 10 be able to automate the container image creation by using the instructions. To which file should you save the instructions?
A. Dockerfile
B. daemon.json
C. dockerconfig.json
D. dockerconfig.sjon
Answer: A
NEW QUESTION 218
You plan to create an Azure logic app that will access secrets stored in an Azure key vault. You need to ensure that the logic app can authenticate to the key vault by using Azure Active Directory (Azure AD). What should you do?
A. Turn on the system-assigned managed identity.
B. Add an Azure Active Directory authorization policy.
C. Create an app registration.
D. Modify the access keys.
Answer: B
NEW QUESTION 219
You have a resource group named RG5. The access controls for RG5 are configured as shown in the following exhibit:
……
Which users can deploy virtual networks to RG5?
A. User1, User2, and Prvi.
B. Only User1 an User2.
C. Only User1.
D. Only Prvi and User1.
Answer: D
Explanation:
User1, the Network Contributor, can create and manage networks, but not access to them. Prvi, the Owner, can create and manage resources of all types.
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
NEW QUESTION 220
You create the user-assigned identities shown in the following table:
……
You create a virtual machine that has the following configurations:
– Name: VM1
– Location: West US
– Resource group: RG1
Which managed identities can you add to VM1?
A. Identity1 and Identity2 only.
B. Identity1 only.
C. Identity1, idenity1 and Identity3.
D. Identity1 and Identity3 only.
Answer: B
NEW QUESTION 221
Hotspot
You are designing a virtual network to suppo t a web application. The web application uses Blob storage to store large images. The web application will be deployed to an Azure App Service Web App. You have the following requirements:
– Secure all communications by using Secured Socket layer (SSL) SSL encryption and decryption must be processed efficiently to support high traffic load on the web application.
– Protect the web application from web vulnerabilities and attacks without modification to backend code.
– Optimize web application responsiveness and reliability by routing HTTP request and responses to the endpoint with the lowest network latency for the client.
You need to onfigure the Azure components to meet the requirements. What should you do? (To answer, select the appropriate options in the answer area.)
Answer:
Explanation:
Box 1: Azure application Gateway. Azure Application Gateway supports end-to-end encryption of traffic. Application Gateway terminates the SSL connection at the application gateway. The gateway then applies the routing rules to the traffic, re-encrypts the packet and forwards the packet to the appropriate back-end server based on the routing rules defined. Any response from the web server goes through the same process back to the end user.
Box 2: Azure application Gateway.
https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview
Box 3: Azure Traffic Manager. Azure Traffic Manager is a DNS-based traffic load balancer that enables you to distribute traffic optimally services across global Azure regions, while providing high availability and responsiveness.
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-end-to-end-ssl-powershell
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
https://docs.microsoft.com/en-us/azure/security-center/security-center-intro
NEW QUESTION 222
……
Get the newest PassLeader AZ-303 VCE dumps here: https://www.passleader.com/az-303.html (222 Q&As Dumps –> 246 Q&As Dumps –> 265 Q&As Dumps –> 289 Q&As Dumps)
And, DOWNLOAD the newest PassLeader AZ-303 PDF dumps from Cloud Storage for free: https://drive.google.com/drive/folders/176HrMWNv2qpK0-7e8ACdvMjBEr5xXCcr