Free Practice Questions•Azure Solutions Architect Expert•30 Questions with Answers•Free Practice Questions•Azure Solutions Architect Expert•30 Questions with Answers•
FREE QUESTIONS
Azure Solutions Architect Expert Practice Questions
30 free questions with correct answers and detailed explanations.
30Free Questions
2Free Exams
100%With Explanations
AZ-305 Practice Set-01
15 questions
Q1
You plan to deploy an application named App1 that will run on five Azure virtual machines. Additional virtual machines will be deployed later to run App1. You need to recommend a solution to meet the following requirements for the virtual machines that will run App1: ✑ Ensure that the virtual machines can authenticate to Azure Active Directory (Azure AD) to gain access to an Azure key vault, Azure Logic Apps instances, and an Azure SQL database. ✑ Avoid assigning new roles and permissions for Azure services when you deploy additional virtual machines. ✑ Avoid storing secrets and certificates on the virtual machines. ✑ Minimize administrative effort for managing identities. Which type of identity should you include in the recommendation?
A
a system-assigned managed identity
B
a service principal that is configured to use a certificate
C
a service principal that is configured to use a client secret
a user-assigned managed identity
Correct Answer
a user-assigned managed identity
Explanation
A user-assigned managed identity is created as a standalone Azure resource and can be assigned to multiple VMs simultaneously. New VMs inherit the same identity without requiring new role assignments, avoiding secrets on VMs. See: https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
Q2
You have the resources shown in the following table: CDB1 hosts a container that stores continuously updated operational data. You are designing a solution that will use AS1 to analyze the operational data daily. You need to recommend a solution to analyze the data without affecting the performance of the operational data store. What should you include in the recommendation?
A
Azure Cosmos DB change feed
B
Azure Data Factory with Azure Cosmos DB and Azure Synapse Analytics connectors
Azure Synapse Link for Azure Cosmos DB
D
Azure Synapse Analytics with PolyBase data loading
Correct Answer
Azure Synapse Link for Azure Cosmos DB
Explanation
Azure Synapse Link for Azure Cosmos DB is a cloud-native HTAP capability that enables near real-time analytics over operational data through a separate analytical store, without impacting the transactional workload. See: https://learn.microsoft.com/en-us/azure/cosmos-db/synapse-link
Q3
You have an app named App1 that uses an on-premises Microsoft SQL Server database named DB1. You plan to migrate DB1 to an Azure SQL managed instance. You need to enable customer managed Transparent Data Encryption (TDE) for the instance. The solution must maximize encryption strength. Which type of encryption algorithm and key length should you use for the TDE protector?
RSA 3072
B
AES 256
C
RSA 4096
D
RSA 2048
Correct Answer
RSA 3072
Explanation
RSA 3072 provides the maximum supported key length for customer-managed TDE protectors in Azure SQL Managed Instance when using Azure Key Vault, offering the highest available encryption strength. See: https://learn.microsoft.com/en-us/azure/azure-sql/database/transparent-data-encryption-byok-overview
Q4
You plan to migrate on-premises MySQL databases to Azure Database for MySQL Flexible Server. You need to recommend a solution for the Azure Database for MySQL Flexible Server configuration. The solution must meet the following requirements: • The databases must be accessible if a datacenter fails. • Costs must be minimized. Which compute tier should you recommend?
A
Burstable
General Purpose
C
Memory Optimized
Correct Answer
General Purpose
Explanation
Zone-redundant high availability for Azure Database for MySQL Flexible Server is supported in the General Purpose tier and above. It ensures accessibility if a datacenter fails while minimizing costs compared to Memory Optimized. See: https://learn.microsoft.com/en-us/azure/mysql/flexible-server/concepts-high-availability
Q5
You have SQL Server on an Azure virtual machine. The databases are written to nightly as part of a batch process. You need to recommend a disaster recovery solution for the data. The solution must meet the following requirements: ✑ Provide the ability to recover in the event of a regional outage. ✑ Support a recovery time objective (RTO) of 15 minutes. ✑ Support a recovery point objective (RPO) of 24 hours. ✑ Support automated recovery. ✑ Minimize costs. What should you include in the recommendation?
A
Azure virtual machine availability sets
B
Azure Disk Backup
C
an Always On availability group
Azure Site Recovery
Correct Answer
Azure Site Recovery
Explanation
Azure Site Recovery replicates SQL Server VMs across regions with automated failover, meeting the RPO of 24 hours and RTO of 15 minutes requirements with minimal cost compared to Always On solutions. See: https://learn.microsoft.com/en-us/azure/site-recovery/azure-to-azure-tutorial-enable-replication
Q6
You plan to deploy an Azure Database for MySQL flexible server named Server1 to the East US Azure region. You need to implement a business continuity solution for Server1. The solution must minimize downtime in the event of a failover to a paired region. What should you do?
A
Create a read replica.
B
Store the database files in Azure premium file shares.
Implement Geo-redundant backup.
D
Configure native MySQL replication.
Correct Answer
Implement Geo-redundant backup.
Explanation
Geo-redundant backup for Azure Database for MySQL Flexible Server stores backups in a paired region, enabling point-in-time restore in a secondary region to minimize downtime during regional failover events. See: https://learn.microsoft.com/en-us/azure/mysql/flexible-server/concepts-backup-restore
Q7
You have an Azure subscription. You need to deploy an Azure Kubernetes Service (AKS) solution that will use Windows Server 2019 nodes. The solution must meet the following requirements: ✑ Minimize the time it takes to provision compute resources during scale-out operations. ✑ Support autoscaling of Windows Server containers. Which scaling option should you recommend?
A
Kubernetes version 1.20.2 or newer
B
Virtual nodes with Virtual Kubelet ACI
cluster autoscaler
D
horizontal pod autoscaler
Correct Answer
cluster autoscaler
Explanation
The AKS cluster autoscaler automatically adjusts the number of nodes in a Windows Server node pool based on resource requests, minimizing compute provisioning time during scale-out while supporting Windows container autoscaling. See: https://learn.microsoft.com/en-us/azure/aks/cluster-autoscaler
Q8
You need to design a highly available Azure SQL database that meets the following requirements: ✑ Failover between replicas of the database must occur without any data loss. ✑ The database must remain available in the event of a zone outage. ✑ Costs must be minimized. Which deployment option should you use?
A
Azure SQL Managed Instance Business Critical
B
Azure SQL Managed Instance General Purpose
C
Azure SQL Database Business Critical
Azure SQL Database Serverless
Correct Answer
Azure SQL Database Serverless
Explanation
Azure SQL Database Serverless (General Purpose tier) supports zone-redundant deployment for availability during zone outages and auto-pauses to minimize costs, making it the most cost-effective option for zone-resilient HA scenarios. See: https://learn.microsoft.com/en-us/azure/azure-sql/database/serverless-tier-overview
Q9
You have an on-premises line-of-business (LOB) application that uses a Microsoft SQL Server instance as the backend. You plan to migrate the on-premises SQL Server instance to Azure virtual machines. You need to recommend a highly available SQL Server deployment that meets the following requirements: ✑ Minimizes costs Minimizes failover time if a single server fails What should you include in the recommendation?
A
an Always On availability group that has premium storage disks and a virtual network name (VNN)
B
an Always On Failover Cluster Instance that has a virtual network name (VNN) and a standard file share
an Always On availability group that has premium storage disks and a distributed network name (DNN)
D
an Always On Failover Cluster Instance that has a virtual network name (VNN) and a premium file share
Correct Answer
an Always On availability group that has premium storage disks and a distributed network name (DNN)
Explanation
An Always On availability group with premium storage disks and Distributed Network Name (DNN) minimizes failover time by enabling direct listener connections without a load balancer, reducing cost and latency compared to VNN-based configurations. See: https://learn.microsoft.com/en-us/azure/azure-sql/virtual-machines/windows/availability-group-overview
Q10
You need to recommend an Azure Storage solution that meets the following requirements: ✑ The storage must support 1 PB of data. ✑ The data must be stored in blob storage. ✑ The storage must support three levels of subfolders. ✑ The storage must support access control lists (ACLs). What should you include in the recommendation?
A
a premium storage account that is configured for block blobs
a general purpose v2 storage account that has hierarchical namespace enabled
C
a premium storage account that is configured for page blobs
D
a premium storage account that is configured for file shares and supports large file shares
Correct Answer
a general purpose v2 storage account that has hierarchical namespace enabled
Explanation
A general purpose v2 storage account with hierarchical namespace enabled is Azure Data Lake Storage Gen2, which supports 1 PB+ of blob data, multi-level folder hierarchies, and POSIX-compliant ACLs for granular access control. See: https://learn.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-introduction
Q11
You are developing a sales application that will contain several Azure cloud services and handle different components of a transaction. Different cloud services will process customer orders, billing, payment, inventory, and shipping. You need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using XML messages. What should you include in the recommendation?
A
Azure Notification Hubs
B
Azure Service Fabric
Azure Queue Storage
D
Azure Application Gateway
Correct Answer
Azure Queue Storage
Explanation
Azure Queue Storage enables asynchronous message-based communication between application components, supporting XML message payloads with at-least-once delivery guarantees for decoupled microservices such as order, billing, and shipping processors. See: https://learn.microsoft.com/en-us/azure/storage/queues/storage-queues-introduction
Q12
You have an Azure subscription. You need to deploy an Azure Kubernetes Service (AKS) solution that will use Windows Server 2019 nodes. The solution must meet the following requirements: • Minimize the time it takes to provision compute resources during scale-out operations. • Support autoscaling of Windows Server containers. Which scaling option should you recommend?
A
horizontal pod autoscaler
B
Virtual nodes
C
Kubernetes version 1.20.2 or newer
cluster autoscaler
Correct Answer
cluster autoscaler
Explanation
The AKS cluster autoscaler automatically scales the number of nodes based on pending pod resource constraints, supporting Windows Server containers and minimizing compute provisioning time during scale-out operations. See: https://learn.microsoft.com/en-us/azure/aks/cluster-autoscaler
Q13
You have an Azure subscription that contains the resources shown in the following table. You create peering between VNet1 and VNet2 and between VNet1 and VNet3. The virtual machines host an HTTPS-based client/server application and are accessible only via the private IP address of each virtual machine. You need to implement a load balancing solution for VM2 and VM3. The solution must ensure that if VM2 fails, requests will be routed automatically to VM3, and if VM3 fails, requests will be routed automatically to VM2. What should you include in the solution?
A
Azure Firewall Premium
B
Azure Application Gateway v2
C
a cross-region load balancer
Azure Front Door Premium
Correct Answer
Azure Front Door Premium
Explanation
Azure Front Door Premium supports global HTTPS load balancing with automatic failover between VM origins using health probes, and enables private endpoint connectivity via Private Link for apps accessible only via private IP across peered virtual networks. See: https://learn.microsoft.com/en-us/azure/frontdoor/front-door-overview
Q14
You have an Azure Functions microservice app named App1 that is hosted in the Consumption plan. App1 uses an Azure Queue Storage trigger. You plan to migrate App1 to an Azure Kubernetes Service (AKS) cluster. You need to prepare the AKS cluster to support App1. The solution must meet the following requirements: • Use the same scaling mechanism as the current deployment. • Support kubenet and Azure Container Networking Interface (CNI) networking. Which two actions should you perform?
KEDA (Kubernetes-based Event Driven Autoscaling) uses the same Queue Storage-based scaling mechanism as Azure Functions Consumption plan, and works with the horizontal pod autoscaler (HPA) to scale pods. Both support kubenet and CNI networking on AKS. See: https://learn.microsoft.com/en-us/azure/aks/keda-about
Q15
You have an Azure subscription that contains a custom application named Application1. Application1 was developed by an external company named Fabrikam, Ltd. Developers at Fabrikam were assigned role-based access control (RBAC) permissions to the Application1 components. All users are licensed for the Microsoft 365 E5 plan. You need to recommend a solution to verify whether the Fabrikam developers still require permissions to Application1. The solution must meet the following requirements: ✑ To the manager of the developers, send a monthly email message that lists the access permissions to Application1. ✑ If the manager does not verify an access permission, automatically revoke that permission. ✑ Minimize development effort. What should you recommend?
In Azure Active Directory (Azure AD), create an access review of Application1.
B
Create an Azure Automation runbook that runs the Get-AzRoleAssignment cmdlet.
C
In Azure Active Directory (Azure AD) Privileged Identity Management, create a custom role assignment for the Application1 resources.
D
Create an Azure Automation runbook that runs the Get-AzureADUserAppRoleAssignment cmdlet.
Correct Answer
In Azure Active Directory (Azure AD), create an access review of Application1.
Explanation
Azure AD Access Reviews automatically send monthly email notifications to managers, and if no response is received, automatically revoke access permissions — minimizing development effort compared to custom automation runbooks. See: https://learn.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview
AZ-305 Practice Set-02
15 questions
Q1
You are designing an Azure governance solution. All Azure resources must be easily identifiable based on the following operational information: environment, owner, department and cost center. You need to ensure that you can use the operational information when you generate reports for the Azure resources. What should you include in the solution?
A
an Azure data catalog that uses the Azure REST API as a data source
B
an Azure management group that uses parent groups to create a hierarchy
an Azure policy that enforces tagging rules
D
Azure Active Directory (Azure AD) administrative units
Correct Answer
an Azure policy that enforces tagging rules
Explanation
Azure Policy with tag enforcement rules ensures all deployed Azure resources include the required operational tags (environment, owner, department, cost center), enabling accurate cost and compliance reporting grouped by these attributes. See: https://learn.microsoft.com/en-us/azure/governance/policy/concepts/effects
Q2
Your company has the divisions shown in the following table. Sub1 contains an Azure App Service web app named App1. App1 uses Azure AD for single-tenant user authentication. Users from contoso.com can authenticate to App1. You need to recommend a solution to enable users in the fabrikam.com tenant to authenticate to App1. What should you recommend?
Use Azure AD entitlement management to govern external users.
B
Enable Azure AD pass-through authentication and update the sign-in endpoint.
C
Configure a Conditional Access policy.
D
Configure assignments for the fabrikam.com users by using Azure AD Privileged Identity Management (PIM).
Correct Answer
Use Azure AD entitlement management to govern external users.
Explanation
Azure AD Entitlement Management enables external users from other Azure AD organizations (fabrikam.com) to request access to resources through access packages with connected organizations configuration, allowing cross-tenant authentication to App1. See: https://learn.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview
Q3
You have an Azure subscription that contains 1,000 resources. You need to generate compliance reports for the subscription. The solution must ensure that the resources can be grouped by department. What should you use to organize the resources?
A
application groups and quotas
Azure Policy and tags
C
administrative units and Azure Lighthouse
D
resource groups and role assignments
Correct Answer
Azure Policy and tags
Explanation
Azure Policy combined with resource tags enables compliance reporting where resources can be grouped and filtered by department tag values, providing a structured way to organize and report on 1,000+ resources across a subscription with minimal setup. See: https://learn.microsoft.com/en-us/azure/governance/policy/overview
Q4
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription. What should you include in the recommendation?
A
Azure Arc
B
Azure Monitor metrics
C
Azure Advisor
Azure Log Analytics
Correct Answer
Azure Log Analytics
Explanation
Azure Log Analytics collects and stores Azure Activity Log data, enabling KQL queries to generate monthly reports on ARM resource deployments in a subscription by filtering on operationName and time range. See: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-overview
Q5
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription. What should you include in the recommendation?
A
Azure Monitor action groups
B
Azure Arc
C
Azure Monitor metrics
Azure Activity Log
Correct Answer
Azure Activity Log
Explanation
Azure Activity Log records all ARM control plane operations including resource creation events with timestamp, resource type, and subscription details, providing the data source needed for monthly reports of new ARM deployments. See: https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/activity-log
Q6
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription. What should you include in the recommendation?
A
Azure Arc
Azure Log Analytics
C
Application insights
D
Azure Monitor action groups
Correct Answer
Azure Log Analytics
Explanation
Azure Log Analytics provides a centralized workspace to query Activity Log data using KQL, enabling scheduled monthly reports of new ARM resource deployments filtered by operation type and timestamp across the subscription. See: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-overview
Q7
You need to recommend a solution to generate a monthly report of all the new Azure Resource Manager (ARM) resource deployments in your Azure subscription. What should you include in the recommendation?
A
Application Insights
B
Azure Arc
Azure Log Analytics
D
Azure Monitor metrics
Correct Answer
Azure Log Analytics
Explanation
Azure Log Analytics enables querying of Activity Log data ingested from the subscription, supporting KQL-based monthly reporting on ARM resource deployments filtered by resource type, date range, and operation status. See: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-tutorial
Q8
You have an Azure subscription. You plan to deploy a monitoring solution that will include the following: • Azure Monitor Network Insights • Application Insights • Microsoft Sentinel • VM insights The monitoring solution will be managed by a single team. What is the minimum number of Azure Monitor workspaces required?
1
B
2
C
3
D
4
Correct Answer
1
Explanation
A single Azure Monitor Log Analytics workspace can support all four monitoring solutions simultaneously — Network Insights, Application Insights (workspace-based), Microsoft Sentinel, and VM Insights — enabling a single team to manage all monitoring from one workspace. See: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/workspace-design
Q9
You have an Azure subscription that contains 10 web apps. The apps are integrated with Azure AD and are accessed by users on different project teams. The users frequently move between projects. You need to recommend an access management solution for the web apps. The solution must meet the following requirements: • The users must only have access to the app of the project to which they are assigned currently. • Project managers must verify which users have access to their project’s app and remove users that are no longer assigned to their project. • Once every 30 days, the project managers must be prompted automatically to verify which users are assigned to their projects. What should you include in the recommendation?
A
Azure AD Identity Protection
B
Microsoft Defender for Identity
C
Microsoft Entra Permissions Management
Azure AD Identity Governance
Correct Answer
Azure AD Identity Governance
Explanation
Azure AD Identity Governance includes access reviews that automatically prompt project managers every 30 days to verify user assignments, and automatically remove access if not re-approved — meeting all requirements without custom code development. See: https://learn.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview
Q10
You have 100 servers that run Windows Server 2012 R2 and host Microsoft SQL Server 2014 instances. The instances host databases that have the following characteristics: ✑ Stored procedures are implemented by using CLR. ✑ The largest database is currently 3 TB. None of the databases will ever exceed 4 TB. You plan to move all the data from SQL Server to Azure. You need to recommend a service to host the databases. The solution must meet the following requirements: ✑ Whenever possible, minimize management overhead for the migrated databases. ✑ Ensure that users can authenticate by using Azure Active Directory (Azure AD) credentials. ✑ Minimize the number of database changes required to facilitate the migration. What should you include in the recommendation?
A
Azure SQL Database elastic pools
Azure SQL Managed Instance
C
Azure SQL Database single databases
D
SQL Server 2016 on Azure virtual machines
Correct Answer
Azure SQL Managed Instance
Explanation
Azure SQL Managed Instance supports CLR stored procedures, databases up to 4 TB, Azure AD authentication, and provides near 100% SQL Server compatibility — minimizing database changes required for migration from on-premises SQL Server 2014. See: https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/sql-managed-instance-paas-overview
Q11
You are planning an Azure IoT Hub solution that will include 50,000 IoT devices. Each device will stream data, including temperature, device ID, and time data. Approximately 50,000 records will be written every second. The data will be visualized in near real time. You need to recommend a service to store and query the data. Which two services can you recommend?
A
Azure Table Storage
B
Azure Event Grid
Azure Cosmos DB SQL API
Azure Time Series Insights
Correct Answers
Azure Cosmos DB SQL API
Azure Time Series Insights
Explanation
Azure Cosmos DB for NoSQL handles high-throughput writes (50,000 records/second) at low latency, while Azure Time Series Insights provides near real-time visualization and querying of time-series IoT telemetry including temperature, device ID, and timestamps. See: https://learn.microsoft.com/en-us/azure/time-series-insights/overview-what-is-tsi
Q12
You store web access logs data in Azure Blob Storage. You plan to generate monthly reports from the access logs. You need to recommend an automated process to upload the data to Azure SQL Database every month. What should you include in the recommendation?
A
Microsoft SQL Server Migration Assistant (SSMA)
B
Data Migration Assistant (DMA)
C
AzCopy
Azure Data Factory
Correct Answer
Azure Data Factory
Explanation
Azure Data Factory provides automated, scheduled pipeline triggers to copy data from Azure Blob Storage (web access logs) to Azure SQL Database monthly, using built-in connectors with transformation and mapping capabilities and no custom code. See: https://learn.microsoft.com/en-us/azure/data-factory/connector-azure-sql-database
Q13
You have an app named App1 that uses two on-premises Microsoft SQL Server databases named DB1 and DB2. You plan to migrate DB1 and DB2 to Azure You need to recommend an Azure solution to host DB1 and DB2. The solution must meet the following requirements: ✑ Support server-side transactions across DB1 and DB2. ✑ Minimize administrative effort to update the solution. What should you recommend?
A
two Azure SQL databases in an elastic pool
two databases on the same Azure SQL managed instance
C
two databases on the same SQL Server instance on an Azure virtual machine
D
two Azure SQL databases on different Azure SQL Database servers
Correct Answer
two databases on the same Azure SQL managed instance
Explanation
Azure SQL Managed Instance supports cross-database server-side transactions between multiple databases on the same instance, and minimizes administrative overhead compared to managing SQL Server on Azure VMs while maintaining near-full SQL Server compatibility. See: https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/sql-managed-instance-paas-overview
Q14
You are designing an application that will aggregate content for users. You need to recommend a database solution for the application. The solution must meet the following requirements: • Support SQL commands. • Support multi-master writes. • Guarantee low latency read operations. What should you include in the recommendation?
Azure Cosmos DB for NoSQL
B
Azure SQL Database that uses active geo-replication
C
Azure SQL Database Hyperscale
D
Azure Cosmos DB for PostgreSQL
Correct Answer
Azure Cosmos DB for NoSQL
Explanation
Azure Cosmos DB for NoSQL supports SQL-like query syntax, multi-region writes (multi-master) in all regions simultaneously, and guarantees single-digit millisecond read latency at the 99th percentile, meeting all three requirements for the content aggregation application. See: https://learn.microsoft.com/en-us/azure/cosmos-db/introduction
Q15
You have 12 on-premises data sources that contain customer information and consist of Microsoft SQL Server, MySQL, and Oracle databases. You have an Azure subscription. You plan to create an Azure Data Lake Storage account that will consolidate the customer information for analysis and reporting. You need to recommend a solution to automatically copy new information from the data sources to the Data Lake Storage account by using extract, transform and load (ETL). The solution must minimize administrative effort. What should you include in the recommendation?
Azure Data Factory
B
Azure Data Explorer
C
Azure Data Share
D
Azure Data Studio
Correct Answer
Azure Data Factory
Explanation
Azure Data Factory includes 90+ built-in connectors for SQL Server, MySQL, and Oracle databases, enabling automated ETL pipelines to copy data from 12 on-premises data sources to Azure Data Lake Storage on a schedule with minimal administrative effort. See: https://learn.microsoft.com/en-us/azure/data-factory/connector-overview
Want More Practice?
These are just the free questions. Unlock the full Azure Solutions Architect Expert exam library with hundreds of additional questions, timed practice mode, and progress tracking.