100% Real Microsoft AZ-305 Exam Questions & Answers, Accurate & Verified By IT Experts
Instant Download, Free Fast Updates, 99.6% Pass Rate
AZ-305 Premium File: 267 Questions & Answers
Last Update: Nov 08, 2023
AZ-305 Training Course: 87 Video Lectures
AZ-305 PDF Study Guide: 933 Pages
Microsoft AZ-305 Practice Test Questions in VCE Format
DateSep 06, 2023
DateDec 13, 2021
Microsoft AZ-305 Practice Test Questions, Exam Dumps
Microsoft AZ-305 Designing Microsoft Azure Infrastructure Solutions exam dumps vce, practice test questions, study guide & video training course to study and pass quickly and easily. Microsoft AZ-305 Designing Microsoft Azure Infrastructure Solutions exam dumps & practice test questions and answers. You need avanset vce exam simulator in order to study the Microsoft AZ-305 certification exam dumps & Microsoft AZ-305 practice test questions in vce format.
Alright, so the last topic we'll talk about is this logs section. And this is really hiding a lot of power underneath such a simple link that doesn't seem to stand out from the others. But I'm going to close this little popup, and I'm going to show you. I'm going to minimise the menu and pull out the schema, and basically this is a query tool. So this is going to be very similar to SQLServer Query Editor or any of these query editor interfaces you might be used to, where you can type in a query, hit Run, and see the results. Now it's all going to depend on which resource you select. This is very similar to selecting scope for metrics. So if we want to say, "Let's look at the application services," then I'm going to be able to look at this Train Test Service that we created. Now again, there's a little bit of complexity to this when you're talking about implementation and actually working with it. So when I select this, what's really cool is that it resets itself here and shows me that there are three tables that the Azure Train Test App Service could feed into. And if I mouse over it, it has a little pop-up that says "Entries from the Activity Log." So this is like subscription-level events—the creation, deletion, restart, redeployments, et cetera. Now when I click it, you'll see that the querywindow gets filled with the name of the table. You don't have to use the word "select." So this is not a SQL query. This is actually called Return by mistake. This is actually called Kusto. Kusto. And the language is Cousteau query language, or KQL. So it's not going to have the same syntax as a SQL. You just enter the table name, which happens to be Azure Activity. And we can see that these are the various things that happened to the service and that they were investigated within the last 24 hours. And so we can see all the way back to the time when the resource was first deployed even.Right, so this is the Operation Microsoft Web site. There's some informational informational stuff here. So, if I wanted to write a query about how many times this resource was restarted or something was changed to it, this is where I'd look. Now we could also get these service logs and the metrics from here. Like I said, there's a little trick to this. I'm going to change from the AppService scope to the Virtual Machine scope. So if I go down here and say "Virtual Machines," click out of it. This is the minor machine we were just dealing with. And now the tables have changed. Now if I rerun the same query on Azure Activity, then it's not going to be based on the AppServices, it'll be based on the virtual machine. Let's look at the heartbeat. Okay, so I'm going to run the heartbeat. Now, of course, the heartbeat in the world of merchant machines is that the machine just sent out an IMA live message. You can see the operating system version that's being output, and it happens just every minute. Hello, hello. We can see these 1-minute intervals. The performance stuff is under perf, so I can do that. Now, just looking at this table is not super useful. What really makes this useful is what's called "queries." And so, you can write your own queries. So this is query language, and you can get all the where clause, select clause, statement, and summarising functions. You can be very clever. You can even create charts with this. Or there are some pre-built queries. So let's say I want to look at thelet's say I want to look at the heartbeats. Okay? Now, when you do this, it adds to the window. It doesn't delete what's there. So I'm going to delete what I previously had. And this says, "Count all the computer heartbeats for the last hour." So this particular query has the time built into it. So even though I've got a 24 hour time range, it's going to be restricted to 1 hour based on this. So you can see the query language, right, along with the table name, the where clause, and a summarize, which is like a group by, I guess. So how many heartbeats do I have? I've had 105 heartbeats in the last hour. Okay. Normally, agents generate heartbeats every minute. so you can query this again. This can turn into an alert if this number does come back correct, etc. We can look at performance or CPU usage trends. I'm going to have to delete what's there. CPUs trends. I can run it. This is rendering it as a chart. You see the "render" command in here. And so, again, I can customise this and filter out certain things. If you're looking for errors or very specific counters or things like that, this is a very flexible language. We're not going to teach you this language, and I don't think it appears on the exam, but knowing that that's the language that runs within these queries, this is where the power is in terms of being able to extract all this data. You're pulling in data from hundreds of machines. Now, you can write reports, save those reports, turn those into alerts, and output charts. If you're looking for errors, you can start to look for them here.
Now we just looked at AzureMonitor, which focuses on performance, diagnostics, and various events. But what about security? We live in an age now where security has to be top of mind for any person using, developing, or creating apps for the cloud. Well, that's where the new product called Azure Sentinel comes in. So if we go into Azure Sentinel, the first thing we have to do is connect Sentinel to one of our existing workspaces. Now, luckily, I do have a workspace that is eligible for Sentinel. And so I do have a lot of my logging auditing going into Sentinel, which I can add to Azure Sentinel. But. What is sentinel? Sentinel is basically what AzureMonitor is for performance. Sentinels are for security. So this allows you to collect data from all your devices that is security related.It has some automatic threat detection algorithms inside of it. You can minimise false positives. You can also use it for investigations. So once you do have some security events, let's say you do have someone who's repeatedly trying to log in to one of your applications, and it fails and fails and fails. While you can start to dig down into the logs and see when they started and what ended up happening, track that IP address through the logs. Did they even eventually get in? Maybe they did. You can collect those log files into what are called incidents and then basically start a ticketing system around the incident until you can respond to it. So Sentinel is basically what's called "security information and event management," or Siem, solutions. Also the Security Orchestrationautomated response sore. So it is both for investigations and for responses to security. So we saw that it took a minute or so to connect our workspace to it. Now we do have to start going through and setting this up, but basically we can see that. You can look at what I was calling about incidents. Hunting is the process of trying to find security problems. So you have the log files at your disposal. You can basically run queries to find out, if you're putting yourself in the hacker's shoes, what are some of the telltale signs of either successfully or unsuccessfully being hacked? And you can basically search around for those. So let's go first to the overview screen, and we can see that even though we literally just hooked up the Sentinel to the workspace a few minutes ago, it's already collected 2.4 thousand events from my system. So all of the various things that were already in that workspace are already collected them all right.It's basically just done it.So I can see sort of broken out on the overview screen how many virtual machine events and performance events, et cetera.We don't have any incidents we can sort of see. It's basically a default dashboard here where we can sort of see if there are any malicious attacks, et cetera. Now we haven't really hooked this up other than the workspace, which is not configured for most of my services. We haven't really hooked this up to a lot of other services within Azure and outside of Azure. So if we go back to the news and collect data," and it's also under "data connectors" here, we can see that there are currently 60 connectors, and I only have two of them connected. So if I say I only want to see the ones that are currently configured, by default I'm going to get the security events. It's basically based on the workspace: things that go into my workspace that are security events and also non-security events, such as subscription-level events such as creating a resource group, creating a new resource, deleting a resource, et cetera. Those go under "activity." But that is just a fraction of what a sentinel can do. We can actually see it has an Amazon Web Services connector here. And so we can actually stream our cloud trail logs from AWS into Sentinel. Sentinel can serve as a centralised repository for all of your security needs. We also have other third-party services, such as AI Vectra, outside of K. Audit. Let me scroll down here. We've got some Barracuda services. Cisco, citrix, et cetera. So Microsoft is basically creating these connectors to a lot of these security products. F-five is a firewall connector. Okay? So you can basically get all of your security information in one place. Now we can actually see other things. such as Azure Firewall and advanced threat detection. Azure Active Directory might be a good one because this is what's going to show you people who are using your accounts using what are basically the sign-in logs. So we do have to connect our Azure Active Directory to Sentinel. It's not connected by default. We can see that we paid for a Premium licence here. So I'm currently on a premium subscription for my default active directory. And if you don't have that, you're going to have to grant that. You have to be at the right permission settings, etc. And basically, I can grant access to Azure Sentinel for my Azure Active Directory sign-in logs and other audit logs. And so from that point forward, we can now get access to those logs within Sentinel. Now I'm going to close this out. Like I said, we look at something like hunting. If I click onto that, Microsoft provides 92 built-in queries for various things. So we just talked about AWS cloud trails. Well, there's a query pre built that allow you tofind, it says Changes made to AWS Access Policy. Okay, so the Identity and Access Management Policy So if someone goes in and grants changes to the AI M policy, you can basically find those events using this type of query. Okay, scrolling down Remember, Azure activity is already set up by default. We can see if somebody is going to "enumerate," which means go and list one by one all of the Azure account storage keys, or things like that. DNS logs Microsoft Office Web with three CIS logs So if we're looking at pen testers and attackers that are using common exploits, then this type of law can basically pull that out. So these are defaults. Now you're not stuck with that. You can basically build your own query based on the sources and then run queries to generate whatever kind of report you want. The real power then becomes setting up alerts based on this. So once you've got a query and you're okay with the results, maybe you want to turn that into an alert so that you get notified anytime a new event happens that matches this query. Now Azure also provides what are called "workbooks," which are basically predefined report sets. And so if you've got, let's say, the Azureactivity workbook, then basically I can go and have a predefined dashboard that's going to track Remember when we talked about Azure activities about subscription-level events such as Top Ten ActiveResource groups and what activities from creation updates to deletion are happening over time? So this is similar to a dashboard that you can then customise and turn into your workbook, but it's a template for a workbook, and then you have playbooks, which is the automation. So if you do have a query that you develop for hunting and you find that it's really helpful to find incidents, you can set up an alert, but you can also have some type of action that happens. Maybe it disables the user if user X has four failed login attempts in 24 hours, sends an email to the user asking what's going on and disables the account until they return and reply, and so on. You can create your own type of automation that is triggered when something suspicious is detected. Alerts are great, but if you can develop some sort of automation, then you can basically have your system subtly adjust, turning things on and off, enabling multi-factor authentication, and things like that, depending on the threats that are being detected.
The second major section of this exam says "Design Identity and Security." And as you can see, it is worth a significant percentage of the exam score. So put a lot of emphasis on this. Identity. Within Microsoft Azure, we usually talk about Microsoft Azure Active Directory as the identity service. So we're going to start talking about the concept of authentication and authorization. Also included in identity and security is the concept of governance. And so governance is the act of enacting company policies that are enforced by the technology through policies and blueprints within Azure itself. Finally, we're going to talk a little bit about application security. As application developers, how can you implement and take advantage of Microsoft Azure security solutions in your applications? And this includes storing your secrets in a key vault and running your applications with managed identities. So in this section and the sections that follow, we're going to be talking mostly about Azure Active Directory.
So in this section of the course, we're going to talk about the second major objective of this exam, which is designed for identity and security and is worth 25% to 30% of your exam score. Now, we do need to acknowledge that there does seem to be quite a bit of overlap between the AZ 303 requirements when it comes to identity and security and AZ 304. So in this video, we're going to talk about how we're going to deal with that overlap. This is the requirement for the AZ 303 exam. It clearly says: Implement Azure Active Directory, implement and manage hybrids, configure identities, enable fraud alerts, configure user accounts for MFA, manage multiple directories, and implement self-service password reset." And if we switch over to the AZ 304 requirements, what we're talking about in this course, we can see that it says to recommend a solution for single sign-on, recommend a solution for conditional access, and recommend a solution for self service.So the AZ 303 exam is much more on the implementation, the details, and the decisions that you're making as you're setting up Azure, whereas the AZ 304 course leads you up to the point where you decide to use those tools in your solution. So let's be clear about the differences between them. AZ Three or Three is the how to Perform Tasks exam andAZ Three or Four is the strategy or what to perform. So, to be frank with you, we're not going to cover how to create an Azure AD tenant. I'm not going to show you in the portal how I created one, how I created users, groups, and roles, and how I set up the relationships between those objects within the Azure AD—that is not only covered by the AZ Three or Three Course, and that is not even on this exam. There will not be a question on the AC Three or Four exam asking you about the different types of users that you can create or the difference between a user and a guest. That's not going to be a question on this exam. We are going to cover authentication in terms of the decisions that we need to make to determine what type of authentication to add to our applications. We're going to cover authorization. Again, those decisions that you're making in terms of how you're going to authorise people and decide what level of access we are going to grant, There are a couple of advanced ad topics that are on Three or Four that are not on 303. We will talk about that in this course as well. Clearly, there are a couple of sections that are more strategic, including governance and application security. So that's going to be in this course as well.
So in this section, we're going to be talking about identity management within Azure. Now, as you may know, Microsoft's preferred identity management solution is called Azure Active Directory. I have it in my favourites bar as a favourite to my favourites bar.Or you can go into all services and just start typing "Ash Active Directory" and you'll see "Azure Active Directory" come up as an option. Now, you might recognise the term Active Directory from the very famous Windows solution that many companies use to manage logins inside a corporate network. Now, this is slightly different. It's a related product and you can connect the two, but this does not replace your on-premises Active Directory. This works alongside it to manage identity in the cloud. So I'm going to choose that active directory. Now, you can see that I already have one setup, and it takes me to my default directory. Okay? Now there is a free tier, so it shouldn't harm you at all to create your own Active Directory if you don't have one. If I go into the top right menu here, where it has my user account, you can see that there is a switch directory option. And by clicking it, I can basically see what my Active Directory accounts are, which one is set to the default, et cetera. So in this section of the course, we're going to talk about Active Directory, how to set it up for the first time, and how to connect to your on-premises Active Directory. Defining roles using self-service identity management is one of the topics, and this is basically your strategy for setting up Active Directory to manage identity for your app applications in the cloud.
Go to testing centre with ease on our mind when you use Microsoft AZ-305 vce exam dumps, practice test questions and answers. Microsoft AZ-305 Designing Microsoft Azure Infrastructure Solutions certification practice test questions and answers, study guide, exam dumps and video training course in vce format to help you study with ease. Prepare with confidence and study using Microsoft AZ-305 exam dumps & practice test questions and answers vce from ExamCollection.
Microsoft AZ-305 Video Course
Top Microsoft Certification Exams
SPECIAL OFFER: GET 10% OFF
Pass your Exam with ExamCollection's PREMIUM files!
SPECIAL OFFER: GET 10% OFF
Use Discount Code:
A confirmation link was sent to your e-mail.
Please check your mailbox for a message from email@example.com and follow the directions.
Download Free Demo of VCE Exam Simulator
Experience Avanset VCE Exam Simulator for yourself.
Simply submit your e-mail address below to get started with our interactive software demo of your free trial.