AZ-305 Microsoft Designing Microsoft Azure Infrastructure Solutions Free Practice Exam Questions (2025 Updated)
Prepare effectively for your Microsoft AZ-305 Designing Microsoft Azure Infrastructure Solutions certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.
You plan to deploy multiple instances of an Azure web app across several Azure regions.
You need to design an access solution for the app. The solution must meet the following replication requirements:
• Support rate limiting.
• Balance requests between all instances.
• Ensure that users can access the app in the event of a regional outage.
Solution: You use Azure Front Door to provide access to the app.
Does this meet the goal?
Your company has 50 business units across the globe. The business units operate from 08:00 AM to 06:00 PM from Monday to Friday in their local time zone. Transactions are only processed during business hours.
You have an Azure subscription.
You plan to deploy an app named App1 that will manage the transactions for the business units. App1 will use a separate Azure SQL database for each business unit.
You need to recommend an Azure SQL Database configuration for App1. The solution must meet the following requirements:
• Support Azure Hybrid Benefit licensing.
• Minimize costs.
What should you recommend?
You plan to create an Azure Storage account that will host file shares. The shares will be accessed from on-premises applications that are transaction-intensive.
You need to recommend a solution to minimize latency when accessing the file shares. The solution must provide the highest-level of resiliency for the selected storage tier.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an on-premises network to which you deploy a virtual appliance.
You plan to deploy several Azure virtual machines and connect the on-premises network to Azure by using a Site-to-Site connection.
All network traffic that will be directed from the Azure virtual machines to a specific subnet must flow through the virtual appliance.
You need to recommend solutions to manage network traffic.
Which two options should you recommend? Each correct answer presents a complete solution.
You plan to deploy an application named App1 that will run on five Azure virtual machines. Additional virtual machines will be deployed later to run App1.
You need to recommend a solution to meet the following requirements for the virtual machines that will run App1:
Ensure that the virtual machines can authenticate to Azure Active Directory (Azure AD) to gain access to
an Azure key vault, Azure Logic Apps instances, and an Azure SQL database.
Avoid assigning new roles and permissions for Azure services when you deploy additional virtual machines.
Avoid storing secrets and certificates on the virtual machines.
Which type of identity should you include in the recommendation?
You plan to deploy 10 applications to Azure. The applications will be deployed to two Azure Kubernetes Service (AKS) clusters. Each cluster will be deployed to a separate Azure region.
The application deployment must meet the following requirements:
• Ensure that the applications remain available if a single AKS cluster fails.
• Ensure that the connection traffic over the internet is encrypted by using SSL without having to configure SSL on each container.
Which service should you include in the recommendation?
You are designing an Azure solution.
The network traffic for the solution must be securely distributed by providing the following features:
HTTPS protocol
Round robin routing
SSL offloading
You need to recommend a load balancing option.
What should you recommend?
You have several Azure App Service web apps that use Azure Key Vault to store data encryption keys. Several departments have the following requests to support the web app:
Which service should you recommend for each department's request? To answer, configure the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to recommend an Azure Storage Account configuration for two applications named Application1 and Applications. The configuration must meet the following requirements:
• Storage for Application1 must provide the highest possible transaction rates and the lowest possible latency.
• Storage for Application2 must provide the lowest possible storage costs per GB.
• Storage for both applications must be optimized for uploads and downloads.
• Storage for both applications must be available in an event of datacenter failure.
What should you recommend ? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point
You are designing a microservices architecture that will be hosted in an Azure Kubernetes Service (AKS) cluster. Apps that will consume the microservices will be hosted on Azure virtual machines. The virtual machines and the AKS cluster will reside on the same virtual network.
You need to design a solution to expose the microservices to the consumer apps. The solution must meet the following requirements:
• Ingress access to the microservices must be restricted to a single private IP address and protected by using mutual TLS authentication.
• The number of incoming microservice calls must be rate-limited.
• Costs must be minimized.
What should you include in the solution?
You have an on-premises datacenter named Site1. Site1 contains a VMware vSphere cluster named Cluster1 that hosts 100 virtual machines. Cluster1 is managed by using VMware vCenter.
You have an Azure subscription named Sub1.
You plan to migrate the virtual machines from Cluster1 to Sub1.
You need to identify which resources are required to run the virtual machines in Azure. The solution must minimize administrative effort.
What should you configure? To answer, drag the appropriate resources to the correct targets. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
You have to deploy an Azure SQL database named db1 for your company. The databases must meet the following security requirements
When IT help desk supervisors query a database table named customers, they must be able to see the full number of each credit card
When IT help desk operators query a database table named customers, they must only see the last four digits of each credit card number
A column named Credit Card rating in the customers table must never appear in plain text in the database system. Only client applications must be able to decrypt the information that is stored in this column
Which of the following can be implemented for the Credit Card rating column security requirement?
You have an Azure AD tenant.
You plan to deploy Azure Cosmos DB databases that will use the SQL API.
You need to recommend a solution to provide specific Azure AD user accounts with read access to the Cosmos DB databases.
What should you include in the recommendation?
You have an Azure subscription that is linked to an Azure Active Directory Premium Plan 2 tenant The tenant has multi-factor authentication (MFA) enabled for all users.
You have the named locations shown in the following table.
You have the users shown in the following table.
You plan to deploy the Conditional Access policies shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You ate designing an Azure governance solution.
All Azure resources must be easily identifiable based on the following operational information environment, owner, department and cost center
You need 10 ensure that you can use the operational information when you generate reports for the Azure resources.
What should you include in the solution?
You have an on-premises app named App1 that supports REST calls and webhooks.
You have an Azure subscription.
You plan to develop a new app named App2 that will send a Microsoft Teams message when a new record is added to App1.
You need to recommend a service to host App2 and the type of trigger to use to call App2. The solution must minimize development effort.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to deploy an Azure App Service web app that will have multiple instances across multiple Azure regions.
You need to recommend a load balancing service for the planned deployment. The solution must meet the following requirements:
Maintain access to the app in the event of a regional outage.
Support Azure Web Application Firewall (WAF).
Support cookie-based affinity.
Support URL routing.
What should you include in the recommendation?
You have an Azure subscription that contains an Azure Blob storage account named store1.
You have an on-premises file server named Setver1 that runs Windows Sewer 2016. Server1 stores 500 GB of company files.
You need to store a copy of the company files from Server 1 in store1.
Which two possible Azure services achieve this goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point
You plan to migrate data to Azure.
The IT department at your company identifies the following requirements:
The storage must support 1 PB of data.
The data must be stored in blob storage.
The storage must support three levels of subfolders.
The storage must support access control lists (ACLs).
You need to meet the requirements.
What should you use?
You have two app registrations named App1 and App2 in Azure AD. App1 supports role-based access control (RBAC) and includes a role named Writer.
You need to ensure that when App2 authenticates to access App1, the tokens issued by Azure AD include the Writer role claim.
Which blade should you use to modify each app registration? To answer, drag the appropriate blades to the correct app registrations. Each blade may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
