Designing Microsoft Azure Infrastructure Solutions

Here you have the best Microsoft AZ-305 practice exam questions

  • Preview the first 5 of 286 questions for free
  • These questions were last updated on May 5, 2026
  • This site is not affiliated with or endorsed by Microsoft.
Question 1 of 286

You have an Azure subscription that contains a custom application named Application1. Application1 was developed by an external company named Fabrikam,Ltd. Developers at Fabrikam were assigned role-based access control (RBAC) permissions to the Application1 components. All users are licensed for theMicrosoft 365 E5 plan.

You need to recommend a solution to verify whether the Fabrikam developers still require permissions to Application1. The solution must meet the following requirements:

✑ To the manager of the developers, send a monthly email message that lists the access permissions to Application1.

✑ If the manager does not verify an access permission, automatically revoke that permission.

✑ Minimize development effort.

What should you recommend?

Answer

Suggested Answer

The suggested answer is A.

To meet the requirements of verifying whether the Fabrikam developers still need access to Application1 and to minimize development effort, the best solution is to use an access review in Azure Active Directory. An access review allows administrators to send periodic notifications to managers, listing current permissions. If the permissions are not verified, the access can be automatically revoked. This solution is configuration-based and does not require custom development, meeting both the notification and automated revocation requirements efficiently.

Community Votes60 votes
ASuggested
98%
D
2%
Question 2 of 286

You have an Azure subscription. The subscription has a blob container that contains multiple blobs.

Ten users in the finance department of your company plan to access the blobs during the month of April.

You need to recommend a solution to enable access to the blobs during the month of April only.

Which security solution should you include in the recommendation?

Answer

Suggested Answer

The suggested answer is A.

Shared Access Signatures (SAS) are the correct solution as they allow for the specification of an expiration date and time, providing controlled and time-limited access to resources in an Azure Storage account. This fits the requirement of enabling access only during the month of April. SAS tokens can be precisely configured to expire at the end of April, automatically revoking access thereafter. Conditional Access policies, certificates, and access keys do not offer this level of granular time-based control specific to Azure Storage resources.

Community Votes42 votes
ASuggested
100%
Question 3 of 286

You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active Directory domain.

You have an internal web app named WebApp1 that is hosted on-premises.

WebApp1 uses Integrated Windows authentication.

Some users work remotely and do NOT have VPN access to the on-premises network.

You need to provide the remote users with single sign-on (SSO) access to WebApp1.

Which two features should you include in the solution? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Answer

Suggested Answer

The suggested answer is A, E.

To provide remote users with single sign-on (SSO) access to an on-premises web app that uses Integrated Windows authentication, without VPN access, you should use Azure AD Application Proxy and Azure AD enterprise applications. Azure AD Application Proxy allows you to securely publish the on-premises web app to the internet, enabling remote access without the need for a VPN. Azure AD enterprise applications enable Azure AD to manage the authentication and authorization for the app, providing the necessary SSO capabilities.

Community Votes63 votes
AESuggested
98%
AD
2%
Question 4 of 286

You have an Azure Active Directory (Azure AD) tenant named contoso.com that has a security group named Group1. Group1 is configured for assigned membership. Group1 has 50 members, including 20 guest users.

You need to recommend a solution for evaluating the membership of Group1. The solution must meet the following requirements:

  • The evaluation must be repeated automatically every three months.
  • Every member must be able to report whether they need to be in Group1.
  • Users who report that they do not need to be in Group1 must be removed from Group1 automatically.
  • Users who do not report whether they need to be in Group1 must be removed from Group1 automatically.

What should you include in the recommendation?

Answer

Suggested Answer

The suggested answer is C.

An access review in Azure AD is the best solution for evaluating the membership of Group1. It allows setting up periodic evaluations, in this case, every three months, and enables each member to review and report their need for continued membership in the group. Those who do not respond or report that they do not need access can be automatically removed from the group, fulfilling all the specified requirements.

Community Votes44 votes
CSuggested
98%
D
2%
Question 5 of 286
HOTSPOT -
You plan to deploy Azure Databricks to support a machine learning application. Data engineers will mount an Azure Data Lake Storage account to the Databricks file system. Permissions to folders are granted directly to the data engineers.
You need to recommend a design for the planned Databrick deployment. The solution must meet the following requirements:
✑ Ensure that the data engineers can only access folders to which they have permissions.
✑ Minimize development effort.
✑ Minimize costs.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Exam AZ-305: Question 5 - Image 1
Answer

Suggested Answer

Box 1: Premium -
Premium Databricks SKU is required for credential passhtrough.

Box 2: Credential passthrough -
Athenticate automatically to Azure Data Lake Storage Gen1 (ADLS Gen1) and Azure Data Lake Storage Gen2 (ADLS Gen2) from Azure Databricks clusters using the same Azure Active Directory (Azure AD) identity that you use to log into Azure Databricks. When you enable Azure Data Lake Storage credential passthrough for your cluster, commands that you run on that cluster can read and write data in Azure Data Lake Storage without requiring you to configure service principal credentials for access to storage.
Reference:
https://docs.microsoft.com/en-us/azure/databricks/security/credential-passthrough/adls-passthrough Exam AZ-305: Question 5 - Image 2

281 more questions await

Unlock the full Microsoft AZ-305 question bank

5 of 286 completed2%

Choose your plan

One-time payment · No subscription · No hidden fees

Standard

Quick preparation

$25

30 days access

30 day access to all questions
Instant free updates
Highest passing rate in industry
Printable PDF download
No money-back guarantee
Best Value

Premium

Guaranteed success

$60$35

90 days access

PDF

Printable PDF download

New

Save every question as a PDF for offline study or printing.

90 day access to all questions
Instant free updates
Highest passing rate in industry
Pass guaranteed or money back

100% Money-Back Guarantee

Don't pass? Full refund.

4.9/5

Based on 4,508+ reviews

Trusted by thousands of professionals

Join certified professionals who passed their exams with Examice

Examice helped me pass my AWS certification on the first try! The questions were incredibly similar to the real exam. Comments helped me understand answers I was struggling with.
S
Sarah C.
Cloud Engineer
Great results in a short prep time. Passed on my first attempt.
D
David K.
Network Engineer
I needed to pass an exam for work, and this website delivered. The quality for the price is outstanding, and the support is really good. I passed without issues.
M
Michael R.
Security Analyst
Skeptical at first, but impressed. Every question included clear, detailed explanations.
L
Lisa M.
Solutions Architect
The guarantee gave me confidence to invest in the premium package. Turns out I didn't need it. Passed comfortably. The explanations for each answer were incredibly detailed and helped me grasp security concepts that I'd been struggling with for months.
R
Robert H.
Cybersecurity Consultant
Used Examice for my PMP certification. The questions were well structured and covered all exam domains thoroughly.
J
James T.
IT Manager
After failing my first attempt with other study materials, I switched to Examice and passed confidently on my second attempt.
A
Anna W.
Data Engineer
The premium package was worth it. 90 days of access gave me the flexibility to study when it worked for me, without feeling rushed.
E
Emily J.
DevOps Engineer
Straightforward questions that matched the real exam perfectly. Studied for two weeks and passed with a great score.
K
Karen P.
Systems Administrator

Frequently Asked Questions

Everything you need to know. Contact us for more.

Our Microsoft AZ-305 questions are based on real exam experiences and are continuously updated to match the current exam format. We maintain a +99% pass rate because our questions closely mirror what you'll see on the actual exam.

With our Premium package, you get a 100% money-back guarantee. If you don't pass your exam after studying with our materials, simply contact us with your exam results and we'll refund your purchase. Terms and conditions apply, read our full refund policy to learn more.

Our question bank is updated regularly based on feedback from recent exam takers. We typically review and update our content every week with reports about new questions or changes to the exam format.

Standard package access cannot be extended. However, Premium package gives you 90 days which is typically more than enough time to prepare thoroughly. If you need additional time, you can purchase a new package at any time.

This is a one-time payment with no recurring charges. Once you purchase, you get full access to all exam questions for the duration of your package (30 days for Standard, 90 days for Premium). No hidden fees or automatic renewals.

Pass on your first try

All 286questions · Detailed explanations · Printable PDF · 90 days access

Money-back guaranteeSecure checkout
$35

one-time payment