20+ practice questions focused on Design identity, governance, and monitoring solutions — one of the most tested topics on the Microsoft Azure Solutions Architect Expert AZ-305 exam. Each question includes a detailed explanation so you learn why the right answer is correct.
Start Design identity, governance, and monitoring solutions PracticeA large enterprise wants to enforce zero-trust conditional access policies that use real-time user risk, sign-in risk, and device compliance. Which combination of Microsoft Entra ID features should they use?
Explanation: Microsoft Entra ID Identity Protection provides real-time risk detection for users and sign-ins, while Conditional Access policies can enforce access controls based on those risk signals and device compliance. Together, they enable zero-trust conditional access by blocking or requiring MFA when user or sign-in risk is high, and ensuring only compliant devices can access resources.
A company needs to monitor sign-in logs from multiple Microsoft Entra ID tenants and analyze user sign-in patterns across those tenants. Which Azure solution should they use?
Explanation: Azure Sentinel (now Microsoft Sentinel) is the correct choice because it provides a cloud-native SIEM that can ingest sign-in logs from multiple Microsoft Entra ID tenants via its built-in Microsoft Entra ID connectors. This enables cross-tenant analysis of user sign-in patterns, which is not possible with single-tenant monitoring tools. Sentinel's analytics rules and workbooks allow security teams to detect anomalies and investigate sign-in behaviors across all connected tenants.
A multinational company uses Microsoft Entra ID for identity. They need to grant external partners access to specific SharePoint Online sites. The access must be time-limited and require approval from a resource owner. Which Microsoft Entra ID feature should they use?
Explanation: Microsoft Entra ID Entitlement Management (A) is the correct feature because it enables organizations to manage external partner access to resources like SharePoint Online sites through access packages. These access packages can enforce time-limited access and require approval from designated resource owners, directly meeting the scenario's requirements.
A company has multiple Azure subscriptions and wants to enforce that all administrators must use multi-factor authentication (MFA) when accessing the Azure portal. They also want to monitor and report on any policy changes that affect this enforcement. Which combination of Azure services should they use?
Explanation: Option B is correct because Microsoft Entra ID Conditional Access policies can enforce MFA specifically for Azure management (including the Azure portal), and Azure Monitor with Log Analytics provides the monitoring and reporting of policy changes via the Azure Activity Log. This combination directly addresses both requirements: enforcing MFA for administrators and auditing changes to the Conditional Access policy itself.
A company uses Microsoft Entra ID for identity management. They need to automate the process of granting access to resources for employees and external partners, and require periodic access reviews to ensure compliance. Which Microsoft Entra ID feature should they use?
Explanation: Microsoft Entra ID Entitlement Management is the correct feature because it enables automation of access request workflows for employees and external partners, including time-limited access packages and periodic access reviews to enforce compliance. This directly matches the requirement for granting access and ensuring ongoing governance through reviews.
+15 more Design identity, governance, and monitoring solutions questions available
Practice all Design identity, governance, and monitoring solutions questions1. Baseline your knowledge
Start with 10 questions to gauge your current understanding of Design identity, governance, and monitoring solutions. This tells you whether you need a concept refresher or just practice.
2. Review every explanation
For each question — right or wrong — read the full explanation. Understanding why an answer is correct is more valuable than knowing the answer itself.
3. Focus on exam traps
Design identity, governance, and monitoring solutions questions on the AZ-305 frequently use trap wording. Look for subtle differences in answers that test your precision, not just general knowledge.
4. Reach 80% consistently
Do repeated sessions until you score 80%+ three times in a row. Then move to mixed-mode practice to test cross-topic recall under realistic conditions.
The exact number varies per candidate. Design identity, governance, and monitoring solutions is tested as part of the Microsoft Azure Solutions Architect Expert AZ-305 blueprint. Practicing with targeted Design identity, governance, and monitoring solutions questions ensures you can handle any format or difficulty that appears.
Yes. Courseiva provides free AZ-305 practice questions across all exam topics and domains. The platform includes topic-based practice, mock exams, missed-question review, bookmarked questions, and readiness tracking — no account required.
Difficulty is subjective, but Design identity, governance, and monitoring solutions is a high-priority exam concept tested in multiple ways — direct recall, scenario analysis, and command-output interpretation. Consistent practice is the best way to build confidence.
Launch a full Design identity, governance, and monitoring solutions practice session with instant scoring and detailed explanations.
Start Design identity, governance, and monitoring solutions Practice →