Courseiva
Back to Microsoft Azure Solutions Architect Expert AZ-305 questions

Scenario-based practice

AZ-305 Which Command Should the Administrator Use Practice Questions

Use this page to practise AZ-305 Which Command Should the Administrator Use Practice Questions practice questions. The goal is not to memorise dumps, but to understand the concept, review the explanation and improve your exam readiness.

Start full practice testRead exam guide
15
scenario questions
AZ-305
exam code
Microsoft
vendor

Scenario guide

How to approach which command should the administrator use practice questions

Practise command-choice questions where the task is to identify the correct verification, configuration or troubleshooting command.

Quick answer

Which Command Should the Administrator Use Practice Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related AZ-305 topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

SAA-C03 VPC practice questions

Practise AZ-305 questions linked to SAA-C03 VPC.

SAA-C03 S3 lifecycle policy questions

Practise AZ-305 questions linked to SAA-C03 S3 lifecycle policy questions.

SAA-C03 RDS Multi-AZ questions

Practise AZ-305 questions linked to SAA-C03 RDS Multi-AZ questions.

SAA-C03 IAM policy practice questions

Practise AZ-305 questions linked to SAA-C03 IAM policy.

SAA-C03 Route 53 failover questions

Practise AZ-305 questions linked to SAA-C03 Route 53 failover questions.

SAA-C03 CloudFront practice questions

Practise AZ-305 questions linked to SAA-C03 CloudFront.

SAA-C03 NAT gateway questions

Practise AZ-305 questions linked to SAA-C03 NAT gateway questions.

SAA-C03 VPC endpoint questions

Practise AZ-305 questions linked to SAA-C03 VPC endpoint questions.

SAA-C03 Auto Scaling practice questions

Practise AZ-305 questions linked to SAA-C03 Auto Scaling.

SAA-C03 disaster recovery questions

Practise AZ-305 questions linked to SAA-C03 disaster recovery questions.

SAA-C03 high availability questions

Practise AZ-305 questions linked to SAA-C03 high availability questions.

SAA-C03 cost optimization questions

Practise AZ-305 questions linked to SAA-C03 cost optimization questions.

Practice set

Practice scenarios

Question 1hardmultiple choice
Full question →

A company has a hub-spoke network topology in Azure. They have multiple spoke VNets connected to a hub VNet via peering. They need to ensure that all east-west traffic between spoke VNets goes through a network virtual appliance (NVA) in the hub for inspection. Additionally, all outbound internet traffic from spoke VMs must use a single public IP address. What should they configure?

Full question →
Question 2mediummultiple choice
Full question →

A company backs up their Azure VMs using Azure Backup. They need to meet compliance that requires backups to be stored in a separate geographic region. Additionally, they want to be able to restore the entire VM to that secondary region in case of a regional disaster. What should they configure?

Full question →
Question 3hardmultiple choice
Full question →

A company needs to store large amounts of unstructured data (log files) for analytics. The data is accessed frequently for the first 30 days, then occasionally for the next 90 days, and rarely after that but must be retained for 7 years for compliance. The data must not be modified or deleted during the retention period, and administrative access must not be able to bypass this restriction. They want to minimize storage costs. Which combination of Azure Blob Storage features should they configure?

Full question →
Question 4easymultiple choice
Full question →

A company uses Microsoft Entra ID (Microsoft Entra ID). They want to automatically detect identity risks, such as users with leaked credentials or sign-ins from anonymous IP addresses, and generate alerts. They also want to automatically trigger a password reset for high-risk users. Which Microsoft Entra ID feature should they configure?

Full question →
Question 5mediummultiple choice
Full question →

A company uses Microsoft Entra ID. They want to integrate their security operations with a third-party SIEM tool. They need to export all Microsoft Entra ID sign-in logs and audit logs to the SIEM for analysis. The solution should be automated and near real-time. Which Azure service should they configure?

Full question →
Question 6easymultiple choice
Full question →

A company uses Microsoft Entra ID (Microsoft Entra ID) Premium P2. They want to enforce that users accessing sensitive cloud applications from outside the corporate network must use multi-factor authentication (MFA). Which Microsoft Entra ID feature should they configure?

Full question →
Question 7mediummultiple choice
Full question →

A company uses Microsoft Entra ID (Microsoft Entra ID) and Microsoft Intune. They want to block all access to internal corporate applications from devices that are not enrolled in Intune and do not meet the company's compliance policies. The solution must apply to all cloud app access seamlessly. Which Microsoft Entra ID feature should they configure?

Full question →
Question 8hardmultiple choice
Full question →

A company uses Microsoft Entra ID (Microsoft Entra ID) and Microsoft Intune. They want to block access to all corporate cloud applications (e.g., Office 365, Azure portal) from devices that are not enrolled in Intune or do not meet the company's compliance policies. The solution must work seamlessly for all cloud apps without requiring per-app configuration. Which Microsoft Entra ID feature should they configure?

Full question →
Question 9mediummultiple choice
Full question →

A company stores large amounts of log data in Azure Blob Storage. Logs are accessed frequently for the first 30 days, then rarely accessed afterward, but must be retained for 7 years for compliance. The company wants to minimize storage costs. They need to configure automatic data movement and retention policies. Which combination of Azure Blob Storage access tiers and lifecycle management policy should they use?

Full question →
Question 10mediummultiple choice
Full question →

A company uses Microsoft Entra ID (Microsoft Entra ID) for identity management. They want to automatically detect sign-in risks such as sign-ins from unfamiliar locations, anonymous IP addresses, or leaked credentials. Based on the risk level, they want to apply different controls: for low-risk sign-ins, show a message but allow access; for medium-risk sign-ins, require multi-factor authentication (MFA); for high-risk sign-ins, block the sign-in. They also need to receive a weekly summary report of risk events. Which Microsoft Entra ID feature should they configure?

Full question →
Question 11easymultiple choice
Full question →

A company uses Microsoft Entra ID (Microsoft Entra ID). They want to allow external business partners to access an internal web application using their own organizational identities. The solution must support self-service sign-up and enforce multi-factor authentication for partner users. Which Microsoft Entra ID feature should they configure?

Full question →
Question 12mediummultiple choice
Full question →

A company uses Microsoft Entra ID (Microsoft Entra ID) for identity management. They want to enforce that only devices compliant with security policies (e.g., BitLocker enabled, antivirus running) can access corporate cloud applications (Microsoft 365 and custom SaaS apps). They also need a dashboard to monitor device compliance status. Which Microsoft Entra ID feature(s) should they configure?

Full question →
Question 13hardmultiple choice
Full question →

A company runs a mission-critical application on Azure virtual machines (VMs) in the West US region. The application consists of multiple VMs that must be recovered in a specific order during a disaster: database VM first, then application VMs, then web VMs. They also require that after failover to East US, the VMs retain their private IP addresses to avoid DNS updates. The recovery point objective (RPO) is 5 minutes and recovery time objective (RTO) is 30 minutes. The company needs to perform quarterly disaster recovery tests without impacting production. Which combination of Azure Site Recovery features should they configure?

Full question →
Question 14mediummultiple choice
Full question →

A company runs a multi-tier application on Azure VMs. The application has front-end and back-end VMs that must be started in a specific order during failover (front-end first, then back-end). The company uses Azure Site Recovery to replicate to a secondary region. After failover, they also need to run custom PowerShell scripts to update DNS records. Which Azure Site Recovery feature should they configure?

Full question →
Question 15mediummultiple choice
Full question →

A company runs a mission-critical multi-tier application on Azure VMs in West US. The application consists of database VMs, application VMs, and web VMs. During a disaster, the VMs must be recovered in a specific order: database tier first, then application tier, then web tier. The recovery point objective (RPO) is 5 minutes and recovery time objective (RTO) is 15 minutes. The company wants to periodically test the recovery process without impacting production. After failover to East US, the VMs must retain their private IP addresses to avoid DNS propagation delays. Which combination of Azure Site Recovery features should they configure?

Full question →

These AZ-305 practice questions are part of Courseiva's free Microsoft certification practice question bank. Courseiva provides original exam-style AZ-305 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.