Free · No account needed · No credit card

Microsoft Azure Database Administrator Associate DP-300 Practice Test

953 questions with instant explanations, domain breakdown, and wrong-answer analysis. Built for the real exam.

Instant feedback after each answer
Full explanations included
Domain score breakdown
Real exam: 120 min
Pass mark: 700%

Sample questions with explanations

This is exactly what you see during practice — question, options, and a full explanation after you answer.

Q1Implement a secure environmentmedium
Full explanation →

You are configuring Azure SQL Database firewall rules for a new application. The application runs on Azure VMs in the same region. To minimize latency and security risk, which approach should you use?

AAdd a firewall rule allowing all Azure IP addresses.
Configure a virtual network service endpoint and a virtual network firewall rule.Correct
CAdd a firewall rule for each VM's public IP address.
DAdd a firewall rule allowing all Azure services to access the database.

Option B is correct because using a virtual network service endpoint and a virtual network firewall rule allows Azure SQL Database to accept traffic only from the specific subnet hosting the application VMs, without exposing the database to the public internet. This minimizes lat…Read full explanation

Q2Implement a secure environmenteasy
Full explanation →

You need to audit all successful and failed login attempts to an Azure SQL Database. Which feature should you enable?

Azure SQL AuditingCorrect
BAdvanced Threat Protection
CTransparent Data Encryption (TDE)
DSQL Vulnerability Assessment

Azure SQL Auditing is the correct feature because it tracks database events, including both successful and failed login attempts, and writes them to an audit log in your Azure Storage account, Log Analytics workspace, or Event Hubs. This allows you to monitor and review authentic…Read full explanation

Q3Implement a secure environmenthard
Full explanation →

Your company has a strict policy that Azure SQL Database backups must be encrypted with customer-managed keys stored in Azure Key Vault. You configure TDE with AKV integration. After a key rotation, you find that long-running queries start failing with encryption errors. What is the most likely cause?

AThe service principal used for AKV access has expired.
The previous key version was disabled or deleted in AKV.Correct
CThe new key is in a different Azure region than the database.
DThe database is using service-managed TDE and cannot switch to customer-managed keys.

When TDE is configured with Azure Key Vault (AKV) integration, the database uses the current key version from AKV to encrypt and decrypt data. If the previous key version is disabled or deleted during a key rotation, any long-running queries that still rely on that specific key v…Read full explanation

Untimed Practice

Answer at your own pace. Explanation and domain tag shown immediately after each answer.

Timed Practice

Countdown timer starts immediately. Results and domain scores shown at the end — just like the real exam.

Why practice here?

Full explanations on every question

Not just the right answer — you get exactly why each wrong option is wrong, so you learn the concept, not the answer.

Domain score breakdown

After each session see your score by exam domain so you know exactly where to focus study time.

100% free, forever

No subscription, no trial, no email wall. Start a session in under 10 seconds.

Exam-style questions

Scenario-based, precise wording, realistic distractors — written to match what you actually see on exam day.

← All DP-300 questionsDP-300 exam guideStudy guidePractice by domain