ExpertThis question is part of a case study — click to read the full scenario(Case 51)
CASE STUDY: Global Enterprise Network
Contoso Ltd is a global manufacturing company with 50,000 employees across 30 countries. They currently operate a mix of on-premises infrastructure (500 servers across 5 data centers) and Azure (20 subscriptions with 100+ VMs and various PaaS services). Their annual IT budget is $10 million, with plans to migrate 70% of workloads to Azure within 2 years.
The company needs to reduce IT costs by 30%, improve disaster recovery (current RTO: 24 hours -> target: 2 hours), enhance security posture to meet ISO 27001 and SOC 2 compliance, and enable remote work for 80% of employees. All solutions must support future growth of 20% annually.
Some legacy applications cannot be modified and must run on Windows Server 2012. Network connectivity requires 10 Gbps throughput to Azure with <20ms latency. GDPR compliance mandates that EU customer data must remain in European Azure regions.
QUESTION 1 OF 5:
Contoso needs to connect their 5 global data centers to Azure and provide any-to-any connectivity (e.g., Data Center 1 can talk to Data Center 2 via the Azure backbone). They also need to connect 20 different Azure VNets across 3 regions. They want a managed service that minimizes routing complexity.
Which network topology should you recommend?
AZ-305 · Question 52 · Domain 4.4: Design network solutions
CASE STUDY: Global Enterprise Network
Contoso Ltd is a global manufacturing company with 50,000 employees across 30 countries. They currently operate a mix of on-premises infrastructure (500 servers across 5 data centers) and Azure (20 subscriptions with 100+ VMs and various PaaS services). Their annual IT budget is $10 million, with plans to migrate 70% of workloads to Azure within 2 years.
The company needs to reduce IT costs by 30%, improve disaster recovery (current RTO: 24 hours -> target: 2 hours), enhance security posture to meet ISO 27001 and SOC 2 compliance, and enable remote work for 80% of employees. All solutions must support future growth of 20% annually.
Some legacy applications cannot be modified and must run on Windows Server 2012. Network connectivity requires 10 Gbps throughput to Azure with <20ms latency. GDPR compliance mandates that EU customer data must remain in European Azure regions.
QUESTION 2 OF 5:
To meet the 10 Gbps throughput and <20ms latency requirement for connecting the primary on-premises data center to Azure, you recommend Azure ExpressRoute.
However, the business requires a highly available connectivity architecture. If the ExpressRoute circuit fails, traffic must automatically fail over to a backup connection, even if it operates at a lower bandwidth.
Which TWO actions should you take to design this failover? (Select TWO)
CASE STUDY: Global Enterprise Network
Contoso Ltd is a global manufacturing company with 50,000 employees across 30 countries. They currently operate a mix of on-premises infrastructure (500 servers across 5 data centers) and Azure (20 subscriptions with 100+ VMs and various PaaS services). Their annual IT budget is $10 million, with plans to migrate 70% of workloads to Azure within 2 years.
The company needs to reduce IT costs by 30%, improve disaster recovery (current RTO: 24 hours -> target: 2 hours), enhance security posture to meet ISO 27001 and SOC 2 compliance, and enable remote work for 80% of employees. All solutions must support future growth of 20% annually.
Some legacy applications cannot be modified and must run on Windows Server 2012. Network connectivity requires 10 Gbps throughput to Azure with <20ms latency. GDPR compliance mandates that EU customer data must remain in European Azure regions.
QUESTION 2 OF 5:
To meet the 10 Gbps throughput and <20ms latency requirement for connecting the primary on-premises data center to Azure, you recommend Azure ExpressRoute.
However, the business requires a highly available connectivity architecture. If the ExpressRoute circuit fails, traffic must automatically fail over to a backup connection, even if it operates at a lower bandwidth.
Which TWO actions should you take to design this failover? (Select TWO)
Answer options:
Deploy an Azure VPN Gateway in the same virtual network gateway subnet as the ExpressRoute gateway.
Configure a Site-to-Site VPN connection to the on-premises network.
Deploy a second ExpressRoute circuit from the same peering location and provider.
Configure Azure Traffic Manager to route traffic between ExpressRoute and VPN.
Configure Azure Front Door to route traffic between ExpressRoute and VPN.
How to approach this question
Full Answer
Common mistakes
Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 1
55 questions · hints · full answers · grading