ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-305 All Questions

View all questions & answers for the AZ-305 exam
Go to Exam

Exam AZ-305 topic 1 question 15 discussion

Actual exam question from Microsoft's AZ-305
Question #: 15
Topic #: 1
[All AZ-305 Questions]

DRAG DROP -
You need to design an architecture to capture the creation of users and the assignment of roles. The captured data must be stored in Azure Cosmos DB.
Which services should you include in the design? To answer, drag the appropriate services to the correct targets. Each service may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1: Azure Event Hubs -
You can route Azure Active Directory (Azure AD) activity logs to several endpoints for long term retention and data insights.
The Event Hub is used for streaming.

Box 2: Azure Function -
Use an Azure Function along with a cosmos DB change feed, and store the data in Cosmos DB.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-activity-logs-azure-monitor
by santi1975 at Aug. 31, 2022, 6:09 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
santi1975
Highly Voted 2 years, 7 months ago
Although may seem a bit surprising, seems correct: 1. Event Hub: You can export AD logs to an Azure Event Hub (even you can cherry picking which ones) https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/tutorial-azure-monitor-stream-logs-to-event-hub 2. Azure Function: You easily create a serverless function to read events from the Event Hub and store them in a CosmosDB. https://docs.microsoft.com/en-us/azure/azure-functions/functions-event-hub-cosmos-db?tabs=bash
upvoted 59 times
...
nkccorp
Highly Voted 2 years, 3 months ago
While Azure Event Hubs can be used to capture and process events, it is generally not the best choice for capturing events related to user creation and role assignment. This is because Azure Event Hubs is primarily designed for large-scale, real-time data streaming, and is not well-suited for capturing individual events or triggering downstream actions.
upvoted 17 times
...
Ekramy_Elnaggar
Most Recent 1 month ago
the given answer is correct, when you try to configure Azure AD Audit Logs "Diagonostic Settings" to export the audit logs you have only 4 available destinations: 1. Send to Log Analytics workspace 2. Archive to a storage account 3. Stream to an event hub 4. Send to partner solution So, Event Hub is the correct answer not Event Grid
upvoted 2 times
...
ahhatem
1 month, 1 week ago
While Event Grid looks suitable, it is not supported! Neither in EntraID diagnostic settings nor in a Log Analytics Workspace! Both support sending to storage account or event hub..
upvoted 2 times
...
[Removed]
5 months, 2 weeks ago
CORRECT
upvoted 2 times
...
Thanveer
6 months ago
Azure Event Grid -> Azure Functions -> Cosmos DB. Azure event grid push the data Azure event hub pull the data these are the difference and key words
upvoted 7 times
Thanveer
4 months, 3 weeks ago
To design an architecture for capturing user creation and role assignment with data stored in Azure Cosmos DB, you can use the following services: 1. **Azure Event Grid**: This service can be used to route events such as user creation or role assignment to other services like Azure Functions. 2. **Azure Functions**: These serverless functions can be triggered by events from Azure Event Grid to process the data and interact with Azure Cosmos DB. 3. **Azure Cosmos DB**: This is your primary data store for capturing user and role information. Azure Event Hub is not necessary for this specific scenario, as it is typically used for big data streaming and event ingestion at scale, which is not required for capturing user creation and role assignment events.
upvoted 4 times
...
...
MeisAdriano
6 months, 1 week ago
WRONG. Artificial Intelligence answer: Azure Active Directory Log -> Azure Event Grid -> Azure Functions -> Cosmos DB. Azure Event Hubs is great for ingesting and processing large volumes of event data or telemetry, like data from IoT devices or application logs. However, in this scenario, you’re looking to capture and process specific events from Azure Active Directory logs and send them to Cosmos DB. Event Grid is more suitable because it’s designed for delivering discrete events, like user creation and role assignment, with low latency. Event Hubs would be overkill for this task and isn't as streamlined for the specific event-driven architecture needed here. So, Event Grid and Azure Functions are a more efficient choice. Make sense?
upvoted 3 times
...
23169fd
10 months, 1 week ago
Given answer is correct. Azure Event Grid is better suited for event routing and notification scenarios, whereas Azure Event Hubs is designed for high-throughput data streaming and processing, which is more appropriate for capturing and handling large volumes of Azure AD events. Azure Functions: Purpose: Processes and transforms the captured events. Functionality: Subscribes to Event Hubs, processes the events, and writes the data to Azure Cosmos DB.
upvoted 2 times
...
semse27
1 year ago
For people who says it's Azure Event Grid.. i mean, it doesn't really specify how many users is going to be created, so shouldn't we assume it's infinite? Azure Event Grid is primarily focused on discrete events, meaning individual state changes or notifications. While it can handle some volume, it's not designed for the continuous, high-throughput data streams common with user activity tracking. That's why I would go with: -Azure Event Hubs -Azure Functions.
upvoted 3 times
...
Somnath711
1 year ago
Event Grid + Azure Function https://learn.microsoft.com/en-us/azure/event-grid/microsoft-entra-events Event Hub can also serve the purpose but it would be costly and heavy weight solution
upvoted 3 times
...
Spikeone
1 year, 1 month ago
I'd sadly agree with event hubs - the link often posted here: https://learn.microsoft.com/en-us/entra/identity/monitoring-health/howto-stream-logs-to-event-hub?tabs=splunk If you follow the steps under Stream logs to an event hub: Browse to Identity > Monitoring & health > Diagnostic settings. You can also select Export Settings from either the Audit Logs or Sign-ins page. There are only 4 options as follows: * Send to Log Analytics workspace * Archive to a storage account * Stream to an event hub * Send to partner solution So, no grid I guess.
upvoted 5 times
...
RanOlfati
1 year, 1 month ago
Event Grid makes more sense to me. Event Hub is a waste of money for this scenario. Remember, it's an architect-level exam.
upvoted 1 times
...
dave22339
1 year, 1 month ago
H C FUNCTION B S M O
upvoted 1 times
...
Harkonnen
1 year, 2 months ago
If your primary goal is to capture user creation and role assignment events for the purpose of auditing, monitoring, or responding to these events in near real-time, Azure Event Grid is a more suitable choice. It's lightweight, easier to set up for event-driven scenarios, and integrates well with serverless Azure Functions for event handling. On the other hand, if you have massive data streams, complex event processing, or scenarios involving large-scale data analytics, Azure Event Hubs might be a better fit.
upvoted 1 times
xRiot007
1 year, 2 months ago
"If your primary goal is to capture user creation and role assignment events for the purpose of auditing, monitoring, or responding to these events in near real-time" - that is not the primary goal. The primary goal is to collect and store audit logs.
upvoted 1 times
...
TomdeBom
1 year, 2 months ago
Capturing audit logs to a destination is done via Diagnostic settings in MS Entra ID. Multiple destinations can be selected, but event grid is not one of them. The destinations you can select are: log analytic workspace, storage acount, event hub and a partner solution.
upvoted 5 times
...
...
rojeck
1 year, 7 months ago
Event hub + Azure Function is correct https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/serverless/event-processing
upvoted 1 times
...
TiredofTesting
1 year, 7 months ago
https://azurelessons.com/azure-event-hub-vs-event-grid/ Azure Event Hub is responsible for the ingestion of data without sending data back to the publishers. Azure event grid is -> Responsible for notifying the events that occurred on the publisher’s end with the help of HTTP requests. So 1) Azure event hub 2) Azure Function
upvoted 3 times
...
skipandsnow
1 year, 8 months ago
Will go for Event grid + Azure function while grid is more suitable for audit logs
upvoted 4 times
ConanBarb
1 year, 7 months ago
Absolutely Grid. Read here for Grid vs Hub (Hub is for big data/real-time ingestion) https://learn.microsoft.com/en-us/azure/service-bus-messaging/compare-messaging-services
upvoted 1 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago