Q: CASE STUDY: Tailspin Toys Tailspin Toys is a global manufacturing company with 50,000 employees across 30 countries. They currently operate a mix of on-premises infrastructure (500 servers across 5 data centers) and Azure (20 subscriptions with 100+ VMs and various PaaS services). Their annual IT budget is $50 million, with plans to migrate 70% of workloads to Azure within 2 years. Business Requirements: The company needs to reduce IT costs by 30%, improve disaster recovery (current RTO: 24 hours -> target: 2 hours), enhance security posture to meet ISO 27001 and SOC 2 compliance, and enable remote work for 80% of employees. All solutions must support future growth of 20% annually. Technical Constraints: Some legacy applications cannot be modified and must run on Windows Server 2012. Network connectivity requires 10 Gbps throughput to Azure with <20ms latency. GDPR compliance mandates that EU customer data must remain in European Azure regions. You need to design the identity and access management solution to support the remote work requirement while meeting the strict security compliance standards. Which TWO features should you include in your design? (Select TWO)

Focus on 'remote work for employees' and 'security compliance'. You need solutions that verify user identity and context.

Q: What mistakes do candidates make on this AZ-305 question?

Selecting Azure AD Domain Services thinking it's required for remote workers to authenticate to legacy apps, but Conditional Access + MFA is the primary security boundary.

Question 1

CASE STUDY: Tailspin Toys

Tailspin Toys is a global manufacturing company with 50,000 employees across 30 countries. They currently operate a mix of on-premises infrastructure (500 servers across 5 data centers) and Azure (20 subscriptions with 100+ VMs and various PaaS services). Their annual IT budget is $50 million, with plans to migrate 70% of workloads to Azure within 2 years.

Business Requirements: The company needs to reduce IT costs by 30%, improve disaster recovery (current RTO: 24 hours -> target: 2 hours), enhance security posture to meet ISO 27001 and SOC 2 compliance, and enable remote work for 80% of employees. All solutions must support future growth of 20% annually.

Technical Constraints: Some legacy applications cannot be modified and must run on Windows Server 2012. Network connectivity requires 10 Gbps throughput to Azure with <20ms latency. GDPR compliance mandates that EU customer data must remain in European Azure regions.

You need to design the identity and access management solution to support the remote work requirement while meeting the strict security compliance standards.

Which TWO features should you include in your design? (Select TWO)

Accepted Answer

Focus on 'remote work for employees' and 'security compliance'. You need solutions that verify user identity and context.

Question 2

What mistakes do candidates make on this AZ-305 question?

Accepted Answer

Selecting Azure AD Domain Services thinking it's required for remote workers to authenticate to legacy apps, but Conditional Access + MFA is the primary security boundary.

How to approach this question

Full Answer

Common mistakes

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 4

More questions from this exam