ExamGecko
Home / Microsoft / AZ-104 / List of questions
Ask Question

Microsoft AZ-104 Practice Test - Questions Answers

List of questions

Question 1

Report
Export
Collapse

You discover that VM3 does NOT meet the technical requirements.

You need to verify whether the issue relates to the NSGs.

What should you use?

Diagram in VNet1
Diagram in VNet1
the security recommendations in Azure Advisor
the security recommendations in Azure Advisor
Diagnostic settings in Azure Monitor
Diagnostic settings in Azure Monitor
Diagnose and solve problems in Traffic Manager Profiles
Diagnose and solve problems in Traffic Manager Profiles
IP flow verify in Azure Network Watcher
IP flow verify in Azure Network Watcher
Suggested answer: E

Explanation:

Scenario: Litware must meet technical requirements including:

Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.

IP flow verify checks if a packet is allowed or denied to or from a virtual machine. The information consists of direction, protocol, local IP, remote IP, local port, and remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned. While any source or destination IP can be chosen, IP flow verify helps administrators quickly diagnose connectivity issues from or to the internet and from or to the on-premises environment.

Reference:

https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview

asked 26/09/2024
Kamil Stonjek
36 questions

Question 2

Report
Export
Collapse

You need to meet the technical requirement for VM4.

What should you create and configure?

an Azure Notification Hub
an Azure Notification Hub
an Azure Event Hub
an Azure Event Hub
an Azure Logic App
an Azure Logic App
an Azure services Bus
an Azure services Bus
Suggested answer: B

Explanation:

Scenario: Create a workflow to send an email message when the settings of VM4 are modified.

You can start an automated logic app workflow when specific events happen in Azure resources or third-party resources. These resources can publish those events to an Azure event grid. In turn, the event grid pushes those events to subscribers that have queues, webhooks, or event hubs as endpoints. As a subscriber, your logic app can wait for those events from the event grid before running automated workflows to perform tasks - without you writing any code.

Reference:

https://docs.microsoft.com/en-us/azure/event-grid/monitor-virtual-machine-changes-event-gridlogic-app

asked 26/09/2024
Salman Hashmi
39 questions

Question 3

Report
Export
Collapse

You need to recommend a solution to automate the configuration for the finance department users.

The solution must meet the technical requirements.

What should you include in the recommended?

Azure AP B2C
Azure AP B2C
Azure AD Identity Protection
Azure AD Identity Protection
an Azure logic app and the Microsoft Identity Management (MIM) client
an Azure logic app and the Microsoft Identity Management (MIM) client
dynamic groups and conditional access policies
dynamic groups and conditional access policies
Suggested answer: D

Explanation:

Technically, The finance department needs to migrate their users from AD to AAD using AADC based on the finance OU, and need to enforce MFA use. This is conditional access policy. Employees also often get promotions and/or join other departments and when that occurs, the user's OU attribute will change when the admin puts the user in a new OU, and the dynamic group conditional access exception (OU= [Department Name Value]) will move the user to the appropriate dynamic group on next AADC delta sync.

https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamicmembership

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates

asked 26/09/2024
Ian Wilson
45 questions

Question 4

Report
Export
Collapse

HOTSPOT

You need to the appropriate sizes for the Azure virtual for Server2.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Microsoft AZ-104 image Question 4 84496 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 4 84496 09262024075642000

Explanation:

Box 1: Create a Recovery Services vault

Create a Recovery Services vault on the Azure Portal.

Box 2: Install the Azure Site Recovery Provider

Azure Site Recovery can be used to manage migration of on-premises machines to Azure.

Scenario: Migrate the virtual machines hosted on Server1 and Server2 to Azure.

Server2 has the Hyper-V host role.

Reference:

https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure

asked 26/09/2024
Matias Cordero Ochoa
35 questions

Question 5

Report
Export
Collapse

HOTSPOT

You need to implement Role1.

Which command should you run before you create Role1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Microsoft AZ-104 image Question 5 84497 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 5 84497 09262024075642000

Explanation:

https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershell

Get-AzRoleDefinition -Name "Reader" | ConvertTo-Json

https://docs.microsoft.com/en-us/powershell/module/az.resources/get-azroledefinition?view=azps-5.9.0

https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershell

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/converttojson?view=powershell-7.1

https://docs.microsoft.com/en-us/powershell/module/azuread/getazureaddirectoryrole?view=azureadps-2.0

asked 26/09/2024
Jason Potter
45 questions

Question 6

Report
Export
Collapse

HOTSPOT

You need to meet the connection requirements for the New York office.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Microsoft AZ-104 image Question 6 84498 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 6 84498 09262024075642000

Explanation:

Box 1: Create a virtual network gateway and a local network gateway.

Azure VPN gateway. The VPN gateway service enables you to connect the VNet to the on-premises network through a VPN appliance. For more information, see Connect an on-premises network to a

Microsoft Azure virtual network. The VPN gateway includes the following elements:

Virtual network gateway. A resource that provides a virtual VPN appliance for the VNet. It is responsible for routing traffic from the on-premises network to the VNet.

Local network gateway. An abstraction of the on-premises VPN appliance. Network traffic from the cloud application to the on-premises network is routed through this gateway.

Connection. The connection has properties that specify the connection type (IPSec) and the key shared with the on-premises VPN appliance to encrypt traffic.

Gateway subnet. The virtual network gateway is held in its own subnet, which is subject to various requirements, described in the Recommendations section below.

Box 2: Configure a site-to-site VPN connection

On premises create a site-to-site connection for the virtual network gateway and the local network gateway.

Microsoft AZ-104 image Question 6 explanation 84498 09262024195642000000

Scenario: Connect the New York office to VNet1 over the Internet by using an encrypted connection.

Incorrect Answers:

Azure ExpressRoute: Established between your network and Azure, through an ExpressRoute partner.

This connection is private. Traffic does not go over the internet.

Reference:

https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybridnetworking/ vpn

asked 26/09/2024
David Sichimwi
38 questions

Question 7

Report
Export
Collapse

You need to ensure that VM1 can communicate with VM4. The solution must minimize administrative effort.

What should you do?

Create a user-defined route from VNET1 to VNET3.
Create a user-defined route from VNET1 to VNET3.
Assign VM4 an IP address of 10.0.1.5/24.
Assign VM4 an IP address of 10.0.1.5/24.
Establish peering between VNET1 and VNET3.
Establish peering between VNET1 and VNET3.
Create an NSG and associate the NSG to VMI and VM4.
Create an NSG and associate the NSG to VMI and VM4.
Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal

asked 26/09/2024
Martijn Bot
35 questions

Question 8

Report
Export
Collapse

HOTSPOT

You implement the planned changes for NSG1 and NSG2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Answer:

Microsoft AZ-104 image Question 8 84500 09262024195642000000

Microsoft AZ-104 image Question 8 84500 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 8 84500 09262024075642000

Explanation:

Microsoft AZ-104 image Question 8 explanation 84500 09262024195642000000


asked 26/09/2024
Christopher Dawe
41 questions

Question 9

Report
Export
Collapse

DRAG DROP

You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Microsoft AZ-104 image Question 1 84501 09262024195642000000

Answer:

Microsoft AZ-104 image Question 1 84501 09262024195642000000

Microsoft AZ-104 image Question 9 84501 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 9 84501 09262024075642000

Explanation:

Scenario:

1. Web administrators will deploy Azure web apps for the marketing department.

2. Each web app will be added to a separate resource group.

3. The initial configuration of the web apps will be identical.

4. The web administrators have permission to deploy web apps to resource groups.

Steps:

1 --> Create a resource group, and then deploy a web app to the resource group.

2 --> From the Automation script blade of the resource group , click Add to Library.

3 --> From the Templates service, select the template, and then share the template to the web administrators .

Reference:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/quickstart-createtemplates-use-the-portal

asked 26/09/2024
Elliott Fields
34 questions

Question 10

Report
Export
Collapse

Which blade should you instruct the finance department auditors to use?

Partner information
Partner information
Overview
Overview
Payment methods
Payment methods
Invoices
Invoices
Suggested answer: D

Explanation:

You can opt in and configure additional recipients to receive your Azure invoice in an email. This feature may not be available for certain subscriptions such as support offers, Enterprise Agreements, or Azure in Open.

Select your subscription from the Subscriptions page. Opt-in for each subscription you own. Click Invoices then Email my invoice.

Microsoft AZ-104 image Question 2 explanation 84502 09262024195642000000

Click Opt in and accept the terms.

Scenario: During the testing phase, auditors in the finance department must be able to review all Azure costs from the past week.

Reference: https://docs.microsoft.com/en-us/azure/billing/billing-download-azure-invoice-dailyusage-date

asked 26/09/2024
jitendra makwana
36 questions
Total 659 questions
Go to page: of 66
Search

Related questions