ExamGecko
Search Search Login
Home Home / Microsoft / AZ-104

Microsoft AZ-104 Practice Test - Questions Answers

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You need to the appropriate sizes for the Azure virtual for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
DRAG DROP You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Answer:
HOTSPOT You need to implement Role1. Which command should you run before you create Role1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev. You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group. Solution: On Dev, you assign the Contributor role to the Developers group. Does this meet the goal?
You discover that VM3 does NOT meet the technical requirements. You need to verify whether the issue relates to the NSGs. What should you use?
Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft Entra tenant named contoso.com. You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the 500 external users. Solution; From Microsoft Entra ID in the Azure portal, you use the Bulk invite users' operation. Does this meet the goal?
You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements. Which storage account should you identify?
HOTSPOT You need to create storage5. The solution must support the planned changes. Which type of storage account should you use, and which account should you configure as the destination storage account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You need to identify the storage requirements for Contoso. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Which blade should you instruct the finance department auditors to use?

Question 1

Report
Export
Collapse

You discover that VM3 does NOT meet the technical requirements.

You need to verify whether the issue relates to the NSGs.

What should you use?

A.
Diagram in VNet1
A.
Diagram in VNet1
Answers
B.
the security recommendations in Azure Advisor
B.
the security recommendations in Azure Advisor
Answers
C.
Diagnostic settings in Azure Monitor
C.
Diagnostic settings in Azure Monitor
Answers
D.
Diagnose and solve problems in Traffic Manager Profiles
D.
Diagnose and solve problems in Traffic Manager Profiles
Answers
E.
IP flow verify in Azure Network Watcher
E.
IP flow verify in Azure Network Watcher
Answers
Suggested answer: E

Explanation:

Scenario: Litware must meet technical requirements including:

Ensure that VM3 can establish outbound connections over TCP port 8080 to the applications servers in the Montreal office.

IP flow verify checks if a packet is allowed or denied to or from a virtual machine. The information consists of direction, protocol, local IP, remote IP, local port, and remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned. While any source or destination IP can be chosen, IP flow verify helps administrators quickly diagnose connectivity issues from or to the internet and from or to the on-premises environment.

Reference:

https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview

Question 2

Report
Export
Collapse

You need to meet the technical requirement for VM4.

What should you create and configure?

A.
an Azure Notification Hub
A.
an Azure Notification Hub
Answers
B.
an Azure Event Hub
B.
an Azure Event Hub
Answers
C.
an Azure Logic App
C.
an Azure Logic App
Answers
D.
an Azure services Bus
D.
an Azure services Bus
Answers
Suggested answer: B

Explanation:

Scenario: Create a workflow to send an email message when the settings of VM4 are modified.

You can start an automated logic app workflow when specific events happen in Azure resources or third-party resources. These resources can publish those events to an Azure event grid. In turn, the event grid pushes those events to subscribers that have queues, webhooks, or event hubs as endpoints. As a subscriber, your logic app can wait for those events from the event grid before running automated workflows to perform tasks - without you writing any code.

Reference:

https://docs.microsoft.com/en-us/azure/event-grid/monitor-virtual-machine-changes-event-gridlogic-app

Question 3

Report
Export
Collapse

You need to recommend a solution to automate the configuration for the finance department users.

The solution must meet the technical requirements.

What should you include in the recommended?

A.
Azure AP B2C
A.
Azure AP B2C
Answers
B.
Azure AD Identity Protection
B.
Azure AD Identity Protection
Answers
C.
an Azure logic app and the Microsoft Identity Management (MIM) client
C.
an Azure logic app and the Microsoft Identity Management (MIM) client
Answers
D.
dynamic groups and conditional access policies
D.
dynamic groups and conditional access policies
Answers
Suggested answer: D

Explanation:

Technically, The finance department needs to migrate their users from AD to AAD using AADC based on the finance OU, and need to enforce MFA use. This is conditional access policy. Employees also often get promotions and/or join other departments and when that occurs, the user's OU attribute will change when the admin puts the user in a new OU, and the dynamic group conditional access exception (OU= [Department Name Value]) will move the user to the appropriate dynamic group on next AADC delta sync.

https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamicmembership

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates

Question 4

Report
Export
Collapse

HOTSPOT

You need to the appropriate sizes for the Azure virtual for Server2.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question 4
Correct answer: Question 4

Explanation:

Box 1: Create a Recovery Services vault

Create a Recovery Services vault on the Azure Portal.

Box 2: Install the Azure Site Recovery Provider

Azure Site Recovery can be used to manage migration of on-premises machines to Azure.

Scenario: Migrate the virtual machines hosted on Server1 and Server2 to Azure.

Server2 has the Hyper-V host role.

Reference:

https://docs.microsoft.com/en-us/azure/site-recovery/migrate-tutorial-on-premises-azure

Question 5

Report
Export
Collapse

HOTSPOT

You need to implement Role1.

Which command should you run before you create Role1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question 5
Correct answer: Question 5

Explanation:

https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershell

Get-AzRoleDefinition -Name "Reader" | ConvertTo-Json

https://docs.microsoft.com/en-us/powershell/module/az.resources/get-azroledefinition?view=azps-5.9.0

https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershell

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/converttojson?view=powershell-7.1

https://docs.microsoft.com/en-us/powershell/module/azuread/getazureaddirectoryrole?view=azureadps-2.0

Question 6

Report
Export
Collapse

HOTSPOT

You need to meet the connection requirements for the New York office.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question 6
Correct answer: Question 6

Explanation:

Box 1: Create a virtual network gateway and a local network gateway.

Azure VPN gateway. The VPN gateway service enables you to connect the VNet to the on-premises network through a VPN appliance. For more information, see Connect an on-premises network to a

Microsoft Azure virtual network. The VPN gateway includes the following elements:

Virtual network gateway. A resource that provides a virtual VPN appliance for the VNet. It is responsible for routing traffic from the on-premises network to the VNet.

Local network gateway. An abstraction of the on-premises VPN appliance. Network traffic from the cloud application to the on-premises network is routed through this gateway.

Connection. The connection has properties that specify the connection type (IPSec) and the key shared with the on-premises VPN appliance to encrypt traffic.

Gateway subnet. The virtual network gateway is held in its own subnet, which is subject to various requirements, described in the Recommendations section below.

Box 2: Configure a site-to-site VPN connection

On premises create a site-to-site connection for the virtual network gateway and the local network gateway.

Scenario: Connect the New York office to VNet1 over the Internet by using an encrypted connection.

Incorrect Answers:

Azure ExpressRoute: Established between your network and Azure, through an ExpressRoute partner.

This connection is private. Traffic does not go over the internet.

Reference:

https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybridnetworking/ vpn

Question 7

Report
Export
Collapse

You need to ensure that VM1 can communicate with VM4. The solution must minimize administrative effort.

What should you do?

A.
Create a user-defined route from VNET1 to VNET3.
A.
Create a user-defined route from VNET1 to VNET3.
Answers
B.
Assign VM4 an IP address of 10.0.1.5/24.
B.
Assign VM4 an IP address of 10.0.1.5/24.
Answers
C.
Establish peering between VNET1 and VNET3.
C.
Establish peering between VNET1 and VNET3.
Answers
D.
Create an NSG and associate the NSG to VMI and VM4.
D.
Create an NSG and associate the NSG to VMI and VM4.
Answers
Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal

Question 8

Report
Export
Collapse

HOTSPOT

You implement the planned changes for NSG1 and NSG2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Answer:

Question 8
Correct answer: Question 8

Explanation:


Question 9

Report
Export
Collapse

DRAG DROP

You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Question 9
Correct answer: Question 9

Explanation:

Scenario:

1. Web administrators will deploy Azure web apps for the marketing department.

2. Each web app will be added to a separate resource group.

3. The initial configuration of the web apps will be identical.

4. The web administrators have permission to deploy web apps to resource groups.

Steps:

1 --> Create a resource group, and then deploy a web app to the resource group.

2 --> From the Automation script blade of the resource group , click Add to Library.

3 --> From the Templates service, select the template, and then share the template to the web administrators .

Reference:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/quickstart-createtemplates-use-the-portal

Question 10

Report
Export
Collapse

Which blade should you instruct the finance department auditors to use?

A.
Partner information
A.
Partner information
Answers
B.
Overview
B.
Overview
Answers
C.
Payment methods
C.
Payment methods
Answers
D.
Invoices
D.
Invoices
Answers
Suggested answer: D

Explanation:

You can opt in and configure additional recipients to receive your Azure invoice in an email. This feature may not be available for certain subscriptions such as support offers, Enterprise Agreements, or Azure in Open.

Select your subscription from the Subscriptions page. Opt-in for each subscription you own. Click Invoices then Email my invoice.

Click Opt in and accept the terms.

Scenario: During the testing phase, auditors in the finance department must be able to review all Azure costs from the past week.

Reference: https://docs.microsoft.com/en-us/azure/billing/billing-download-azure-invoice-dailyusage-date

Total 644 questions
Go to page: of 65
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms