ExamGecko
Search Search Login
Home Home / Microsoft / AZ-104

Microsoft AZ-104 Practice Test - Questions Answers, Page 14

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You need to the appropriate sizes for the Azure virtual for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
DRAG DROP You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Answer:
HOTSPOT You need to implement Role1. Which command should you run before you create Role1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev. You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group. Solution: On Dev, you assign the Contributor role to the Developers group. Does this meet the goal?
You discover that VM3 does NOT meet the technical requirements. You need to verify whether the issue relates to the NSGs. What should you use?
Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft Entra tenant named contoso.com. You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the 500 external users. Solution; From Microsoft Entra ID in the Azure portal, you use the Bulk invite users' operation. Does this meet the goal?
You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements. Which storage account should you identify?
HOTSPOT You need to create storage5. The solution must support the planned changes. Which type of storage account should you use, and which account should you configure as the destination storage account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You need to identify the storage requirements for Contoso. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Which blade should you instruct the finance department auditors to use?

Question 131

Report
Export
Collapse

You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named adatum.com. The tenant contains 500 user accounts.

You deploy Microsoft Office 365. You configure Office 365 to use the user accounts in adatum.com.

You configure 60 users to connect to mailboxes in Microsoft Exchange Online.

You need to ensure that the 60 users use Azure Multi-Factor Authentication (MFA) to connect to the Exchange Online mailboxes. The solution must only affect connections to the Exchange Online mailboxes.

What should you do?

A.
From the multi-factor authentication page, configure the Multi-Factor Auth status for each user
A.
From the multi-factor authentication page, configure the Multi-Factor Auth status for each user
Answers
B.
From Azure Active Directory admin center, create a conditional access policy
B.
From Azure Active Directory admin center, create a conditional access policy
Answers
C.
From the multi-factor authentication page, modify the verification options
C.
From the multi-factor authentication page, modify the verification options
Answers
D.
From the Azure Active Directory admin center, configure an authentication method
D.
From the Azure Active Directory admin center, configure an authentication method
Answers
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates

Question 132

Report
Export
Collapse

Your network contains an on-premises Active Directory domain named adatum.com. The domain contains an organizational unit (OU) named OU1. OU1 contains the objects shown in the following table.

You sync OU1 to Azure Active Directory (Azure AD) by using Azure AD Connect.

You need to identify which objects are synced to Azure AD.

Which objects should you identify?

A.
User1 and Group1 only
A.
User1 and Group1 only
Answers
B.
User1, Group1, and Group2 only
B.
User1, Group1, and Group2 only
Answers
C.
User1, Group1, Group2, and Computer1
C.
User1, Group1, Group2, and Computer1
Answers
D.
Computer1 only
D.
Computer1 only
Answers
Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/synchronization

Question 133

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure subscription that contains the following users in an Azure Active Directory tenant named contoso.onmicrosoft.com:

User1 creates a new Azure Active Directory tenant named external.contoso.onmicrosoft.com.

You need to create new user accounts in external.contoso.onmicrosoft.com.

Solution: You instruct User4 to create the user accounts.

Does that meet the goal?

A.
yes
A.
yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Explanation:

Only a global administrator can add users to this tenant.

Reference:

https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/add-users-to-azure-ad

Question 134

Report
Export
Collapse

You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com and an Azure Kubernetes Service (AKS) cluster named AKS1.

An administrator reports that she is unable to grant access to AKS1 to the users in contoso.com.

You need to ensure that access to AKS1 can be granted to the contoso.com users.

What should you do first?

A.
From contoso.com, modify the Organization relationships settings.
A.
From contoso.com, modify the Organization relationships settings.
Answers
B.
From contoso.com, create an OAuth 2.0 authorization endpoint.
B.
From contoso.com, create an OAuth 2.0 authorization endpoint.
Answers
C.
Recreate AKS1.
C.
Recreate AKS1.
Answers
D.
From AKS1, create a namespace.
D.
From AKS1, create a namespace.
Answers
Suggested answer: B

Explanation:

With Azure AD-integrated AKS clusters, you can grant users or groups access to Kubernetes resources within a namespace or across the cluster. To obtain a kubectl configuration context, a user can run the az aks get-credentials command. When a user then interacts with the AKS cluster with kubectl, they're prompted to sign in with their Azure AD credentials. This approach provides a single source for user account management and password credentials. The user can only access the resources as defined by the cluster administrator.

Azure AD authentication is provided to AKS clusters with OpenID Connect. OpenID Connect is an identity layer built on top of the OAuth 2.0 protocol. For more information on OpenID Connect, see the Open ID connect documentation. From inside of the Kubernetes cluster, Webhook Token

Authentication is used to verify authentication tokens. Webhook token authentication is configured and managed as part of the AKS cluster.

Reference:

https://kubernetes.io/docs/reference/access-authn-authz/authentication/

https://docs.microsoft.com/en-us/azure/aks/concepts-identity

Topic 6, Misc. Questions Set B

Question 135

Report
Export
Collapse

HOTSPOT

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table:

User3 is the owner of Group1.

Group2 is a member of Group1.

You configure an access review named Review1 as shown in the following exhibit:

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 135
Correct answer: Question 135

Explanation:

In the Users section, specify the users that the access review applies to. Access reviews can be for the members of a group or for users who were assigned to an application. You can further scope the access review to review only the guest users who are members (or assigned to the application), rather than reviewing all the users who are members or who have access to the application.

Present Use Case:

Group2 is a member of Group1 and User3 is the owner of Group1 So User3 can review both Group 1 and 2.

But for review the scope says only Guest.

Solution:

User1 is a member not a guest so 1st statement ==> NO

UserA is member not the guest so 2nd statement ==> No

UserB is a guest so 3rd statement ==> Yes

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review

Question 136

Report
Export
Collapse

HOTSPOT

You have the Azure management groups shown in the following table.

You add Azure subscriptions to the management groups as shown in the following table.

You create the Azure policies shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Box 1: No

Virtual networks are not allowed at the root and is inherited. Deny overrides allowed.

Box 2: No

Box 3: Yes

Subscriptions can be moved between Management Groups provided the user has the required RBAC permissions.

Reference:

https://docs.microsoft.com/en-us/azure/governance/management-groups/overview

https://docs.microsoft.com/en-us/azure/governance/management-groups/manage#movingmanagement-groups-and-subscriptions

Question 136
Correct answer: Question 136

Question 137

Report
Export
Collapse

You have an Azure subscription named Subscription1 that contains an Azure Log Analytics workspace named Workspace1.

You need to view the error events from a table named Event.

Which query should you run in Workspace1?

A.
Event | where EventType is "error"
A.
Event | where EventType is "error"
Answers
B.
Event | search "error"
B.
Event | search "error"
Answers
C.
select * from Event where EventType == "error"
C.
select * from Event where EventType == "error"
Answers
D.
Get-Event Event | where {$_.EventType -eq "error"}
D.
Get-Event Event | where {$_.EventType -eq "error"}
Answers
Suggested answer: B

Explanation:

To search a term in a specific table, add in (table-name) just after the search operator

Reference:

https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/get-started-queries

Question 138

Report
Export
Collapse

You have an Azure virtual machine named VM1 that runs Windows Server 2019.

You save VM1 as a template named Template1 to the Azure Resource Manager library.

You plan to deploy a virtual machine named VM2 from Template1.

What can you configure during the deployment of VM2?

A.
virtual machine size
A.
virtual machine size
Answers
B.
operating system
B.
operating system
Answers
C.
administrator username
C.
administrator username
Answers
D.
resource group
D.
resource group
Answers
Suggested answer: C

Explanation:

When deploying a virtual machine from a template, you must specify: the Resource Group name and location for the VM the administrator username and password an unique DNS name for the public IP

Reference:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/ps-template

Question 139

Report
Export
Collapse

HOTSPOT

You have an Azure subscription named Subscription1. Subscription1 contains two Azure virtual machines named VM1 and VM2. VM1 and VM2 run Windows Server 2016.

VM1 is backed up daily by Azure Backup without using the Azure Backup agent.

VM1 is affected by ransomware that encrypts data.

You need to restore the latest backup of VM1.

To which location can you restore the backup? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 139
Correct answer: Question 139

Explanation:

Box 1 : VM1 and VM2 only

When recovering files, you can't restore files to a previous or future operating system version.You can restore files from a VM to the same server operating system, or to the compatible client operating system. Therefore -"VM1 and VM2 only" is the best answer since both run on Windows Server 2016.

"A new Azure virtual machine only" ,this will also work but why to create unnecessary new VM in

Azure if existing VM will do the task. So this option is incorrect.

Box 2 : VM1 or A new Azure virtual machine only

When restoring a VM, you can't use the replace existing VM option for encrypted VMs. This option is only supported for unencrypted managed disks. And also You can restore files from a VM to the same server operating system, or to the compatible client operating system only. Hence "VM1 or A new

Azure virtual machine only" is correct answer.

Reference:

https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms

https://docs.microsoft.com/en-us/azure/backup/backup-azure-restore-files-from-vm#systemrequirements

Question 140

Report
Export
Collapse

You have an Azure subscription that has a Recovery Services vault named Vault1. The subscription contains the virtual machines shown in the following table.

You plan to schedule backups to occur every night at 23:00.

Which virtual machines can you back up by using Azure Backup?

A.
VM1 only
A.
VM1 only
Answers
B.
VM1 and VM3 only
B.
VM1 and VM3 only
Answers
C.
VM1. VM2, VM3andVM4
C.
VM1. VM2, VM3andVM4
Answers
D.
VM1 and VM2 only
D.
VM1 and VM2 only
Answers
Suggested answer: C

Explanation:

Azure Backup supports backup of 64-bit Windows server operating system from Windows Server 2008.

Azure Backup supports backup of 64-bit Windows 10 operating system.

Azure Backup supports backup of 64-bit Ubuntu Server operating system from Ubuntu 12.04.

Azure Backup supports backup of VM that are shutdown or offline.

Reference:

https://docs.microsoft.com/en-us/azure/backup/backup-support-matrix-iaas

https://docs.microsoft.com/en-us/azure/virtual-machines/linux/endorsed-distros

Total 644 questions
Go to page: of 65
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms