ExamGecko
Search Search Login
Home Home / Microsoft / AZ-104

Microsoft AZ-104 Practice Test - Questions Answers, Page 20

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You need to the appropriate sizes for the Azure virtual for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
DRAG DROP You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Answer:
HOTSPOT You need to implement Role1. Which command should you run before you create Role1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev. You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group. Solution: On Dev, you assign the Contributor role to the Developers group. Does this meet the goal?
You discover that VM3 does NOT meet the technical requirements. You need to verify whether the issue relates to the NSGs. What should you use?
Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft Entra tenant named contoso.com. You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the 500 external users. Solution; From Microsoft Entra ID in the Azure portal, you use the Bulk invite users' operation. Does this meet the goal?
You have an Azure subscription that contains the resources shown in the following table. You need to assign User1 the Storage File Data SMB Share Contributor role for share1. What should you do first?
You have an Azure App Service app named App1 that contains two running instances. You have an auto scale rule configured as shown in the following exhibit For the instance limits stale condition setting, you set Maximum to 5. During a 30-minute period. Appl uses 60 percent of the available memory. What is the maximum number of instances tor Appl during the 30-minute period:
You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements. Which storage account should you identify?
HOTSPOT You need to create storage5. The solution must support the planned changes. Which type of storage account should you use, and which account should you configure as the destination storage account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question 191

Report
Export
Collapse

HOTSPOT

You have an Azure subscription named Subscription1 that contains a virtual network named VNet1.

You add the users in the following table.

Which2? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 191
Correct answer: Question 191

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

Question 192

Report
Export
Collapse

You have an Azure subscription that contains a user account named User1.

You need to ensure that User1 can assign a policy to the tenant root management group.

What should you do?

A.
Create a new management group and delegate User1 as the owner of the new management group.
A.
Create a new management group and delegate User1 as the owner of the new management group.
Answers
B.
Assign the Owner role for the Azure subscription to User1, and then instruct User1 to configure access management for Azure resources.
B.
Assign the Owner role for the Azure subscription to User1, and then instruct User1 to configure access management for Azure resources.
Answers
C.
Assign the Owner role for the Azure subscription to User1, and then modify the default conditional access policies.
C.
Assign the Owner role for the Azure subscription to User1, and then modify the default conditional access policies.
Answers
D.
Assign the Global administrator role to User1, and then instruct User1 to configure access management for Azure resources.
D.
Assign the Global administrator role to User1, and then instruct User1 to configure access management for Azure resources.
Answers
Suggested answer: B

Explanation:

The following chart shows the list of roles and the supported actions on management groups.

Note:

Each directory is given a single top-level management group called the "Root" management group.

This root management group is built into the hierarchy to have all management groups and subscriptions fold up to it. This root management group allows for global policies and Azure role assignments to be applied at the directory level. The Azure AD Global Administrator needs to elevate themselves to the User Access Administrator role of this root group initially. After elevating access, the administrator can assign any Azure role to other directory users or groups to manage the hierarchy. As administrator, you can assign your own account as owner of the root management group.

Reference:

https://docs.microsoft.com/en-us/azure/governance/management-groups/overview

Question 193

Report
Export
Collapse

HOTSPOT

You have an Azure subscription named Subscription1 that contains the following resource group:

Name: RG1

Region: West US

Tag: "tag1": "value1"

You assign an Azure policy named Policy1 to Subscription1 by using the following configurations:

Exclusions: None

Policy definition: Append tag and its default value

Assignment name: Policy1

Parameters:

- Tag name: Tag2

- Tag value: Value2

After Policy1 is assigned, you create a storage account that has the following configurations:

Name: storage1

Location: West US

Resource group: RG1

Tags: "tag3": "value3"

You need to identify which tags are assigned to each resource.

What should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 193
Correct answer: Question 193

Explanation:

Box 1: "tag1": "value1" only

Box 2: "tag2": "value2" and "tag3": "value3"

Tags applied to the resource group are not inherited by the resources in that resource group.

Reference:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags

Question 194

Report
Export
Collapse

You have an Azure subscription that contains the resources shown in the following table.

The Not allowed resources types Azure policy is assigned to RG1 and uses the following parameters:

In RG1, you need to create a new virtual named VM2, and then connected VM2 to VNET1.

What should you do first?

A.
Remove Microsoft.Network/virtualNetworks from the policy.
A.
Remove Microsoft.Network/virtualNetworks from the policy.
Answers
B.
Create an Azure Resource Manager template.
B.
Create an Azure Resource Manager template.
Answers
C.
Remove Microsoft.Compute/virtualMachines from the policy.
C.
Remove Microsoft.Compute/virtualMachines from the policy.
Answers
D.
Add a subnet to VNET1.
D.
Add a subnet to VNET1.
Answers
Suggested answer: C

Explanation:

The Not allowed resource types Azure policy prohibits the deployment of specified resource types.

You specify an array of the resource types to block.

Virtual Networks and Virtual Machines are prohibited.

Reference:

https://docs.microsoft.com/en-us/azure/governance/policy/samples/not-allowed-resource-types

Question 195

Report
Export
Collapse

You have an Azure web app named webapp1.

You have a virtual network named VNET1 and an Azure virtual machine named VM1 that hosts a MySQL database. VM1 connects to VNET1. You need to ensure that webapp1 can access the data hosted on VM1. What should you do?

A.
Connect webapp1 to VNET1.
A.
Connect webapp1 to VNET1.
Answers
B.
Peer VNET1 to another virtual network.
B.
Peer VNET1 to another virtual network.
Answers
C.
Deploy an Azure Application Gateway.
C.
Deploy an Azure Application Gateway.
Answers
D.
Deploy an internal load balancer
D.
Deploy an internal load balancer
Answers
Suggested answer: C

Question 196

Report
Export
Collapse

Your company has three offices. The offices are located in Miami, Los Angeles, and New York. Each office contains a datacenter.

You have an Azure subscription that contains resources in the East US and West US Azure regions.

Each region contains a virtual network. The virtual networks are peered.

You need to connect the datacenters to the subscription. The solution must minimize network latency between the datacenters.

What should you create?

A.
three virtual WANs and one virtual hub
A.
three virtual WANs and one virtual hub
Answers
B.
three virtual hubs and one virtual WAN
B.
three virtual hubs and one virtual WAN
Answers
C.
three On-premises data gateways and one Azure Application Gateway
C.
three On-premises data gateways and one Azure Application Gateway
Answers
D.
three Azure Application Gateways and one On-premises data gateway
D.
three Azure Application Gateways and one On-premises data gateway
Answers
Suggested answer: A

Explanation:

Azure Virtual WAN is a networking service that brings many networking, security, and routing functionalities together to provide a single operational interface.

The Virtual WAN architecture is a hub and spoke architecture with scale and performance built in for branches (VPN/SD-WAN devices), users (Azure VPN/OpenVPN/IKEv2 clients), ExpressRoute circuits, and virtual networks.

Azure regions serve as hubs that you can choose to connect to. All hubs are connected in full mesh in a Standard Virtual WAN making it easy for the user to use the Microsoft backbone for any-to-any (any spoke) connectivity.

Virtual WAN offers the following advantages:

Integrated connectivity solutions in hub and spoke: Automate site-to-site configuration and connectivity between on-premises sites and an Azure hub.

Automated spoke setup and configuration: Connect your virtual networks and workloads to the Azure hub seamlessly.

Intuitive troubleshooting: You can see the end-to-end flow within Azure, and then use this information to take required actions.

Reference:

https://docs.microsoft.com/en-us/azure/virtual-wan/virtual-wan-about

Question 197

Report
Export
Collapse

You have a Recovery Service vault that you use to test backups. The test backups contain two protected virtual machines.

You need to delete the Recovery Services vault.

What should you do first?

A.
From the Recovery Service vault, stop the backup of each backup item.
A.
From the Recovery Service vault, stop the backup of each backup item.
Answers
B.
From the Recovery Service vault, delete the backup data.
B.
From the Recovery Service vault, delete the backup data.
Answers
C.
Modify the disaster recovery properties of each virtual machine.
C.
Modify the disaster recovery properties of each virtual machine.
Answers
D.
Modify the locks of each virtual machine.
D.
Modify the locks of each virtual machine.
Answers
Suggested answer: A

Explanation:

You can't delete a Recovery Services vault if it is registered to a server and holds backup data. If you try to delete a vault, but can't, the vault is still configured to receive backup data.

Remove vault dependencies and delete vault

In the vault dashboard menu, scroll down to the Protected Items section, and click Backup Items. In this menu, you can stop and delete Azure File Servers, SQL Servers in Azure VM, and Azure virtual machines.

Reference: https://docs.microsoft.com/en-us/azure/backup/backup-azure-delete-vault

Question 198

Report
Export
Collapse

HOTSPOT

You have an Azure subscription named Subscroption1.

In Subscription1, you create an alert rule named Alert1.

The Alert1 action group is configured as shown in the following exhibit.

Alert1 alert criteria is triggered every minute.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.


Question 198
Correct answer: Question 198

Explanation:

Box 1: 60

One alert per minute will trigger one email per minute.

Box 2: 12

No more than 1 SMS every 5 minutes can be send, which equals 12 per hour.

Note: Rate limiting is a suspension of notifications that occurs when too many are sent to a particular phone number, email address or device. Rate limiting ensures that alerts are manageable and actionable.

The rate limit thresholds are:

SMS: No more than 1 SMS every 5 minutes.

Voice: No more than 1 Voice call every 5 minutes.

Email: No more than 100 emails in an hour.

Other actions are not rate limited.

Reference:

https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/monitoring-anddiagnostics/ monitoring-overview-alerts.md

Question 199

Report
Export
Collapse

You have an app named App1 that runs on an Azure web app named webapp1.

The developers at your company upload an update of App1 to a Git repository named GUI.

Webapp1 has the deployment slots shown in the following table.

You need to ensure that the App1 update is tested before the update is made available to users.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE Each correct selection is worth one point.

A.
Stop webapp1 prod.
A.
Stop webapp1 prod.
Answers
B.
Stop webapp1-test
B.
Stop webapp1-test
Answers
C.
Deploy the App1 update to webapp1-test, and then test the update.
C.
Deploy the App1 update to webapp1-test, and then test the update.
Answers
D.
Deploy the App1 update to webapp1-prod, and then test the update.
D.
Deploy the App1 update to webapp1-prod, and then test the update.
Answers
E.
Swap the slots.
E.
Swap the slots.
Answers
Suggested answer: C, E

Explanation:

You can validate web app changes in a staging deployment slot before swapping it with the production slot. Deploying an app to a slot first and swapping it into production makes sure that all instances of the slot are warmed up before being swapped into production. This eliminates downtime when you deploy your app. The traffic redirection is seamless, and no requests are dropped because of swap operations. You can automate this entire workflow by configuring auto swap when pre-swap validation isn't needed.

After the swap you can deploy the App1 update to webapp1-test, and then test the update. If the changes swapped into the production slot aren't as per your expectation then you can perform the same swap immediately to get your "last known good site" back.

Reference:

https://docs.microsoft.com/en-us/azure/app-service/deploy-staging-slots

Question 200

Report
Export
Collapse

You have an Azure subscription named Subscription1. Subscription1 contains a virtual machine named VM1.

You have a computer named Computer1 that runs Windows 10. Computer1 is connected to the Internet.

You add a network interface named Interface1 to VM1 as shown in the exhibit (Click the Exhibit button.)

From Computer1, you attempt to connect to VM1 by using Remote Desktop, but the connection fails.

You need to establish a Remote Desktop connection to VM1.

What should you do first?

A.
Start VM1.
A.
Start VM1.
Answers
B.
Attach a network interface.
B.
Attach a network interface.
Answers
C.
Delete the DenyAllOutBound outbound port rule.
C.
Delete the DenyAllOutBound outbound port rule.
Answers
D.
Delete the DenyAllInBound inbound port rule.
D.
Delete the DenyAllInBound inbound port rule.
Answers
Suggested answer: A

Explanation:

Note: Rules are processed in priority order, with lower numbers processed before higher numbers, because lower numbers have higher priority. Once traffic matches a rule, processing stops. As a result, any rules that exist with lower priorities (higher numbers) that have the same attributes as rules with higher priorities are not processed.

Reference: https://docs.microsoft.com/en-us/azure/virtual-network/security-overview

Total 644 questions
Go to page: of 65
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms