ExamGecko
Search Search Login
Home Home / Microsoft / AZ-104

Microsoft AZ-104 Practice Test - Questions Answers, Page 25

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You need to the appropriate sizes for the Azure virtual for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
DRAG DROP You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Answer:
HOTSPOT You need to implement Role1. Which command should you run before you create Role1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev. You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group. Solution: On Dev, you assign the Contributor role to the Developers group. Does this meet the goal?
You discover that VM3 does NOT meet the technical requirements. You need to verify whether the issue relates to the NSGs. What should you use?
Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft Entra tenant named contoso.com. You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the 500 external users. Solution; From Microsoft Entra ID in the Azure portal, you use the Bulk invite users' operation. Does this meet the goal?
You have an Azure subscription that contains the resources shown in the following table. You need to assign User1 the Storage File Data SMB Share Contributor role for share1. What should you do first?
You have an Azure App Service app named App1 that contains two running instances. You have an auto scale rule configured as shown in the following exhibit For the instance limits stale condition setting, you set Maximum to 5. During a 30-minute period. Appl uses 60 percent of the available memory. What is the maximum number of instances tor Appl during the 30-minute period:
You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements. Which storage account should you identify?
HOTSPOT You need to create storage5. The solution must support the planned changes. Which type of storage account should you use, and which account should you configure as the destination storage account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question 241

Report
Export
Collapse

HOTSPOT

You plan to use Azure Network Watcher to perform the following tasks:

Task1: Identify a security rule that prevents a network packet from reaching an Azure virtual machine

Task2: Validate outbound connectivity from an Azure virtual machine to an external host

Which feature should you use for each task? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 241
Correct answer: Question 241

Explanation:

Task 1: IP flow verify

The IP flow verify capability enables you to specify a source and destination IPv4 address, port, protocol (TCP or UDP), and traffic direction (inbound or outbound). IP flow verify then tests the communication and informs you if the connection succeeds or fails. If the connection fails, IP flow verify tells you which security rule allowed or denied the communication, so that you can resolve the problem.

Task 2: Connection troubleshoot

The connection troubleshoot capability enables you to test a connection between a VM and another

VM, an FQDN, a URI, or an IPv4 address. The test returns similar information returned when using the connection monitor capability, but tests the connection at a point in time, rather than monitoring it over time.

Reference:

https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview

https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-connectivity-overview

Question 242

Report
Export
Collapse

You have the Azure virtual networks shown in the following table.

To which virtual networks can you establish a peering connection from VNet1?

A.
VNet2 and VNet3 only
A.
VNet2 and VNet3 only
Answers
B.
VNet2 only
B.
VNet2 only
Answers
C.
VNet3 and VNet4 only
C.
VNet3 and VNet4 only
Answers
D.
VNet2, VNet3, and VNet4
D.
VNet2, VNet3, and VNet4
Answers
Suggested answer: C

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal

You can connect virtual networks to each other with virtual network peering. These virtual networks can be in the same region or different regions (also known as Global VNet peering). Once virtual networks are peered, resources in both virtual networks are able to communicate with each other, with the same latency and bandwidth as if the resources were in the same virtual network.

Global VNet Peering is now generally available in all Azure public regions, excluding the China, Germany, and Azure Government regions.

The address space is the most critical configuration for a VNet in Azure. This is the IP range for the entire network that will be divided into subnets. The address space can almost be any IP range that you wish (public or private). You can add multiple address spaces to a VNet. To ensure this VNet can be connected to other networks, the address space should never overlap with any other networks in your environment. If a VNet has an address space that overlaps with another Azure VNet or on premises network, the networks cannot be connected, as the routing of traffic will not work properly.

https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal

https://azure.microsoft.com/en-in/updates/general-availability-global-vnetpeering/#:~:text=Global%20VNet%20Peering%20is%20now,transit%20over%20the%20public%20internet.

https://www.microsoftpressstore.com/articles/article.aspx?p=2873369

Question 243

Report
Export
Collapse

HOTSPOT

You have an Azure virtual machine named VM1 that connects to a virtual network named VNet1.

VM1 has the following configurations:

Subnet: 10.0.0.0/24

Availability set: AVSet

Network security group (NSG): None

Private IP address: 10.0.0.4 (dynamic)

Public IP address: 40.90.219.6 (dynamic)

You deploy a standard, Internet-facing load balancer named slb1.

You need to configure slb1 to allow connectivity to VM1.

Which changes should you apply to VM1 as you configure slb1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 243
Correct answer: Question 243

Explanation:

Box 1: Remove the public IP address from VM1

If the Public IP on VM1 is set to Dynamic, that means it is a Public IP with Basic SKU because Public IPs with Standard SKU have Static assignments by default, that cannot be changed. We cannot associate Basic SKUs IPs with Standard SKUs LBs. One cannot create a backend SLB pool if the VM to be associated has a Public IP. For Private IP it doesn't matter weather it is dynamic or static, still we can add the such VM into the SLB backend pool.

Box 2: Create and configure an NSG

Standard Load Balancer is built on the zero trust network security model at its core. Standard Load Balancer secure by default and is part of your virtual network. The virtual network is a private and isolated network. This means Standard Load Balancers and Standard Public IP addresses are closed to inbound flows unless opened by Network Security Groups. NSGs are used to explicitly permit allowed traffic. If you do not have an NSG on a subnet or NIC of your virtual machine resource, traffic is not allowed to reach this resource. To learn more about NSGs and how to apply them for your scenario, see Network Security Groups. Basic Load Balancer is open to the internet by default.

Reference:

https://docs.microsoft.com/en-us/azure/load-balancer/quickstart-load-balancer-standard-publicportal

https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview

Question 244

Report
Export
Collapse

You have an Azure subscription that contains the following storage account:

You need 10 create a request to Microsoft Support to perform a live migration of storage1 to Zone Redundant Storage (ZRS) replication. How should you modify storage1 before the Live migration?

A.
Set the replication to Locally-redundant storage (IRS)
A.
Set the replication to Locally-redundant storage (IRS)
Answers
B.
Disable Advanced threat protection
B.
Disable Advanced threat protection
Answers
C.
Remove the lock
C.
Remove the lock
Answers
D.
Set the access tier to Hot
D.
Set the access tier to Hot
Answers
Suggested answer: A

Question 245

Report
Export
Collapse

You have an Azure Active Directory (Azure AD) tenant that syncs to on-premises Active Directory and contains the users shown in the following table.

You create a group named Group1 and add User1 to the group. You need to configure the ownership of Group 1. Which users can you add as owners of Group1?

A.
East US, West Europe, and North Europe
A.
East US, West Europe, and North Europe
Answers
B.
East US and West Europe only
B.
East US and West Europe only
Answers
C.
East US only
C.
East US only
Answers
D.
East US and North Europe only
D.
East US and North Europe only
Answers
Suggested answer: C

Explanation:

Before creating a network interface, you must have an existing virtual network in the same location and subscription you create a network interface in.

Reference:

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface

Question 246

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains the resources in the following table.

You install the Web Server server role (IIS) on VM1 and VM2, and then and VM1 and VM2 to LB1.

LB1 is configured as shown in the LB1 exhibit. (Click the LB1 tab.)

Rule1 is configure as shown in the Rule1 exhibit. (Click the Rule tab.)

For each of the following statements, select Yes if the statements is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 246
Correct answer: Question 246

Explanation:

Box 1: Yes

A Basic Load Balancer supports virtual machines in a single availability set or virtual machine scale set.

Box 2: Yes

When using load-balancing rules with Azure Load Balancer, you need to specify health probes to allow Load Balancer to detect the backend endpoint status. The configuration of the health probe and probe responses determine which backend pool instances will receive new flows. You can use health probes to detect the failure of an application on a backend endpoint. You can also generate a custom response to a health probe and use the health probe for flow control to manage load or planned downtime. When a health probe fails, Load Balancer will stop sending new flows to the respective unhealthy instance. Outbound connectivity is not impacted, only inbound connectivity is impacted.

Box 3: No

Reference:

https://docs.microsoft.com/en-us/azure/load-balancer/skus

https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-custom-probe-overview

Question 247

Report
Export
Collapse

HOTSPOT

VM1 is running and connects to NIC1 and Disk1. NIC1 connects to VNET1.

RG2 contains a public IP address named IP2 that is in the East US location. IP2 is not assigned to a virtual machine.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 247
Correct answer: Question 247

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/move-supportresources

https://docs.microsoft.com/en-us/azure/virtual-network/move-across-regions-publicip-powershell

Question 248

Report
Export
Collapse

You have an Azure subscription that contains a user account named User1.

You need to ensure that User1 can assign a policy to the tenant root management group.

What should you do?

A.
Assign the Global administrator role to User1, and then instruct User1 to configure access management for Azure resources.
A.
Assign the Global administrator role to User1, and then instruct User1 to configure access management for Azure resources.
Answers
B.
Assign the Global administrator role to User1, and then modify the default conditional access policies.
B.
Assign the Global administrator role to User1, and then modify the default conditional access policies.
Answers
C.
Assign the Owner role to User1. and then modify the default conditional access policies.
C.
Assign the Owner role to User1. and then modify the default conditional access policies.
Answers
D.
Assign the Owner role to User1. and then instruct User1 to configure access management for Azure resources.
D.
Assign the Owner role to User1. and then instruct User1 to configure access management for Azure resources.
Answers
Suggested answer: B

Question 249

Report
Export
Collapse

You have an Azure subscription named Subcription1 that contains the storage accounts shown in the following table.

You plan 10 use the Azure Import/Export service to export data from Subscription1.

A.
storage1
A.
storage1
Answers
B.
storage2
B.
storage2
Answers
C.
storage3
C.
storage3
Answers
D.
storage4
D.
storage4
Answers
Suggested answer: D

Explanation:

Azure Import/Export service supports the following of storage accounts:

Standard General Purpose v2 storage accounts (recommended for most scenarios)

Blob Storage accounts

General Purpose v1 storage accounts (both Classic or Azure Resource Manager deployments),

Azure Import/Export service supports the following storage types

Import supports Azure Blob storage and Azure File storage

Export supports Azure Blob storage

Reference:

https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-requirements

Question 250

Report
Export
Collapse

HOTSPOT

You create a Recovery Services vault backup policy named Policy1 as shown in the following exhibit.


Question 250
Correct answer: Question 250
Total 644 questions
Go to page: of 65
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms