ExamGecko
Search Search Login
Home Home / Microsoft / AZ-104

Microsoft AZ-104 Practice Test - Questions Answers, Page 34

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You need to the appropriate sizes for the Azure virtual for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
DRAG DROP You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Answer:
HOTSPOT You need to implement Role1. Which command should you run before you create Role1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev. You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group. Solution: On Dev, you assign the Contributor role to the Developers group. Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft Entra tenant named contoso.com. You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the 500 external users. Solution; From Microsoft Entra ID in the Azure portal, you use the Bulk invite users' operation. Does this meet the goal?
You discover that VM3 does NOT meet the technical requirements. You need to verify whether the issue relates to the NSGs. What should you use?
You have an Azure subscription that contains the virtual machines shown in the following table. You deploy a load balancer that has the following configurations: * Name: LB 1 * Type: Internal * SKU: Standard * Virtual network: VNET1 You need to ensure that you can add VM1 and VM2 to the backend pool of L81. Solution: You create two Standard SKU public IP addresses and associate a Standard SKU public IP address to the network interface of each virtual machine. Does this meet the goal?
You have an Azure subscription that contains the resources shown in the following table. You need to assign User1 the Storage File Data SMB Share Contributor role for share1. What should you do first?
You have an Azure App Service app named App1 that contains two running instances. You have an auto scale rule configured as shown in the following exhibit For the instance limits stale condition setting, you set Maximum to 5. During a 30-minute period. Appl uses 60 percent of the available memory. What is the maximum number of instances tor Appl during the 30-minute period:
You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements. Which storage account should you identify?

Question 331

Report
Export
Collapse

You have an Azure Service Bus.

You need to implement a Service Bus queue that guarantees first in first-out (FIFO) delivery of messages.

What should you do?

A.
Set the Lock Duration setting to 10 seconds.
A.
Set the Lock Duration setting to 10 seconds.
Answers
B.
Enable duplicate detection.
B.
Enable duplicate detection.
Answers
C.
Set the Max Size setting of the queue to 5 GB.
C.
Set the Max Size setting of the queue to 5 GB.
Answers
D.
Enable partitioning.
D.
Enable partitioning.
Answers
E.
Enable sessions.
E.
Enable sessions.
Answers
Suggested answer: E

Explanation:

Through the use of messaging sessions you can guarantee ordering of messages, that is first-in-firstout (FIFO) delivery of messages.

Reference:

https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-azure-and-service-busqueues-compared-contrasted

Question 332

Report
Export
Collapse

You have an Azure subscription.

You activate Enterprise Mobility + Security E5 licenses for all users.

You need the users to request approval before they can create virtual machines.

What should you configure first?

A.
Azure Active Directory (Azure AD) conditional access policies
A.
Azure Active Directory (Azure AD) conditional access policies
Answers
B.
Azure Active Directory (Azure AD) Authentication methods
B.
Azure Active Directory (Azure AD) Authentication methods
Answers
C.
Azure Active Directory (Azure AD) Privileged Identity Management for the Azure resource roles
C.
Azure Active Directory (Azure AD) Privileged Identity Management for the Azure resource roles
Answers
D.
Azure Active Directory (Azure AD) Privileged Identity Management for the Azure AD directory roles
D.
Azure Active Directory (Azure AD) Privileged Identity Management for the Azure AD directory roles
Answers
Suggested answer: C

Explanation:

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pimresource-roles-assign-roles

Question 333

Report
Export
Collapse

Your company registers a domain name of contoso.com.

You create an Azure DNS named contoso.com and then you add an A record to the zone for a host named www that has an IP address of 131.107.1.10.

You discover that Internet hosts are unable to resolve www.contoso.com to the 131.107.1.10 IP address.

You need to resolve the name resolution issue.

Solution: You modify the name server at the domain registrar.

Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/dns/dns-delegate-domain-azure-dns

Question 334

Report
Export
Collapse

You have an on-premises network that contains a Hyper-V host named Host1. Host1 runs Windows

Server 2016 and hosts 10 virtual machines that run Windows Server 2016.

You plan to replicate the virtual machines to Azure by using Azure Site Recovery.

You create a Recovery Services vault named ASR1 and a Hyper-V site named Site1.

You need to add Host1 to ASR1.

What should you do?

A.
Download the installation file for the Azure Site Recovery Provider.Download the vault registration key.Install the Azure Site Recovery Provider on Host1 and register the server.
A.
Download the installation file for the Azure Site Recovery Provider.Download the vault registration key.Install the Azure Site Recovery Provider on Host1 and register the server.
Answers
B.
Download the installation file for the Azure Site Recovery Provider.Download the storage account key.Install the Azure Site Recovery Provider on Host1 and register the server.
B.
Download the installation file for the Azure Site Recovery Provider.Download the storage account key.Install the Azure Site Recovery Provider on Host1 and register the server.
Answers
C.
Download the installation file for the Azure Site Recovery Provider.Download the vault registration key.Install the Azure Site Recovery Provider on each virtual machine and register the virtual machines.
C.
Download the installation file for the Azure Site Recovery Provider.Download the vault registration key.Install the Azure Site Recovery Provider on each virtual machine and register the virtual machines.
Answers
D.
Download the installation file for the Azure Site Recovery Provider.Download the storage account key.Install the Azure Site Recovery Provider on each virtual machine and register the virtual machines.
D.
Download the installation file for the Azure Site Recovery Provider.Download the storage account key.Install the Azure Site Recovery Provider on each virtual machine and register the virtual machines.
Answers
Suggested answer: A

Explanation:

Below are the steps you need to perform in this scenario. Refer the link mentioned in the reference section.

Download the installation file for the Azure Site Recovery Provider

To set up the source environment, you create a Hyper-V site and add to that site the Hyper-V hosts containing VMs that you want to replicate. Then, you download and install the Azure Site Recovery

Provider and the Azure Recovery Services agent on each host, and register the Hyper-V site in the vault.

Download the vault registration key

Download the Vault registration key. You need this when you install the Provider. The key is valid for five days after you generate it.

Install the Azure Site Recovery Provider on Host1.

Install the downloaded setup file (AzureSiteRecoveryProvider.exe) on each Hyper-V host that you want to add to the Hyper-V site. Setup installs the Azure Site Recovery Provider and Recovery

Services agent on each Hyper-V host.

Register the server

In Registration, after the server is registered in the vault, select Finish.

Reference:

https://docs.microsoft.com/en-us/azure/site-recovery/hyper-v-azure-tutorial

Question 335

Report
Export
Collapse

HOTSPOT

From Azure Active Directory (AD) Privileged Identify Management, you configure the Role settings for the Owner role of an Azure subscription as shown in the following exhibit.

From Azure AD Privileged Identify Management, you assign the Owner role for the subscription to a user named User1, and you set the Assignment type to Active and Permanently eligible.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.


Question 335
Correct answer: Question 335

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pimhow-to-add-role-to-user?tabs=new

Question 336

Report
Export
Collapse

You have an Azure subscription that contains two virtual networks named VNET1 and VNET2 and the users shown in the following table:

Larger image

You need to identify which users can configure peering between VNET1 and VNET2.

Which users should you identify?

A.
User1 only
A.
User1 only
Answers
B.
User3 only
B.
User3 only
Answers
C.
User1 and User2 only
C.
User1 and User2 only
Answers
D.
User1 and User3 only
D.
User1 and User3 only
Answers
E.
User1, User2 and User3
E.
User1, User2 and User3
Answers
Suggested answer: E

Explanation:

Owner: An owner can configure peering.

A Global administrator can configure peering.

Network Contributor:

The accounts you use to work with virtual network peering must be assigned to the following roles:

ß Network Contributor: For a virtual network deployed through Resource Manager.

ß Classic Network Contributor: For a virtual network deployed through the classic deployment model.

Reference:

https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/govern/resourceconsistency/ governance-multiple-teams

Question 337

Report
Export
Collapse

HOTSPOT

You have an Azure subscription named Subscription1. Subscription1 contains the virtual networks in the following table.

Subscription1 contains the virtual machines in the following table:

The firewalls on all the virtual machines are configured to allow all ICMP traffic.

You add the peerings in the following table.

For each of the following statements, select Yest if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 337
Correct answer: Question 337

Explanation:

Statement 1: Yes

Vnet1 and Vnet3 are peers.

Statement 2: No

Statement 3: No

Peering connections are non-transitive.

Reference:

https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybridnetworking/hub-spoke

Question 338

Report
Export
Collapse

You have an A2ure virtual machine named VMV

The network interface for VM1 is configured as shown in the exhibit(Click the Exhibit tab.)

You deploy a web server on VM1. and then create a secure website that is accessible by using the HTTPS protocol. VM1 is used as a web server only.

You need to ensure that users can connect to the website from the internet.

What should you do?

A.
For Rule4. change the protocol from UDP to Any
A.
For Rule4. change the protocol from UDP to Any
Answers
B.
Modify the protocol of Rule4.
B.
Modify the protocol of Rule4.
Answers
C.
Modify the action of Rule1.
C.
Modify the action of Rule1.
Answers
D.
Change the priority of Rute3 to 450
D.
Change the priority of Rute3 to 450
Answers
Suggested answer: D

Explanation:

Rule 2 is blocking HTTPS access (port 443) and has a priority of 500.

Changing Rule 3 (ports 60-500) and giving it a lower priority number will allow access on port 443.

Note: Rules are processed in priority order, with lower numbers processed before higher numbers, because lower numbers have higher priority. Once traffic matches a rule, processing stops.

Incorrect Answers:

A: HTTPS uses port 443. Rule6 only applies to ports 150 to 300.

C, D: Rule 1 blocks access to port 80, which is used for HTTP, not HTTPS.

Reference:

https://docs.microsoft.com/en-us/azure/virtual-network/security-overview

Question 339

Report
Export
Collapse

You have an Azure subscription that contains the resources in the following table.

Subnet1 is associated to VNet1. NIC1 attaches VM1 to Subnet1.

You need to apply ASG1 to VM1.

What should you do?

A.
Modify the properties of NSG1.
A.
Modify the properties of NSG1.
Answers
B.
Modify the properties of ASG1.
B.
Modify the properties of ASG1.
Answers
C.
Associate NIC1 to ASG1.
C.
Associate NIC1 to ASG1.
Answers
Suggested answer: C

Explanation:

Application Security Group can be associated with NICs.

Reference:

https://docs.microsoft.com/en-us/azure/virtual-network/security-overview#application-securitygroups

Question 340

Report
Export
Collapse

You have an Azure virtual machine named VM1.

The network interface for VM1 is configured as shown in the exhibit. (Click the Exhibit tab.)

You deploy a web server on VM1, and then create a secure website that is accessible by using the HTTPS protocol. VM1 is used as a web server only.

You need to ensure that users can connect to the website from the internet.

What should you do?

A.
Create a new inbound rule that allows TCP protocol 443 and configure the protocol to have a priority of 501.
A.
Create a new inbound rule that allows TCP protocol 443 and configure the protocol to have a priority of 501.
Answers
B.
For Rule5, change the Action to Allow and change the priority to 401.
B.
For Rule5, change the Action to Allow and change the priority to 401.
Answers
C.
Delete Rule1.
C.
Delete Rule1.
Answers
D.
Modify the protocol of Rule4.
D.
Modify the protocol of Rule4.
Answers
Suggested answer: B

Explanation:

Rule 2 is blocking HTTPS access (port 443) and has a priority of 500.

Changing Rule 5 (ports 50-5000) and giving it a lower priority number will allow access on port 443.

Note: Rules are processed in priority order, with lower numbers processed before higher numbers, because lower numbers have higher priority. Once traffic matches a rule, processing stops.

Reference:

https://docs.microsoft.com/en-us/azure/virtual-network/security-overview

Total 644 questions
Go to page: of 65
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms