Microsoft AZ-104 Practice Test - Questions Answers, Page 36

HOTSPOT

Your network contains an Active Directory domain named adatum.com and an Azure Active Directory (Azure AD) tenant named adatum.onmicrosoft.com.

Adatum.com contains the user accounts in the following table.

Adatum.onmicrosoft.com contains the user accounts in the following table.

You need to implement Azure AD Connect. The solution must follow the principle of least privilege.

Which user accounts should you use? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.

You hire a temporary vendor. The vendor uses a Microsoft account that has a sign-in of [email protected].

You need to ensure that the vendor can authenticate to the tenant by using [email protected].

What should you do?

DRAG DROP

You have an Azure Active Directory (Azure AD) tenant that has the initial domain name.

You have a domain name of contoso.com registered at a third-party registrar.

You need to ensure that you can create Azure AD users that have names containing a suffix of @contoso.com.

Which three actions should you perform in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order.

You have an Azure resource manager template that will be used to deploy 10 Azure Web Apps.

You have to ensure to deploy the pre-requisites before the deployment of the template.

You have to minimize the costs associated with the implementation.

Which of the following would you deploy as pre-requisites?

You configure Azure AD Connect for Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) for an on-premises network. Users report that when they attempt to access myapps.microsoft.com, they are prompted multiple times to sign in and are forced to use an account name that ends with onmicrosoft.com.

You discover that there is a UPN mismatch between Azure AD and the on-premises Active Directory.

You need to ensure that the users can use single-sign on (SSO) to access Azure resources.

What should you do first?

You have an Azure subscription that contains the following storage account:

You need 10 create a request to Microsoft Support to perform a live migration of storage1 to Zone

Redundant Storage (ZRS) replication. How should you modify storage1 before the Live migration?

You have an Azure Kubernetes cluster in place.

You have to deploy an application using an Azure Container registry image.

Which of the following command can be used for this requirement?

HOTSPOT

You have an Azure Storage account named storage1.

You have an Azure App Service app named app1 and an app named App2 that runs in an Azure container instance. Each app uses a managed identity.

You need to ensure that App1 and App2 can read blobs from storage1 for the next 30 days.

What should you configure in storage1 for each app?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You need to ensure that an Azure Active Directory (Azure AD) user named Admin1 is assigned the required role to enable Traffic Analytics for an Azure subscription.

Solution: You assign the Traffic Manager Contributor role at the subscription level to Admin1.