ExamGecko
Search Search Login
Home Home / Microsoft / AZ-104

Microsoft AZ-104 Practice Test - Questions Answers, Page 37

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You need to the appropriate sizes for the Azure virtual for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
DRAG DROP You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Answer:
HOTSPOT You need to implement Role1. Which command should you run before you create Role1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev. You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group. Solution: On Dev, you assign the Contributor role to the Developers group. Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft Entra tenant named contoso.com. You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the 500 external users. Solution; From Microsoft Entra ID in the Azure portal, you use the Bulk invite users' operation. Does this meet the goal?
You discover that VM3 does NOT meet the technical requirements. You need to verify whether the issue relates to the NSGs. What should you use?
You have an Azure subscription that contains the virtual machines shown in the following table. You deploy a load balancer that has the following configurations: * Name: LB 1 * Type: Internal * SKU: Standard * Virtual network: VNET1 You need to ensure that you can add VM1 and VM2 to the backend pool of L81. Solution: You create two Standard SKU public IP addresses and associate a Standard SKU public IP address to the network interface of each virtual machine. Does this meet the goal?
You have an Azure subscription that contains the resources shown in the following table. You need to assign User1 the Storage File Data SMB Share Contributor role for share1. What should you do first?
You have an Azure App Service app named App1 that contains two running instances. You have an auto scale rule configured as shown in the following exhibit For the instance limits stale condition setting, you set Maximum to 5. During a 30-minute period. Appl uses 60 percent of the available memory. What is the maximum number of instances tor Appl during the 30-minute period:
You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements. Which storage account should you identify?

Question 361

Report
Export
Collapse

You have a service deployed to a Kubernetes cluster.

Another application needs to access the service via the private IP address of the pod.

Which of the following would you define as the networking type for the cluster to meet this requirement?

A.
Kubenet
A.
Kubenet
Answers
B.
Azure container networking plugin
B.
Azure container networking plugin
Answers
C.
Service Endpoints
C.
Service Endpoints
Answers
D.
Network security groups
D.
Network security groups
Answers
Suggested answer: B

Explanation:

Azure container networking plugin : Correct Choice

With the Azure container networking plugin , every pod gets an IP address allocated.

With Azure CNI, every pod gets an IP address from the subnet and can be accessed directly. These IP addresses must be unique across your network space, and must be planned in advance. Each node has a configuration parameter for the maximum number of pods that it supports. The equivalent number of IP addresses per node are then reserved up front for that node. This approach requires more planning, as can otherwise lead to IP address exhaustion or the need to rebuild clusters in a larger subnet as your application demands grow.

Nodes use the Azure Container Networking Interface (CNI) Kubernetes plugin.

Kubenet : Incorrect Choice

The kubenet networking option is the default configuration for AKS cluster creation. With kubenet, nodes get an IP address from the Azure virtual network subnet. Pods receive an IP address from a logically different address space to the Azure virtual network subnet of the nodes.

Service Endpoints : Incorrect Choice

Capabilities like service endpoints or UDRs are supported with both kubenet and Azure CNI, the support policies for AKS define what changes you can make. For example:

. If you manually create the virtual network resources for an AKS cluster, you're supported when configuring your own UDRs or service endpoints.

. If the Azure platform automatically creates the virtual network resources for your AKS cluster, it isn't supported to manually change those AKS-managed resources to configure your own UDRs or service endpoints.

Network security groups : Incorrect Choice

A network security group filters traffic for VMs, such as the AKS nodes. As you create Services, such as a LoadBalancer, the Azure platform automatically configures any network security group rules that are needed.

Reference:

https://docs.microsoft.com/en-us/azure/aks/concepts-network

Question 362

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains several virtual machines and an Azure Log Analytics workspace named Workspace1. You create a log search query as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.


Question 362
Correct answer: Question 362

Explanation:

Box 1: 14 days

Two weeks will be covered.

Note: Startofweek returns the start of the week containing the date, shifted by an offset, if provided.

Start of the week is considered to be a Sunday.

Endofweek returns the end of the week containing the date, shifted by an offset, if provided.

Last day of the week is considered to be a Saturday.

Box 2:

The render operator renders results in as graphical output. Timechart is a Line graph, where the first column is x-axis, and should be datetime. Other columns are y-axes. In this case the Y axis has avg(CounterValue) Values.

Reference:

https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/log-query-overview

https://docs-analytics-eus.azurewebsites.net/queryLanguage/query_language_renderoperator.html

Question 363

Report
Export
Collapse

HOTSPOT

You have an Azure subscription named Subscription1 that contains the resources shown in the following table.

The status of VM1 is Running.

You assign an Azure policy as shown in the exhibit. (Click the Exhibit tab.)

You assign the policy by using the following parameters:

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 363
Correct answer: Question 363

Explanation:

Not allowed resource types (Deny): Prevents a list of resource types from being deployed. This means this policy specifically prevents a list of resource types from being deployed. So that refers that except deployment all the other operations like start/stop or move etc. are not prevented. But to be noted if the resource already exists, it just marks it as non-compliant.

Replicated this scenario in LAB keeping VM running and below are the outcome :

. VM is not deallocated

. Able to stop and start VM successfully.

. Not able to create new virtual network or VM.

. Not able to modify VM size.

. Not able change the address space of the virtual network.

. Successfully moved virtual network and VM in another resource group.

Statement 1 : Yes

Based on above experiment the policy will mark the VNET1 as non-compliant but it can be moved to RG2 . Hence this statement is true.

Statement 2 : No

Based on above experiment the policy will mark the VM as non-compliant but it will still be running, not deallocated. Hence this statement is False.

Statement 3 : No

Based on above experiment the address space for VNET2 can not be modified. Hence this statement is False.

Reference:

https://docs.microsoft.com/en-us/azure/governance/policy/assign-policy-portal

Question 364

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company registers a domain name of contoso.com.

You create an Azure DNS zone named contoso.com, and then you add an A record to the zone for a host named www that has an IP address of 131.107.1.10.

You discover that Internet hosts are unable to resolve www.contoso.com to the 131.107.1.10 IP address.

You need to resolve the name resolution issue.

Solution: You modify the name servers at the domain registrar.

Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: A

Explanation:

Modify the Name Server (NS) record.

Reference:

https://docs.microsoft.com/en-us/azure/dns/dns-delegate-domain-azure-dns

Question 365

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company registers a domain name of contoso.com.

You create an Azure DNS zone named contoso.com, and then you add an A record to the zone for a host named www that has an IP address of 131.107.1.10.

You discover that Internet hosts are unable to resolve www.contoso.com to the 131.107.1.10 IP address.

You need to resolve the name resolution issue.

Solution: You modify the SOA record in the contoso.com zone.

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Explanation:

Modify the NS record, not the SOA record.

Note: The SOA record stores information about the name of the server that supplied the data for the zone; the administrator of the zone; the current version of the data file; the number of seconds a secondary name server should wait before checking for updates; the number of seconds a secondary name server should wait before retrying a failed zone transfer; the maximum number of seconds that a secondary name server can use data before it must either be refreshed or expire; and a default number of seconds for the time-to live file on resource records.

Reference:

https://searchnetworking.techtarget.com/definition/start-of-authority-record

Question 366

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your company registers a domain name of contoso.com.

You create an Azure DNS zone named contoso.com, and then you add an A record to the zone for a host named www that has an IP address of 131.107.1.10.

You discover that Internet hosts are unable to resolve www.contoso.com to the 131.107.1.10 IP address.

You need to resolve the name resolution issue.

Solution: You add an NS record to the contoso.com Azure DNS zone.

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Explanation:

Before you can delegate your DNS zone to Azure DNS, you need to know the name servers for your zone.

The NS record set contains the names of the Azure DNS name servers assigned to the zone.

Reference:

https://docs.microsoft.com/en-us/azure/dns/dns-delegate-domain-azure-dns

Question 367

Report
Export
Collapse

You are troubleshooting a performance issue for an Azure Application Gateway.

You need to compare the total requests to the failed requests during the past six hours.

What should you use?

A.
Metrics in Application Gateway
A.
Metrics in Application Gateway
Answers
B.
Diagnostics logs in Application Gateway
B.
Diagnostics logs in Application Gateway
Answers
C.
NSG flow logs in Azure Network Watcher
C.
NSG flow logs in Azure Network Watcher
Answers
D.
Connection monitor in Azure Network Watcher
D.
Connection monitor in Azure Network Watcher
Answers
Suggested answer: A

Explanation:

Application Gateway currently has seven metrics to view performance counters.

Metrics are a feature for certain Azure resources where you can view performance counters in the portal. for Application Gateway, the following metrics are available:

Total Requests

Failed Requests

Current Connections

Healthy Host Count

Response Status

Throughput

Unhealthy Host count

You can filter on a per backend pool basis to show healthy/unhealthy hosts in a specific backend pool

Reference: https://docs.microsoft.com/en-us/azure/application-gateway/applicationgatewaydiagnostics#

Metrics

Question 368

Report
Export
Collapse

DRAG DROP

You have an Azure subscription that contains an Azure virtual machine named VM1. VM1 runs

Windows Server 2016 and is part of an availability set.

VM1 has virtual machine-level backup enabled.

VM1 is deleted.

You need to restore VM1 from the backup. VM1 must be part of the availability set.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Question 368
Correct answer: Question 368

Question 369

Report
Export
Collapse

You have an Azure App Service plan named AdatumASP1 that uses the P2v2 pricing tier. AdatumASP1 hosts Ml Azure web app named adatumwebapp1. You need to delegate the management of adatumwebapp1 to a group named Devs. Devs must be able to perform the following tasks:

• Add deployment slots.

• View the configuration of AdatumASP1.

• Modify the role assignment for adatumwebapp1.

Which role should you assign to the Devs group?

A.
Owner
A.
Owner
Answers
B.
Contributor
B.
Contributor
Answers
C.
Web Plan Contributor
C.
Web Plan Contributor
Answers
D.
Website Contributor
D.
Website Contributor
Answers
Suggested answer: A

Explanation:

Owner : Correct Choice

The Owner role lets you manage everything, including access to resources.

Contributor : Incorrect Choice

With contributor role you can Add deployment slots and View the configuration of App service plan but you can't Modify the role assignment. For this you need User Access Administrator or Owner role. So this is incorrect.

Web Plan Contributor : Incorrect Choice

The Web Plan Contributor role lets you manage the web plans for websites, but not access to them.

So this option is incorrect.

Website Contributor : Incorrect Choice

The Website Contributor role lets you manage websites (not web plans), but not access to them. So this is incorrect option.

Note:

As per least privilege principle it is not advisable to provide owner role to any group, rather you should create custom RBAC role with custom policy and use that role for this operation. However as this option is not available here so only option to go with owner role.

Reference:

https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal

https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

Question 370

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure web app named Appl. App1 runs in an Azure App Service plan named Plan1. Plan1 is associated to the Free pricing tier.

You discover that App1 stops each day after running continuously for 60 minutes.

You need to ensure that App1 can run continuously for the entire day.

Solution: You change the pricing tier of Plan1 to Basic. Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: A

Explanation:

The Free Tier provides 60 CPU minutes / day. This explains why App1 is stops. The Basic tier has no such cap.

Reference:

https://azure.microsoft.com/en-us/pricing/details/app-service/windows/

Total 644 questions
Go to page: of 65
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms