ExamGecko
Home / Microsoft / AZ-104 / List of questions
Ask Question

Microsoft AZ-104 Practice Test - Questions Answers, Page 6

List of questions

Question 51

Report
Export
Collapse

HOTSPOT

You have peering configured as shown in the following exhibit.

Microsoft AZ-104 image Question 18 84543 09262024195642000000

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.


Microsoft AZ-104 image Question 51 84543 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 51 84543 09262024075642000

Explanation:

Box 1: vNET6 only

Peering status to both VNet1 and Vnet2 are disconnected.

Box 2: delete peering1

Peering to Vnet1 is Enabled but disconnected. We need to update or re-create the remote peering to get it back to Initiated state.

Reference:

https://blog.kloud.com.au/2018/10/19/address-space-maintenance-with-vnet-peering/

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-managepeering#requirements-andconstraints

asked 26/09/2024
Byron Lawrence
38 questions

Question 52

Report
Export
Collapse

Your company has an Azure subscription named Subscription1.

The company also has two on-premises servers named Server1 and Server2 that run Windows Server 2016. Server1 is configured as a DNS server that has a primary DNS zone named adatum.com.

Adatum.com contains 1,000 DNS records.

You manage Server1 and Subscription1 from Server2. Server2 has the following tools installed:

The DNS Manager console

Azure PowerShell

Azure CLI 2.0

You need to move the adatum.com zone to Subscription1. The solution must minimize administrative effort.

What should you use?

Azure PowerShell
Azure PowerShell
Azure CLI
Azure CLI
the Azure portal
the Azure portal
the DNS Manager console
the DNS Manager console
Suggested answer: B

Explanation:

Azure DNS supports importing and exporting zone files by using the Azure command-line interface (CLI). Zone file import is not currently supported via Azure PowerShell or the Azure portal.

Reference: https://docs.microsoft.com/en-us/azure/dns/dns-import-export

asked 26/09/2024
xczzxc zzxczxxz
41 questions

Question 53

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains the public load balancers shown in the following table.

Microsoft AZ-104 image Question 20 84545 09262024195642000000

You plan to create six virtual machines and to load balancer requests to the virtual machines. Each load balancer will load balance three virtual machines.

You need to create the virtual machines for the planned solution.

How should you create the virtual machines? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft AZ-104 image Question 53 84545 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 53 84545 09262024075642000

Explanation:

Box 1: be created in the same availability set or virtual machine scale set.

The Basic tier is quite restrictive. A load balancer is restricted to a single availability set, virtual machine scale set, or a single machine.

Box 2: be connected to the same virtual network

The Standard tier can span any virtual machine in a single virtual network, including blends of scale sets, availability sets, and machines.

Reference:

https://www.petri.com/comparing-basic-standard-azure-load-balancers

asked 26/09/2024
Emma Buchanan
40 questions

Question 54

Report
Export
Collapse

HOTSPOT

You have an Azure virtual network named VNet1 that connects to your on-premises network by using a site-to-site VPN. VMet1 contains one subnet named Subnet1.

Subnet1 is associated to a network security group (NSG) named NSG1. Subnet1 contains a basic internal load balancer named ILB1. ILB1 has three Azure virtual machines in the backend pool.

You need to collect data about the IP addresses that connects to ILB1. You must be able to run interactive queries from the Azure portal against the collected data.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft AZ-104 image Question 54 84546 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 54 84546 09262024075642000

Explanation:

Box 1: An Azure Log Analytics workspace

In the Azure portal you can set up a Log Analytics workspace, which is a unique Log Analytics environment with its own data repository, data sources, and solutions

Box 2: ILB1

Reference:

https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-quick-create-workspace

https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnostics

asked 26/09/2024
Anirban Ganguly
48 questions

Question 55

Report
Export
Collapse

You have an Azure subscription.

Users access the resources in the subscription from either home or from customer sites. From home, users must establish a point-to-site VPN to access the Azure resources. The users on the customer sites access the Azure resources by using site-to-site VPNs.

You have a line-of-business app named App1 that runs on several Azure virtual machine. The virtual machines run Windows Server 2016.

You need to ensure that the connections to App1 are spread across all the virtual machines.

What are two possible Azure services that you can use? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

a public load balancer
a public load balancer
Traffic Manager
Traffic Manager
an Azure Content Delivery Network (CDN)
an Azure Content Delivery Network (CDN)
an internal load balancer
an internal load balancer
an Azure Application Gateway
an Azure Application Gateway
Suggested answer: D, E

Explanation:

Line-of-business apps means custom apps. Generally these are used by internal staff members of the company.

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications.

Internal Load Balancer provides a higher level of availability and scale by spreading incoming requests across virtual machines (VMs) within the virtual network.

Reference:

https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview

https://docs.microsoft.com/en-us/azure/application-gateway/overview

asked 26/09/2024
Habte Manna
27 questions

Question 56

Report
Export
Collapse

You have an azure subscription that contain a virtual named VNet1. VNet1. contains four subnets named Gatesway, perimeter, NVA, and production.

The NVA contain two network virtual appliance (NVAs) that will network traffic inspection between the perimeter subnet and the production subnet.

You need to implement an Azure load balancer for the NVAs. The solution must meet the following requirements:

The NVAs must run in an active-active configuration that uses automatic failover.

The NVA must load balance traffic to two services on the Production subnet. The services have different IP addresses

Which three actions should you perform? Each correct answer presents parts of the solution.

NOTE: Each correct selection is worth one point.

Add two load balancing rules that have HA Ports enabled and Floating IP disabled.
Add two load balancing rules that have HA Ports enabled and Floating IP disabled.
Deploy a standard load balancer.
Deploy a standard load balancer.
Add a frontend IP configuration, two backend pools, and a health prob.
Add a frontend IP configuration, two backend pools, and a health prob.
Add a frontend IP configuration, a backend pool, and a health probe.
Add a frontend IP configuration, a backend pool, and a health probe.
Add two load balancing rules that have HA Ports and Floating IP enabled.
Add two load balancing rules that have HA Ports and Floating IP enabled.
Deploy a basic load balancer.
Deploy a basic load balancer.
Suggested answer: B, C, E

Explanation:

A standard load balancer is required for the HA ports.

-Two backend pools are needed as there are two services with different IP addresses.

-Floating IP rule is used where backend ports are reused.

Incorrect Answers:

F: HA Ports are not available for the basic load balancer.

Reference:

https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-overview

https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-multivip-overview

The following diagram presents a hub-and-spoke virtual network deployment. The spokes forcetunnel their traffic to the hub virtual network and through the NVA, before leaving the trusted space.

The NVAs are behind an internal Standard Load Balancer with an HA ports configuration. All traffic can be processed and forwarded accordingly. When configured as show in the following diagram, an HA Ports load-balancing rule additionally provides flow symmetry for ingress and egress traffic.

Reference :

https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview

https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-multivip-overview

https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-ha-ports-overview#a-singlefloating-ip-direct-server-return-ha-ports-configuration-on-an-internal-standard-load-balancer

asked 26/09/2024
David Miller
32 questions

Question 57

Report
Export
Collapse

You have an Azure subscription that contains a user account named User1.

You need to ensure that User1 can assign a policy to the tenant root management group.

What should you do?

Assign the Owner role to User1, and then instruct User1 to configure access management for Azure resources.
Assign the Owner role to User1, and then instruct User1 to configure access management for Azure resources.
Assign the Global administrator role to User1, and then instruct User1 to configure access management for Azure resources.
Assign the Global administrator role to User1, and then instruct User1 to configure access management for Azure resources.
Assign the Global administrator role to User1, and then modify the default conditional access policies.
Assign the Global administrator role to User1, and then modify the default conditional access policies.
Assign the Owner role to User1, and then modify the default conditional access policies.
Assign the Owner role to User1, and then modify the default conditional access policies.
Suggested answer: A

Explanation:

To assign a policy to the tenant root management group you have to be an administrator of an Azure subscription. To make a user an administrator of an Azure subscription, assign them the Owner role at the subscription scope. After that assignment user can configure access management for Azure resources.

Reference:

https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal

asked 26/09/2024
Daniel Skow
32 questions

Question 58

Report
Export
Collapse

You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.

The User administrator role is assigned to a user named Admin1.

An external partner has a Microsoft account that uses the [email protected] sign in.

Admin1 attempts to invite the external partner to sign in to the Azure AD tenant and receives the following error message: "Unable to invite user [email protected] ñ Generic authorization exception."

You need to ensure that Admin1 can invite the external partner to sign in to the Azure AD tenant.

What should you do?

From the Roles and administrators blade, assign the Security administrator role to Admin1.
From the Roles and administrators blade, assign the Security administrator role to Admin1.
From the Organizational relationships blade, add an identity provider.
From the Organizational relationships blade, add an identity provider.
From the Custom domain names blade, add a custom domain.
From the Custom domain names blade, add a custom domain.
From the Users settings blade, modify the External collaboration settings.
From the Users settings blade, modify the External collaboration settings.
Suggested answer: D

Explanation:

Reference:

https://techcommunity.microsoft.com/t5/Azure-Active-Directory/Generic-authorization-exceptioninviting-Azure-AD-gests/td-p/274742

asked 26/09/2024
Juan Contreras
36 questions

Question 59

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains the resource groups shown in the following table.

Microsoft AZ-104 image Question 26 84551 09262024195642000000

RG1 contains the resources shown in the following table.

Microsoft AZ-104 image Question 26 84551 09262024195642000000

RG2 contains the resources shown in the following table.

Microsoft AZ-104 image Question 26 84551 09262024195642000000

You need to identify which resources you can move from RG1 to RG2, and which resources you can move from RG2 to RG1.

Which resources should you identify? To answer, select the appropriate options in the answer area.


Microsoft AZ-104 image Question 59 84551 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 59 84551 09262024075642000

Explanation:

Read only and Delete lock won't prevent you from moving resources in different resource groups. It will prevent you to do the operations in the resource group where the resources are there.

So the correct answer should be

RG1 --> RG2 = IP1, vnet1 and storage1

RG2 --> RG1 = IP2, vnet2 and storage2

Reference:

https://docs.microsoft.com/en-us/azure/governance/blueprints/concepts/resource-locking

asked 26/09/2024
Assane SENE
39 questions

Question 60

Report
Export
Collapse

HOTSPOT

You have an Azure subscription named Sub1.

You plan to deploy a multi-tiered application that will contain the tiers shown in the following table.

Microsoft AZ-104 image Question 27 84552 09262024195642000000

You need to recommend a networking solution to meet the following requirements:

Ensure that communication between the web servers and the business logic tier spreads equally across the virtual machines.

Protect the web servers from SQL injection attacks.

Which Azure resource should you recommend for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft AZ-104 image Question 60 84552 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 60 84552 09262024075642000

Explanation:

Box 1: an internal load balancer

Azure Internal Load Balancer (ILB) provides network load balancing between virtual machines that reside inside a cloud service or a virtual network with a regional scope.

Box 2: an application gateway that uses the WAF tier

Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection of your web applications from common exploits and vulnerabilities. Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities.

Reference:

https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview

asked 26/09/2024
Ivan Dujmic
52 questions
Total 659 questions
Go to page: of 66
Search

Related questions