ExamGecko
Search Search Login
Home Home / Microsoft / AZ-104
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You need to the appropriate sizes for the Azure virtual for Server2. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
DRAG DROP You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Answer:
HOTSPOT You need to implement Role1. Which command should you run before you create Role1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev. You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group. Solution: On Dev, you assign the Contributor role to the Developers group. Does this meet the goal?
You discover that VM3 does NOT meet the technical requirements. You need to verify whether the issue relates to the NSGs. What should you use?
Note: This question is part of a series of questions that present the same scenario. Each question in theseries contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a Microsoft Entra tenant named contoso.com. You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the 500 external users. Solution; From Microsoft Entra ID in the Azure portal, you use the Bulk invite users' operation. Does this meet the goal?
You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements. Which storage account should you identify?
HOTSPOT You need to create storage5. The solution must support the planned changes. Which type of storage account should you use, and which account should you configure as the destination storage account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You need to identify the storage requirements for Contoso. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Which blade should you instruct the finance department auditors to use?

Question 126 - AZ-104 discussion

Report
Export

HOTSPOT

You have an Azure subscription named Subcription1 that contains a resource group named RG1.

In RG1. you create an internal load balancer named LB1 and a public load balancer named 162.

You need to ensure that an administrator named Admin 1 can manage LB1 and LB2. The solution must follow the principle of least privilege.

Which role should you assign to Admin1 for each task? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 126
Correct answer: Question 126

Explanation:

Box 1: Network Contributor on RG1

To add to the backend pool, write permission is required on the Resource Group because it writes deployment information. To add a backend pool, you need network contributor role on the LB and on the VMs that will be part of the backend pool.

For this reason the network contributor role must be assigned to the RG where the LB and the VM resides. So the correct answer is Network Contributor on RG1 .

Box 2: Network Contributor on RG1

For Health Probe also, without having access to RG1, no health probe can be added. If only Network

Contributor role is assigned to LB then the user would not be able to access the IP addresses of the member pools.

Owner/Contributor can give the user access for everything. So it will not fit into the the principle of least privilege. Hence Owner and contributor role is incorrect choices for the question.

Reference:

https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

Show Answer
asked 26/09/2024
Yan Wei
35 questions
PreviousPreviousNextNext
User
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms