ExamGecko
Home / Microsoft / AZ-104 / List of questions
Ask Question

Microsoft AZ-104 Practice Test - Questions Answers, Page 14

List of questions

Question 131

Report
Export
Collapse

You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named adatum.com. The tenant contains 500 user accounts.

You deploy Microsoft Office 365. You configure Office 365 to use the user accounts in adatum.com.

You configure 60 users to connect to mailboxes in Microsoft Exchange Online.

You need to ensure that the 60 users use Azure Multi-Factor Authentication (MFA) to connect to the Exchange Online mailboxes. The solution must only affect connections to the Exchange Online mailboxes.

What should you do?

From the multi-factor authentication page, configure the Multi-Factor Auth status for each user
From the multi-factor authentication page, configure the Multi-Factor Auth status for each user
From Azure Active Directory admin center, create a conditional access policy
From Azure Active Directory admin center, create a conditional access policy
From the multi-factor authentication page, modify the verification options
From the multi-factor authentication page, modify the verification options
From the Azure Active Directory admin center, configure an authentication method
From the Azure Active Directory admin center, configure an authentication method
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates

asked 26/09/2024
Joe Pardee
46 questions

Question 132

Report
Export
Collapse

Your network contains an on-premises Active Directory domain named adatum.com. The domain contains an organizational unit (OU) named OU1. OU1 contains the objects shown in the following table.

Microsoft AZ-104 image Question 99 84624 09262024195642000000

You sync OU1 to Azure Active Directory (Azure AD) by using Azure AD Connect.

You need to identify which objects are synced to Azure AD.

Which objects should you identify?

User1 and Group1 only
User1 and Group1 only
User1, Group1, and Group2 only
User1, Group1, and Group2 only
User1, Group1, Group2, and Computer1
User1, Group1, Group2, and Computer1
Computer1 only
Computer1 only
Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/synchronization

asked 26/09/2024
Alessandro Cristofori
39 questions

Question 133

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure subscription that contains the following users in an Azure Active Directory tenant named contoso.onmicrosoft.com:

Microsoft AZ-104 image Question 100 84625 09262024195642000000

User1 creates a new Azure Active Directory tenant named external.contoso.onmicrosoft.com.

You need to create new user accounts in external.contoso.onmicrosoft.com.

Solution: You instruct User4 to create the user accounts.

Does that meet the goal?

yes
yes
No
No
Suggested answer: B

Explanation:

Only a global administrator can add users to this tenant.

Reference:

https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/add-users-to-azure-ad

asked 26/09/2024
Barret Tan
25 questions

Question 134

Report
Export
Collapse

You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com and an Azure Kubernetes Service (AKS) cluster named AKS1.

An administrator reports that she is unable to grant access to AKS1 to the users in contoso.com.

You need to ensure that access to AKS1 can be granted to the contoso.com users.

What should you do first?

From contoso.com, modify the Organization relationships settings.
From contoso.com, modify the Organization relationships settings.
From contoso.com, create an OAuth 2.0 authorization endpoint.
From contoso.com, create an OAuth 2.0 authorization endpoint.
Recreate AKS1.
Recreate AKS1.
From AKS1, create a namespace.
From AKS1, create a namespace.
Suggested answer: B

Explanation:

With Azure AD-integrated AKS clusters, you can grant users or groups access to Kubernetes resources within a namespace or across the cluster. To obtain a kubectl configuration context, a user can run the az aks get-credentials command. When a user then interacts with the AKS cluster with kubectl, they're prompted to sign in with their Azure AD credentials. This approach provides a single source for user account management and password credentials. The user can only access the resources as defined by the cluster administrator.

Azure AD authentication is provided to AKS clusters with OpenID Connect. OpenID Connect is an identity layer built on top of the OAuth 2.0 protocol. For more information on OpenID Connect, see the Open ID connect documentation. From inside of the Kubernetes cluster, Webhook Token

Authentication is used to verify authentication tokens. Webhook token authentication is configured and managed as part of the AKS cluster.

Microsoft AZ-104 image Question 101 explanation 84626 09262024195642000000

Reference:

https://kubernetes.io/docs/reference/access-authn-authz/authentication/

https://docs.microsoft.com/en-us/azure/aks/concepts-identity

Topic 6, Misc. Questions Set B

asked 26/09/2024
Mathieu Alingum Nubee
39 questions

Question 135

Report
Export
Collapse

HOTSPOT

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table:

Microsoft AZ-104 image Question 102 84627 09262024195642000000

User3 is the owner of Group1.

Group2 is a member of Group1.

You configure an access review named Review1 as shown in the following exhibit:

Microsoft AZ-104 image Question 102 84627 09262024195642000000

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Microsoft AZ-104 image Question 135 84627 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 135 84627 09262024075642000

Explanation:

In the Users section, specify the users that the access review applies to. Access reviews can be for the members of a group or for users who were assigned to an application. You can further scope the access review to review only the guest users who are members (or assigned to the application), rather than reviewing all the users who are members or who have access to the application.

Microsoft AZ-104 image Question 102 explanation 84627 09262024195642000000

Present Use Case:

Group2 is a member of Group1 and User3 is the owner of Group1 So User3 can review both Group 1 and 2.

But for review the scope says only Guest.

Solution:

User1 is a member not a guest so 1st statement ==> NO

UserA is member not the guest so 2nd statement ==> No

UserB is a guest so 3rd statement ==> Yes

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/governance/create-access-review

asked 26/09/2024
Alex Agenjo Fernandez
26 questions

Question 136

Report
Export
Collapse

HOTSPOT

You have the Azure management groups shown in the following table.

Microsoft AZ-104 image Question 103 84628 09262024195642000000

You add Azure subscriptions to the management groups as shown in the following table.

Microsoft AZ-104 image Question 103 84628 09262024195642000000

You create the Azure policies shown in the following table.

Microsoft AZ-104 image Question 103 84628 09262024195642000000

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.


Box 1: No

Virtual networks are not allowed at the root and is inherited. Deny overrides allowed.

Box 2: No

Box 3: Yes

Subscriptions can be moved between Management Groups provided the user has the required RBAC permissions.

Reference:

https://docs.microsoft.com/en-us/azure/governance/management-groups/overview

https://docs.microsoft.com/en-us/azure/governance/management-groups/manage#movingmanagement-groups-and-subscriptions

Microsoft AZ-104 image Question 136 84628 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 136 84628 09262024075642000
asked 26/09/2024
Pedro Perez
39 questions

Question 137

Report
Export
Collapse

You have an Azure subscription named Subscription1 that contains an Azure Log Analytics workspace named Workspace1.

You need to view the error events from a table named Event.

Which query should you run in Workspace1?

Event | where EventType is "error"
Event | where EventType is "error"
Event | search "error"
Event | search "error"
select * from Event where EventType == "error"
select * from Event where EventType == "error"
Get-Event Event | where {$_.EventType -eq "error"}
Get-Event Event | where {$_.EventType -eq "error"}
Suggested answer: B

Explanation:

To search a term in a specific table, add in (table-name) just after the search operator

Reference:

https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/get-started-queries

asked 26/09/2024
Nicoleta Moglan
37 questions

Question 138

Report
Export
Collapse

You have an Azure virtual machine named VM1 that runs Windows Server 2019.

You save VM1 as a template named Template1 to the Azure Resource Manager library.

You plan to deploy a virtual machine named VM2 from Template1.

What can you configure during the deployment of VM2?

virtual machine size
virtual machine size
operating system
operating system
administrator username
administrator username
resource group
resource group
Suggested answer: C

Explanation:

When deploying a virtual machine from a template, you must specify: the Resource Group name and location for the VM the administrator username and password an unique DNS name for the public IP

Reference:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/ps-template

asked 26/09/2024
Paul Schwarz
38 questions

Question 139

Report
Export
Collapse

HOTSPOT

You have an Azure subscription named Subscription1. Subscription1 contains two Azure virtual machines named VM1 and VM2. VM1 and VM2 run Windows Server 2016.

VM1 is backed up daily by Azure Backup without using the Azure Backup agent.

VM1 is affected by ransomware that encrypts data.

You need to restore the latest backup of VM1.

To which location can you restore the backup? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Microsoft AZ-104 image Question 139 84631 09262024075642000
Correct answer: Microsoft AZ-104 image answer Question 139 84631 09262024075642000

Explanation:

Box 1 : VM1 and VM2 only

When recovering files, you can't restore files to a previous or future operating system version.You can restore files from a VM to the same server operating system, or to the compatible client operating system. Therefore -"VM1 and VM2 only" is the best answer since both run on Windows Server 2016.

"A new Azure virtual machine only" ,this will also work but why to create unnecessary new VM in

Azure if existing VM will do the task. So this option is incorrect.

Box 2 : VM1 or A new Azure virtual machine only

When restoring a VM, you can't use the replace existing VM option for encrypted VMs. This option is only supported for unencrypted managed disks. And also You can restore files from a VM to the same server operating system, or to the compatible client operating system only. Hence "VM1 or A new

Azure virtual machine only" is correct answer.

Reference:

https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms

https://docs.microsoft.com/en-us/azure/backup/backup-azure-restore-files-from-vm#systemrequirements

asked 26/09/2024
Anil Dehriya
35 questions

Question 140

Report
Export
Collapse

You have an Azure subscription that has a Recovery Services vault named Vault1. The subscription contains the virtual machines shown in the following table.

Microsoft AZ-104 image Question 107 84632 09262024195642000000

You plan to schedule backups to occur every night at 23:00.

Which virtual machines can you back up by using Azure Backup?

VM1 only
VM1 only
VM1 and VM3 only
VM1 and VM3 only
VM1. VM2, VM3andVM4
VM1. VM2, VM3andVM4
VM1 and VM2 only
VM1 and VM2 only
Suggested answer: C

Explanation:

Azure Backup supports backup of 64-bit Windows server operating system from Windows Server 2008.

Azure Backup supports backup of 64-bit Windows 10 operating system.

Azure Backup supports backup of 64-bit Ubuntu Server operating system from Ubuntu 12.04.

Azure Backup supports backup of VM that are shutdown or offline.

Reference:

https://docs.microsoft.com/en-us/azure/backup/backup-support-matrix-iaas

https://docs.microsoft.com/en-us/azure/virtual-machines/linux/endorsed-distros

asked 26/09/2024
Dantrez Griffin
34 questions
Total 659 questions
Go to page: of 66
Search

Related questions