AZ-104 Questions

Ace your homework & exams now with Quizwiz!

Note: This question is part of a series You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: You configure a custom policy definition, and then you assign the policy to the subscription. Does this meet the goal? A. Yes B. No

Note: This question is part of a series You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure. Resource Manager template named ARM1.json. You receive a notification that VM1 will be affected by maintenance. You need to move VM1 to a different host immediately. Solution: From the Redeploy blade, you click Redeploy. Does this meet the goal? A. Yes B. No

Note: This question is part of a series Your company registers a domain name of contoso.com. You create an Azure DNS named contoso.com and then you add an A record to the zone for ahost named www that has an IP address of 131.107.1.10. You discover that Internet hosts are unable to resolve www.contoso.com to the 131.107.1.10 IP address. You need to resolve the name resolution issue. Solution: You modify the name server at the domain register. Does this meet the goal? A. Yes B. No

Note: This question is part of a series of questions You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG1. Solution: From the RG1 blade, you click Deployments. Does this meet the goal? A. Yes B. No

You are troubleshooting a performance issue for an Azure Application Gateway. You need to compare the total requests to the failed requests during the past six hours. What should you use? A. Metrics in Application Gateway B. Diagnostics logs in Application Gateway C. NSG flow logs in Azure Network Watcher D. Connection monitor in Azure Network Watcher

You have a Recovery Service vault that you use to test backups. The test backups contain two protected virtual machines. You need to delete the Recovery Services vault. What should you do first? A. From the Recovery Service vault, stop the backup of each backup item. B. From the Recovery Service vault, delete the backup data. C. Modify the disaster recovery properties of each virtual machine. D. Modify the locks of each virtual machine.

You have an Azure Active Directory (Azure AD) domain that contains 5,000 user accounts. You create a new user account named AdminUser1. You need to assign the User administrator administrative role to AdminUser1. What should you do from the user account properties? A. From the Directory role blade, modify the directory role. B. From the Groups blade, invite the user account to a new group. C. From the Licenses blade, assign a new license.

You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains 100 user accounts. You purchase 10 Azure AD Premium P2 licenses for the tenant. You need to ensure that 10 users can use all the Azure AD Premium features. What should you do? A. From the Licenses blade of Azure AD, assign a license B. From the Groups blade of each user, invite the users to a group C. From the Azure AD domain, add an enterprise application D. From the Directory role blade of each user, modify the directory role

You have an Azure subscription named Subscription1. You deploy a Linux virtual machine named VM1 to Subscription1. You need to monitor the metrics and the logs of VM1. What should you use? A. Linux Diagnostic Extension (LAD) 3.0 B. Azure Analysis Services C. The AzurePerformanceDiagnostics extension D. Azure HDInsight

You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG1. Solution: From the RG1 blade, you click Deployments. Does this meet the goal? A. Yes B. No

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: You configure a custom policy definition, and then you assign the policy to the subscription. Does this meet the goal? A. Yes B. No

You have an Azure subscription that contains the following users in an Azure Active Directory tenant named contoso.onmicrosoft.com: NAME---Role---Scope User1---Global Administrator---Azure Active Directory User2--Global Administrator---Azure Active Directory User3---User Administrator---Azure Active Directory User4---Owner---Azure Subscription User1 creates a new Azure Active Directory tenant named external.contoso.onmicrosoft.com. You need to create new user accounts in external.contoso.onmicrosoft.com. Solution: You instruct User2 to create the user accounts. Does that meet the goal? A. Yes B. No

You have an Azure virtual machine named VM1 that runs Windows Server 2019. You sign in to VM1 as a user named User1 and perform the following actions: - Create files on drive C. - Create files on drive D. - Modify the screen saver timeout. - Change the desktop background. You plan to redeploy VM1. Which changes will be lost after you redeploy VM1? A. the modified screen saver timeout B. the new desktop background C. the new files on drive D D. the new files on drive C

You have an Azure web app named webapp1. Users report that they often experience HTTP 500 errors when they connect to webapp1. You need to provide the developers of webapp1 with real-time access to the connection errors. The solution must provide all the connection error details. What should you do first? A. From webapp1, enable Web server logging B. From Azure Monitor, create a workbook C. From Azure Monitor, create a Service Health alert D. From webapp1, turn on Application Logging

You have the Azure virtual machines shown in the following table: NAME---Azure Region VM1---West Europe VM2---West Europe VM3---North Europe VM4---North Europe You have a Recovery Services vault that protects VM1 and VM2. You need to protect VM3 and VM4 by using Recovery Services. What should you do first? A. Create a new Recovery Services vault B. Create a storage account C. Configure the extensions for VM3 and VM4 D. Create a new backup policy

Hotspot Question: You plan to deploy five virtual machines to a virtual network subnet. Each virtual machine will have a public IP address and a private IP address. Each virtual machine requires the same inbound and outbound security rules. What is the minimum number of network interfaces and network security groups that you require? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Minimum number of network interfaces: A. 5 B. 10 C. 15 D. 20 Minimum number of network security groups: A. 1 B. 2 C. 5 D. 10

Hotspot Question You have an Azure subscription that contains a virtual network named VNet1. VNet1 uses an IP address space of 10.0.0.0/16 and contains the subnets in the following table: (see table) Subnet1 contains a virtual appliance named VM1 that operates as a router. You create a routing table named RT1. You need to route all inbound traffic from the VPN gateway to VNet1 through VM1. How should you configure RT1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Address prefix: A. 10.0.0.0/16 B. 10.0.1.0/24 C. 10.0.254.0/24 Next hop type: A. Virtual appliance B. Virtual network C. Virtual network gateway Assigned to: A. GatewaySubnet B. Subnet0 C. Subnet1 and Subnet2

AAA

Drag and Drop Question You have an Azure subscription that contains a storage account. You have an on-premises server named Server1 that runs Window Server 2016. Server1 has 2 TB of data. You need to transfer the data to the storage account by using the Azure Import/Export service. In which order should you perform the actions? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order. NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select. Actions A. Attach an external disk to Server1, and then run waimportexport.exe B. From Azure portal, create an import job. C. Detach the external disks from Server1 and ship the disks to an Azure data center D. From Azure portal, update the import job.

ABCD

You have a Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant named contoso.com. You plan to grant three users named User1, User2, and User3 access to a temporary Microsoft SharePoint document library named Library1. You need to create groups for the users. The solution must ensure that the groups are deleted after 180 days. Which two groups should you create? Each correct answer presents a complete solution. A. an Office 365 group that uses the Assigned membership type B. a Security group that uses the Assigned membership type C. an Office 365 group that uses the Dynamic User membership type D. a Security group that uses the Dynamic User membership type E. a Security group that uses the Dynamic Device membership type

Hotspot Question: You have an Azure subscription named Subscription1. Subscription1 contains two Azure virtual machines named VM1 and VM2. VM1 and VM2 run Windows Server 2016. VM1 is backed up daily by Azure Backup without using the Azure Backup agent. VM1 is affected by ransomware that encrypts data. You need to restore the latest backup of VM1. To which location can you restore the backup? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. You can perform a file recovery of VM1 to: A. VM1 only B. VM2 only C. VM1 and VM2 only D. A new Azure virtual machine only E. Any Windows computer that has internet connectivity You can restore VM1 to: A. VM1 only B. VM2 only C. VM1 and VM2 only D. A new Azure virtual machine only E. Any Windows computer that has internet connectivity

You have an on-premises file server named Server1 that runs Windows Server 2016. You have an Azure subscription that contains an Azure file share. You deploy an Azure File Sync Storage Sync Service, and you create a sync group. You need to synchronize files from Server1 to Azure. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. A. Install the Azure File Sync agent on Server 1 B. Create an Azure on-premises data gateway C. Create a Recovery Services vault D. Register Server 1 E. Add a server endpoint F. Install the DFS Replication server role on Server1

ADE

You plan to automate the deployment of a virtual machine scale set that uses the Windows Server 2016 Datacenter image. You need to ensure that when the scale set virtual machines are provisioned, they have web server components installed. Which two actions should you perform? Each correct answer presents part of the solution. NOTE Each correct selection is worth one point. A. Modify the extensionProfile section of the Azure Resource Manager template. B. Create a new virtual machine scale set in the Azure portal. C. Create an Azure policy. D. Create an automation account. E. Upload a configuration script.

Note: This question is part of a series You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG1. Solution: From the RG1 blade, you click Automation script. Does this meet the goal? A. Yes B. No

Note: This question is part of a series You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: From the Resource providers blade, you unregister the Microsoft.ClassicNetwork provider. Does this meet the goal? A. Yes B. No

Note: This question is part of a series You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: You create a resource lock, and then you assign the lock to the subscription.. Does this meet the goal? A. Yes B. No

Note: This question is part of a series You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json. You receive a notification that VM1 will be affected by maintenance. You need to move VM1 to a different host immediately. Solution: From the Overview blade, you move the virtual machine to a different resource group. A. Yes B. No

Note: This question is part of a series You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json. You receive a notification that VM1 will be affected by maintenance. You need to move VM1 to a different host immediately. Solution: From the Update management blade, you click enable. Does this meet the goal? A. Yes B. No

Note: This question is part of a series Your company registers a domain name of contoso.com. You create an Azure DNS named contoso.com and then you add an A record to the zone for ahost named www that has an IP address of 131.107.1.10. You discover that Internet hosts are unable to resolve www.contoso.com to the 131.107.1.10 IP address. You need to resolve the name resolution issue. Solution: You add an NS record to the contoso.com Azure DNS zone. A. Yes B. No

Note: This question is part of a series of questions You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG1. Solution: From the Subscriptions blade, you select the subscription, and then click Programmatic deployment. Does this meet the goal? A. Yes B. No

Note: This question is part of a series of questions You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates. You need to view the date and time when the resources were created in RG1. Solution: From the Subscriptions blade, you select the subscription, and then click Resource providers. Does this meet the goal? A. Yes B. No

You are the global administrator for an Azure Active Directory (Azure AD) tenant named adatum.com. You need to enable two-step verification for Azure users. What should you do? A. Configure a playbook in Azure AD conditional access policy. B. Create an Azure AD conditional access policy. C. Create and configure the Identify Hub. D. Install and configure Azure AD Connect.

You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains 100 user accounts. You purchase 10 Azure AD Premium P2 licenses for the tenant. You need to ensure that 10 users can use all the Azure AD Premium features. What should you do? A. From the Groups blade of each user, invite the users to a group. B. From the Licenses blade of Azure AD, assign a license. C. From the Directory role blade of each user, modify the directory role. D. From the Azure AD domain, add an enterprise application.

You have an Azure Active Directory (Azure AD) tenant named contosocloud.onmicrosoft.com. Your company has a public DNS zone for contoso.com. You add contoso.com as a custom domain name to Azure AD. You need to ensure that Azure can verify the domain name. Which type of DNS record should you create? A. PTR B. MX C. NSEC3 D. RRSIG

You have an Azure Active Directory (Azure AD) tenant that contains 5,000 user accounts. You create a new user account named AdminUser1. You need to assign the User administrator administrative role to AdminUser1. What should you do from the user account properties? A. From the Licenses blade, assign a new license B. From the Directory role blade, modify the directory role C. From the Groups blade, invite the user account to a new group

You have an Azure Storage account named storage1. You plan to use AzCopy to copy data to storage1. You need to identify the storage services in storage1 to which you can copy the data. What should you identify? A. blob, file, table, and queue B. blob and file only C. file and table only D. file only E. blob, table, and queue only

You have an Azure subscription named Subscription1 that is used by several departments at your company. Subscription1 contains the resources in the following table: NAME---Type Storage1---storage account RG1---Resource group container1---Blob container share1---File share Another administrator deploys a virtual machine named VM1 and an Azure Storage account named storage2 by using a single Azure Resource Manager template. You need to view the template used for the deployment. From which blade can you view the template that was used for the deployment? A. VM1 B. RG1 C. storage2 D. container1

You have an Azure subscription named Subscription1. You deploy a Linux virtual machine named VM1 to Subscription1. You need to monitor the metrics and the logs of VM1. What should you use? A. Azure HDInsight B. Linux Diagnostic Extension (LAD) 3.0 C. the AzurePerformanceDiagnostics extension D. Azure Analysis Services

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: From the Resource providers blade, you unregister the Microsoft.ClassicNetwork provider. Does this meet the goal? A. Yes B. No

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: You assign a built-in policy definition to the subscription. Does this meet the goal? A. Yes B. No

You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com and an Azure Kubernetes Service (AKS) cluster named AKS1. An administrator reports that she is unable to grant access to AKS1 to the users in contoso.com. You need to ensure that access to AKS1 can be granted to the contoso.com users. What should you do first? A. From contoso.com, modify the Organization relationships settings. B. From contoso.com, create an OAuth 2.0 authorization endpoint. C. Recreate AKS1. D. From AKS1, create a namespace.

You have an Azure subscription that contains the following users in an Azure Active Directory tenant named contoso.onmicrosoft.com: NAME---Role---Scope User1---Global Administrator---Azure Active Directory User2--Global Administrator---Azure Active Directory User3---User Administrator---Azure Active Directory User4---Owner---Azure Subscription User1 creates a new Azure Active Directory tenant named external.contoso.onmicrosoft.com. You need to create new user accounts in external.contoso.onmicrosoft.com. Solution: You instruct User3 to create the user accounts. Does that meet the goal? A. Yes B. No

You have an Azure subscription that contains the following users in an Azure Active Directory tenant named contoso.onmicrosoft.com: NAME---Role---Scope User1---Global Administrator---Azure Active Directory User2--Global Administrator---Azure Active Directory User3---User Administrator---Azure Active Directory User4---Owner---Azure Subscription User1 creates a new Azure Active Directory tenant named external.contoso.onmicrosoft.com. You need to create new user accounts in external.contoso.onmicrosoft.com. Solution: You instruct User4 to create the user accounts. Does that meet the goal? A. Yes B. No

You have an Azure subscription that contains two resource groups named RG1 and RG2. RG2 does not contain any resources. RG1 contains the resources in the following table. NAME---TYPE---Description---Lock VNET1---Virtual Network---Virtual network---ReadOnly VNET3---Virtual Network---Classic Virtual network---None W10---Virtual Machine---VM runs Windows 10, stopped---Delete W10_OsDisk---Disk---Managed SSD disk on W10---None Which resource can you move to RG2? A. W10_OsDisk B. VNet1 C. VNet3 D. W10

You have an Azure subscription that has a Recovery Services vault named Vault1. The subscription contains the virtual machines shown in the following table: NAME---Operating System---Auto-Shutdown VM1---WIndows Server 2012 R2---Off VM2---WIndows Server 2016---19:00 VM3---Ubuntu Server 18.04LTS---Off VM4---WIndows 10---19:00 You plan to schedule backups to occur every night at 23:00. Which virtual machines can you back up by using Azure Backup? A. VM1 and VM3 only B. VM1, VM2, VM3 and VM4 C. VM1 and VM2 only D. VM1 only

You have an Azure virtual machine named VM1 that runs Windows Server 2019. You save VM1 as a template named Template1 to the Azure Resource Manager library. You plan to deploy a virtual machine named VM2 from Template1. What can you configure during the deployment of VM2? A. operating system B. administrator username C. virtual machine size D. resource group

You have an Azure web app named App1. App1 has the deployment slots shown in the following table: NAME---Function webapp1-prod---Production webapp1-test---Staging In webapp1-test, you test several changes to App1. You back up App1. You swap webapp1-test for webapp1-prod and discover that App1 is experiencing performance issues. You need to revert to the previous version of App1 as quickly as possible. What should you do? A. Redeploy App1 B. Swap the slots C. Clone App1 D. Restore the backup of App1

You have several Windows Server and Ubuntu Linux virtual machines (VMs) distributed across two virtual networks (VNets): - prod-vnet-west (West US region) - prod-vnet-east (East US region) You need to allow VMs in either VNet to connect and to share resources by using only the Azure backbone network. Your solution must minimize cost, complexity, and deployment time. What should you do? A. Add a service endpoint to each VNet. B. Configure peering between prod-vnet-west and prod-vnet-west. C. Create a private zone in Azure DNS. D. Deploy a VNet-to-VNet virtual private network (VPN).

You have the Azure virtual machines shown in the following table. NAME---Azure Region VM1---West Europe VM2---West Europe VM3---North Europe VM4---North Europe You have a Recovery Services vault that protects VM1 and VM2. You need to protect VM3 and VM4 by using Recovery Services. What should you do first? A. Configure the extensions for VM3 and VM4. B. Create a new Recovery Services vault. C. Create a storage account. D. Create a new backup policy.

You manage an Azure Windows Server virtual machine (VM) that hosts several SQL Server databases. You need to configure backup and retention policies for the VM. The backup policy must include transaction log backups. What should you do? A. Configure point-in-time and long-term retention policies from the SQL Servers Azure portal blade. B. Configure a SQL Server in Azure VM backup policy from the Recovery Services Azure portal blade. C. Configure a continuous delivery deployment group from the Virtual Machine Azure portal blade. D. Configure a point-in-time snapshot from the Disks Azure portal blade.

You plan to deploy three Azure virtual machines named VM1, VM2, and VM3. The virtual machines will host a web app named App1. You need to ensure that at least two virtual machines are available if a single Azure datacenter becomes unavailable. What should you deploy? A. all three virtual machines in a single Availability Zone B. all virtual machines in a single Availability Set C. each virtual machine in a separate Availability Zone D. each virtual machine in a separate Availability Set

Your company has an Azure subscription named Subscription1. The company also has two onpremises servers named Server1 and Server2 that run Windows Server 2016. Server1 is configured as a DNS server that has a primary DNS zone named adatum.com. Adatum.com contains 1,000 DNS records. You manage Server1 and Subscription1 from Server2. Server2 has the following tools installed: - The DNS Manager console - Azure PowerShell - Azure CLI 2.0 You need to move the adatum.com zone to Subscription1. The solution must minimize administrative effort. What should you use? A. Azure PowerShell B. Azure CLI C. the Azure portal D. the DNS Manager console

You have an Azure subscription named Subscription1 that contains a resource group named RG1.In RG1, you create an internal load balancer named LB1 and a public load balancer named LB2.You need to ensure that an administrator named Admin1 can manage LB1 and LB2. The solution must follow the principle of least privilege. Which role should you assign to Admin1 for each task? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. To add a backend pool to LB1 A. Contributor on LB1 B. Network Contributor on LB1 C. Network Contributor on RG1 D. Owner on LB1 To add a health probe to LB2: A. Contributor on LB2 B. Network Contributor on LB2 C. Network Contributor on RG1 D. Owner on LB2

You plan to use the Azure Import/Export service to copy files to a storage account. Which two files should you create before you prepare the drives for the import job? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. A. an XML manifest file B. a driveset CSV file C. a dataset CSV file D. a PowerShell PS1 file E. a JSON configuration file

Drag and Drop Question: You have an availability set named AS1 that contains three virtual machines named VM1, VM2, and VM3. You attempt to reconfigure VM1 to use a larger size. The operation fails and you receive an allocation failure message. You need to ensure that the resize operation succeeds. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. A. Start VM1, VM2, and VM3 B. Stop VM1, VM2, and VM3 C. Start VM2 and VM3 D. Resize VM1 E. Stop VM2 and VM3 F. Start VM1

BDA

Drag and Drop Question: You have two Azure virtual machines named VM1 and VM2. VM1 has a single data disk named Disk1. You need to attach Disk1 to VM2. The solution must minimize downtime for both virtual machines. Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. A. Start VM2 B. Stop VM1 C. Start VM1 D. Detach Disk1 from VM1 E. Attach Disk1 to VM2 F. Stop VM2

BDCE

Drag and Drop Question You have an on-premises file server named Server1 that runs Windows Server 2016. You have an Azure subscription that contains an Azure file share. You deploy an Azure File Sync Storage Sync Service, and you create a sync group. You need to synchronize files from Server1 to Azure. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. A. Create an Azure on-prem data gateway B. Install the Azure File Sync agent on Server1 C. Create a Recovery Services vault D. Register server1 E. Install the DFS Replication server role on Server1 F. Add a server endpoint

BDF

You have an Azure subscription named Subscription1. You create an Azure Storage account named contosostorage, and then you create a file share named data. Which UNC path should you include in a script that references files from the data file share? A. blob B. contosostorage C. file D. portal.azure.com E. blob.core.windows.net F. data G. file.core.windows.net H. subscription1

BGF

You create an Azure Storage account named contosostorage. You plan to create a file share named data. Users need to map a drive to the data file share from home computers that run Windows 10. Which port should be open between the home computers and the data file share? A. 80 B. 443 C. 445 D. 3389

You download an Azure Resource Manager template based on an existing virtual machine. The template will be used to deploy 100 virtual machines. You need to modify the template to reference an administrative password. You must prevent the password from being stored in plain text. What should you create to store the password? A. Azure Active Directory (AD) Identity Protection and an Azure policy B. a Recovery Services vault and a backup policy C. an Azure Key Vault and an access policy D. an Azure Storage account and an access policy

You have an Azure subscription named AZPT1 that contains the resources shown in the following table: NAME---TYPE storage1---Azure Storage Account VNET1---Virtual network VM1---Azure virtual machine VM1Managed---Managed disk for VM1 RVAULT1---Recovery Services vault for the site recovery of VM1 You create a new Azure subscription named AZPT2. You need to identify which resources can be moved to AZPT2. Which resources should you identify? A. VM1, storage1, VNET1, and VM1Managed only B. VM1 and VM1Managed only C. VM1, storage1, VNET1, VM1Managed, and RVAULT1 D. RVAULT1 only

You have an Azure subscription named Subscription1 and an on-premises deployment of Microsoft System Center Service Manager. Subscription1 contains a virtual machine named VM1. You need to ensure that an alert is set in Service Manager when the amount of available memory on VM1 is below 10 percent. What should you do first? A. Create an automation runbook B. Deploy a function app C. Deploy the IT Service Management Connector (ITSM) D. Create a notification

You have an Azure subscription that contains 10 virtual machines. You need to ensure that you receive an email message when any virtual machines are powered off, restarted, or deallocated. What is the minimum number of rules and action groups that you require? A. three rules and three action groups B. one rule and one action group C. three rules and one action group D. one rule and three action groups

You have an Azure subscription that contains 100 virtual machines. You regularly create and delete virtual machines. You need to identify unused disks that can be deleted. What should you do? A. From Microsoft Azure Storage Explorer, view the Account Management properties. B. From the Azure portal, configure the Advisor recommendations. C. From Cloudyn, open the Optimizer tab and create a report. D. From Cloudyn, create a Cost Management report.

You have an Azure subscription that contains the resources in the following table. NAME---TYPE ASG1---Application Security group NSG1---Network Security Group (NSG) Subnet1---Subnet VNET1---Virtual Network NIC1---Network Interface VM1---Virtual machine Subnet1 is associated to VNet1. NIC1 attaches VM1 to Subnet1. You need to apply ASG1 to VM1. What should you do? A. Modify the properties of NSG1. B. Modify the properties of ASG1. C. Associate NIC1 to ASG1.

You have an on-premises server that contains a folder named D:\Folder1. You need to copy the contents of D:\Folder1 to the public container in an Azure Storage account named contosodata. Which command should you run? A. https://contosodata.blob.core.windows.net/public B. azcopy sync D:\folder1 https://contosodata.blob.core.windows.net/public -- snapshot C. azcopy copy D:\folder1 https://contosodata.blob.core.windows.net/public -- recursive D. az storage blob copy start-batch D:\Folder1 https://contosodata.blob.core.windows.net/public

You have the Azure virtual networks shown in the following table. NAME---Address space---Subnet---Resource group Azure region VNet1---10.11.0.0/16---10.11.0.0/17---West US Vnet2---10.11.0.0/17---10.11.0.0/25---West US Vnet3---10.10.0.0/22---10.10.1.0/24---East US Vnet4---192.168.16.0/22---192.168.16.0/24---North Europe To which virtual networks can you establish a peering connection from VNet1? A. VNet2 and VNet3 only B. VNet2 only C. VNet3 and VNet4 only D. VNet2, VNet3, and VNet4

You have two Azure virtual networks named VNet1 and VNet2. VNet1 contains an Azure virtual machine named VM1. VNet2 contains an Azure virtual machine named VM2. VM1 hosts a frontend application that connects to VM2 to retrieve data. Users report that the frontend application is slower than usual. You need to view the average round-trip time (RTT) of the packets from VM1 to VM2. Which Azure Network Watcher feature should you use? A. IP flow verify B. Connection troubleshoot C. Connection monitor D. NSG flow logs

You have two subscriptions named Subscription1 and Subscription2. Each subscription is associated to a different Azure AD tenant. Subscription1 contains a virtual network named VNet1.VNet1 contains an Azure virtual machine named VM1 and has an IP address space of 10.0.0.0/16. Subscription2 contains a virtual network named VNet2. VNet2 contains an Azure virtual machine named VM2 and has an IP address space of 10.10.0.0/24. You need to connect VNet1 to VNet2. What should you do first? A. Move VNet1 to Subscription2. B. Modify the IP address space of VNet2. C. Provision virtual network gateways. D. Move VM1 to Subscription2.

You plan to deploy several Azure virtual machines that will run Windows Server 2019 in a virtual machine scale set by using an Azure Resource Manager template. You need to ensure that NGINX is available on all the virtual machines after they are deployed. What should you use? A. Azure Active Directory (Azure AD) Application Proxy B. Azure Application Insights C. Azure Custom Script Extension D. the New-AzConfigurationAssignement cmdlet

You recently created a new Azure subscription that contains a user named Admin1. Admin1 attempts to deploy an Azure Marketplace resource by using an Azure Resource Manager template. Admin1 deploys the template by using Azure PowerShell and receives the following error message: "User failed validation to purchase resources. Error message: "Legal terms have not been accepted for this item on this subscription. To accept legal terms, please go to the Azure portal (http:// go.microsoft.com/fwlink/?LinkId=534873) and configure programmatic deployment for the Marketplace item or create it there for the first time." You need to ensure that Admin1 can deploy the Marketplace resource successfully. What should you do? A. From Azure PowerShell, run the Set-AzApiManagementSubscription cmdlet B. From the Azure portal, register the Microsoft.Marketplace resource provider C. From Azure PowerShell, run the Set-AzMarketplaceTerms cmdlet D. From the Azure portal, assign the Billing administrator role to Admin1

Your on-premises network contains an SMB share named Share1. You have an Azure subscription that contains the following resources: - A web app named webapp1 - A virtual network named VNET1 You need to ensure that webapp1 can connect to Share1. What should you deploy? A. an Azure Application Gateway B. an Azure Active Directory (Azure AD) Application Proxy C. an Azure Virtual Network Gateway

Hotspot Question: You have an Azure subscription named Subscription1. You plan to deploy an Ubuntu Server virtual machine named VM1 to Subscription1. You need to perform a custom deployment of the virtual machine. A specific trusted root certification authority (CA) must be added during the deployment. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. File to create: A. Answer.ini B. Autounattend.conf C. Cloud-init.txt D. Unattend.xml Tool to use to deploy the virtual machine: A. The az vm create command B. The Azure Portal C. The New-AzureRmVM cmdlet

Hotspot Question: You purchase a new Azure subscription named Subscription1. You create a virtual machine named VM1 in Subscription1. VM1 is not protected by Azure Backup. You need to protect VM1 by using Azure Backup. Backups must be created at 01:00 and stored for 30 days. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Location in which to store the backups: A. a blob container B. a file share C. a Recovery services Vault D. a storage account Object to use to configure the protection for VM1 A. a backup policy B. a batch job C. a batch schedule D. a recovery plan

Hotspot Question: You have an Azure subscription named Subscription1. Subscription1 contains the resources in the following table. NAME---TYPE RG1---Resource Group RG2---Resource Group VNet1---Virtual network VNet2---Virtual network VNet1 is in RG1. VNet2 is in RG2. There is no connectivity between VNet1 and Vnet2. An administrator named Admin1 creates an Azure virtual machine named VM1 in RG1. M1 uses a disk named Disk1 and connects to VNet1. Admin1 then installs a custom application in VM1. You need to move the custom application to Vnet2. The solution must minimize administrative effort. Which two actions should you perform? To answer, select the appropriate options in the answer area. First Action A. Create a network interface in RG2 B. Detach a network interface C. Delete VM1 D. Move a network interface to RG2 Second Action A. Attach a network interface B. Create a network interface in RG2 C. Create a new virtual machine D. Move VM1 to RG2

Drag and Drop Question: You have an Azure subscription. The subscription includes a virtual network named VNet1. Currently, VNet1 does not contain any subnets. You plan to create subnets on VNet1 and to use application security groups to restrict the traffic between the subnets. You need to create the application security groups and to assign them to the subnets. Which four cmdlets should you run in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order. A. New-AzureRmVirtualNetwork B. New-AzureRmNetworkSecurityGroup C. New-AzureRmApplicationSecurityGroup D. New-AzureRmNetworkSecurityRuleConfig E. Add-AzureRmVirtualNetworkSubnetConfig

CDBE

You have an Azure subscription that contains the resources in the following table. NAME---TYPE RG1---Resource Group Store1---Azure Storage account Sync1---Azure File Sync Store1 contains a file share named Data. Data contains 5,000 files. You need to synchronize the files in Data to an on-premises server named Server1. Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. A. Download an automation script. B. Create a container instance. C. Create a sync group. D. Register Server1. E. Install the Azure File Sync agent on Server1.

CDE

You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named VNet1. You need to ensure that you can configure a point-to-site connection from an on-premises computer to VNet1. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. A. Add a service endpoint to VNet1 B. Reset GW1 C. Create a route-based virtual network gateway D. Add a connection to GW1 E. Delete GW1 F. Add a public IP address space to VNet1

Drag and Drop Question You have an Azure subscription named Subscription1. You create an Azure Storage account named contosostorage, and then you create a file sharenamed data. Which UNC path should you include in a script that references files from the data file share? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. Values A. blob B. blob.core.windows.net C. contosostorage D. data E. file F. file.core.windows.net G. portal.azure.com H. subscription1

CFD

The development team asks you to provision an Azure storage account for their use. To remain in compliance with IT security policy, you need to ensure that the new Azure storage account meets the following requirements: - Data must be encrypted at rest. - Access keys must facilitate automatic rotation. - The company must manage the access keys. What should you do? A. Create a service endpoint between the storage account and a virtual network (VNet). B. Require secure transfer for the storage account. C. Enable Storage Service Encryption (SSE) on the storage account. D. Configure the storage account to store its keys in Azure Key Vault.

You have 100 Azure subscriptions. All the subscriptions are associated to the same Azure Active Directory (Azure AD) tenant named contoso.com. You are a global administrator. You plan to create a report that lists all the resources across all the subscriptions. You need to ensure that you can view all the resources in all the subscriptions. What should you do? A. From the Azure portal, modify the profile settings of your account. B. From Windows PowerShell, run the Add-AzureADAdministrativeUnitMember cmdlet. C. From Windows PowerShell, run the New-AzureADUserAppRoleAssignment cmdlet. D. From the Azure portal, modify the properties of the Azure AD tenant.

You have an Active Directory forest named contoso.com. You install and configure Azure AD Connect to use password hash synchronization as the single sign-on (SSO) method. Staging mode is enabled. You review the synchronization results and discover that the Synchronization Service Manager does not display any sync jobs. You need to ensure that the synchronization completes successfully. What should you do? A. From Synchronization Service Manager, run a full import. B. Run Azure AD Connect and set the SSO method to Pass-through Authentication. C. From Azure PowerShell, run Start-AdSyncSyncCycle -PolicyType Initial. D. Run Azure AD Connect and disable staging mode.

You have an Azure subscription named Subscription1 that contains the storage accounts shown in the following table: NAME---Account Kind---Azure service that contains data storage1---Storage---File storage2---StorageV2 (general purpose v2)---File,Table storage3---StorageV2 (general purpose v2)---Queue storage4---BlobStorage---Blob You plan to use the Azure Import/Export service to export data from Subscription1. You need to identify which storage account can be used to export the data. What should you identify? A. storage1 B. storage2 C. storage3 D. storage4

You have an Azure subscription that contains a virtual machine named VM1. VM1 hosts a line-ofbusiness application that is available 24 hours a day. VM1 has one network interface and one managed disk. VM1 uses the D4s v3 size. You plan to make the following changes to VM1: - Change the size to D8s v3. - Add a 500-GB managed disk. - Add the Puppet Agent extension. - Attach an additional network interface. Which change will cause downtime for VM1? A. Add a 500-GB managed disk. B. Attach an additional network interface. C. Add the Puppet Agent extension. D. Change the size to D8s v3.

You have an Azure subscription that contains an Azure Storage account. You plan to create an Azure container instance named container1 that will use a Docker image named Image1. Image1 contains a Microsoft SQL Server instance that requires persistent storage. You need to configure a storage service for Container1. What should you use? A. Azure Files B. Azure Blob storage C. Azure Queue storage D. Azure Table storage

You have an app named App1 that runs on two Azure virtual machines named VM1 and VM2. You plan to implement an Azure Availability Set for App1. The solution must ensure that App1 is available during planned maintenance of the hardware hosting VM1 and VM2. What should you include in the Availability Set? A. one update domain B. two fault domains C. one fault domain D. two update domains

You have five Azure virtual machines that run Windows Server 2016. The virtual machines are configured as web servers. You have an Azure load balancer named LB1 that provides load balancing services for the virtual machines. You need to ensure that visitors are serviced by the same web server for each request. What should you configure? A. Floating IP (direct server return) to Enabled B. Idle Time-out (minutes) to 20 C. Protocol to UDP D. Session persistence to Client IP and Protocol

You have five Azure virtual machines that run Windows Server 2016. The virtual machines are configured as web servers. You have an Azure load balancer named LB1 that provides load balancing services for the virtual machines. You need to ensure that visitors are serviced by the same web server for each request. What should you configure? A. Idle Time-out (minutes) to 20 B. Floating IP (direct server return) to Disabled C. Floating IP (direct server return) to Enabled D. Session persistence to Client IP and protocol

You have two Azure virtual networks named VNet1 and VNet2. VNet1 contains an Azure virtual machine named VM1. VNet2 contains an Azure virtual machine named VM2. VM1 hosts a frontend application that connects to VM2 to retrieve data. Users report that the frontend application is slower than usual. You need to view the average round-trip time (RTT) of the packets from VM1 to VM2. Which Azure Network Watcher feature should you use? A. NSG flow logs B. Connection troubleshoot C. IP flow verify D. Connection monitor

Your company's local environment consists of a single Active Directory Domain Services (AD DS) domain. You plan to offer your users single sign-on (SSO) access to Azure-hosted software-as-a-service (SaaS) applications that use Azure Active Directory (Azure AD) authentication. The tenant's current domain name is companycom.onmicrosoft.com. You need to configure Azure AD to use company.com, the organization's owned public domain name. What should you do? A. Add a company.com user principal name (UPN) suffix to the AD DS domain. B. Run Azure AD Connect from a domain member server and specify the custom installation option. C. Remove the companycom.onmicrosoft.com domain name from the Azure AD tenant. D. Add a DNS verification record at the domain registrar.

You have an Azure Storage account named storage1 that uses Azure Blob storage and Azure File storage. You need to use AzCopy to copy data to the blob storage and file storage in storage1. Which authentication method should you use for each type of storage? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Blob storage: A. Azure Active Directory (Azure AD) only B. Shared access signatures (SAS) only C. Access keys and shared access signatures (SAS) only D. Azure AD and SAS only E. Azure AD, access keys, and SAS File storage: A. Azure Active Directory (Azure AD) only B. Shared access signatures (SAS) only C. Access keys and shared access signatures (SAS) only D. Azure AD and SAS only E. Azure AD, access keys, and SAS

Hotspot Question: You plan to create an Azure Storage account in the Azure region of East US 2. You need to create a storage account that meets the following requirements: - Replicates synchronously - Remains available if a single data center in the region fails. How should you configure the storage account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Replication: A. Geo-redundant storage (GRS) B. Locally-redundant storage (LRS) C. Read-access geo-redundant storage (RA GRS) D. Zone-redundant storage (ZRS) Account kind: A. Blob storage B. Storage (general purpose v1) C. StorageV2 (general purpose v2)

You plan to create an Azure Storage account in the Azure region of East US 2. You need to create a storage account that meets the following requirements: - Replicates synchronously. - Remains available if a single data center in the region fails. How should you configure the storage account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Replication A. Geo-redundant storage (GRS) B. Locally-redundant storage (LRS) C. Read-access geo-redundant storage (RA GRS) D. Zone-redundant storage (ZRS) Account type: A. Blob storage B. Storage (general purpose v1) C. StorageV2 (general purpose v2)

You have an Azure subscription that contains an Azure virtual machine named VM1. VM1 runs a financial reporting app named App1 that does not support multiple active instances. At the end of each month, CPU usage for VM1 peaks when App1 runs. You need to create a scheduled runbook to increase the processor performance of VM1 at the end of each month. What task should you include in the runbook? A. Add the Azure Performance Diagnostics agent to VM1. B. Modify the VM size property of VM1. C. Add VM1 to a scale set. D. Increase the vCPU quota for the subscription. E. Add a Desired State Configuration (DSC) extension to VM1.

You have an Azure subscription that contains the resources in the following table. Name---Type---Azure Region---Resource Group Vnet1---Virtual network---West US---RG2 Vnet2---Virtual network---West US---RG1 Vnet3---virtual network---East US---RG1 NSG1---Network security group---East US---RG2 To which subnets can you apply NSG1? A. the subnets on VNet2 only B. the subnets on VNet1 only C. the subnets on VNet2 and VNet3 only D. the subnets on VNet1, VNet2, and VNet3 E. the subnets on VNet3 only

Drag and Drop Question: You have an Azure Active Directory (Azure AD) tenant that has the initial domain name. You have a domain name of contoso.com registered at a third-party registrar. You need to ensure that you can create Azure AD users that have names containing a suffix of @contoso.com. Which three actions should you perform in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order. A. Configure company branding B. Add an Azure AD tenant C. Verify the domain D. Create an Azure DNS zone E. Add a custom domain name F. Add a record to the public contoso.com DNS zone

EFC

Drag and Drop Question: You have an Azure subscription that contains an Azure virtual machine named VM1. VM1 runs Windows Server 2016 and is part of an availability set. VM1 has virtual machine-level backup enabled. VM1 is deleted. You need to restore VM1 from the backup. VM1 must be part of the availability set. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. A. From the Restore configuration blade, set Restore type to Create Virtual Machine B. From the VM1 blade, edit the disk settings of the OS disk C. From the Restore configuration blate, set Restore type to Restore disks D. From the Recovery Services vault, deploy a template E. From the VM1 blade, add a disk F. From the Recovery Services vault, select a restore point for the VM

AZ-104 Questions

Related study sets

CHEMISTRY UNIT TEST (2) 84%

Chapter 4

Principles of Information Security

PMBOK Ch. 8 - Project QUALITY Management (PQM)

Psy 344 quiz 6

NCLEX Neuro 1 of 2

Nur 004

Chapter 1

chapter 19

CFP module 5 estate planning quizzes

Fixed Income

M1 Practice

Anatomy

Chapter 5: Carbohydrates

BIOL 101 MIDTERM

EXAM #3: 10-13

Midterm- Ch 3 Test Bank

B101 Previous Quizzes Study Guide

Planning

Chap 27 Prep-U BOYD