Summer Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Microsoft AZ-104 Microsoft Azure Administrator Exam Practice Test

Page: 1 / 48
Total 476 questions

Microsoft Azure Administrator Questions and Answers

Question 1

You have an Azure subscription that contains a virtual machine named VM1.

You plan to deploy an Azure Monitor alert rule that will trigger an alert when CPU usage on VM1 exceeds 80 percent.

You need to ensure that the alert rule sends an email message to two users named User1 and User2.

What should you create for Azure Monitor?

Options:

A.

an action group

B.

a mail-enabled security group

C.

a distribution group

D.

a Microsoft 365 group

Question 2

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev.

You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.

Solution: On Subscription1, you assign the Logic App Operator role to the Developers group.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 3

You have the App Service plans shown in the following table.

Question # 3

You plan to create the Azure web apps shown in the following table.

Question # 3

You need to identify which App Service plans can be used for the web apps.

What should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 3

Options:

Question 4

You have an Azure subscription that contains a resource group named RG1.

You plan to create a storage account named storage1.

You have a Bicep file named File1.

You need to modify File1 so that it can be used to automate the deployment of storage1 to RG1.

Which property should you modify?

Options:

A.

scope

B.

kind

C.

sku

D.

location

Question 5

You have an Azure subscription that contains an Azure Storage account.

You plan to copy an on-premises virtual machine image to a container named vmimages.

You need to create the container for the planned image.

Which command should you run? To answer, select the appropriate options in the answer area.

NOTE Each correct selection is worth one point.

Question # 5

Options:

Question 6

You have an Azure subscription that contains an Azure SQL database named DB1.

You plan to use Azure Monitor to monitor the performance of DB1. You must be able to run queries to analyze log data.

Which destination should you configure in the Diagnostic settings of DB 1?

Options:

A.

Send to a Log Analytics workspace.

B.

Archive to a storage account.

C.

Stream to an Azure event hub.

Question 7

You have an Azure subscription that contains the resources shown in the following table

Question # 7

In Azure Cloud Shell, you need to create a virtual machine by using an Azure Resource Manager (ARM) template.

How should you complete the command? To answer, select the appropriate options in the answer area,

NOTE: Each correct selection is worth one point.

Question # 7

Options:

Question 8

You have an Azure subscription. The subscription contains virtual machines that run Windows Server 2016 and are configured as shown in the following table.

Question # 8

You create a public Azure DNS zone named adatum.com and a private Azure DNS zone named contoso.com.

You create a virtual network link for contoso.com as shown in the following exhibit.

Question # 8

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 8

Options:

Question 9

You have an Azure subscription named Subscription1 that contains virtual network named VNet1. VNet1 is in a resource group named RG1. A user named User1 has the following roles for Subscription1:

• Reader

• Security Admin

• Security Reader

You need to ensure that User1 can assign the Reader role for VNet1 to other users. What should you do?

Options:

A.

Remove User1 from the Security Reader and Reader roles for Subscription1.

B.

Assign User1 the Owner role for VNet1.

C.

Remove User1 from the Security Reader role for Subscription1. Assign User1 the Contributor role for RG1.

D.

Remove User1 from the Security Reader and Reader roles for Subscription1. Assign User1 the Contributor role for Subscription1

Question 10

You have an Azure subscription that contains 20 virtual machines, a network security group (NSG) named NSG1, and two virtual networks named VNET1 and VNET2 that are peered.

You plan to deploy an Azure Bastion Basic SKU host named Bastion1 to VNET1.

You need to configure NSG1 to allow inbound access from the internet to Bastion1.

Which port should you configure for the inbound security rule?

Options:

A.

22

B.

443

C.

3389

D.

8080

Question 11

Your on-premises network contains a VPN gateway.

You have an Azure subscription that contains the resources shown in the following table.

Question # 11

You need to ensure that all the traffic from VM1 to storage! travels across the Microsoft backbone network.

What should you configure?

Options:

A.

private endpoints

B.

Azure Firewall

C.

Azure AD Application Proxy

D.

Azure Peering Service

Question 12

You have an Azure subscription named Subscription1 that contains the storage accounts shown in the following table:

Question # 12

You plan to use the Azure Import/Export service to export data from Subscription1.

Which account can be used to export the data.

What should you identify?

Options:

A.

storage1

B.

storage2

C.

storage3

D.

storage4

Question 13

You have a Microsoft Entra tenant that is linked to the Azure subscriptions shown in the following table.

Question # 13

You have the resource groups shown in the following table.

Question # 13

You assign roles to users as shown in the following table.

Question # 13

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Question # 13

Options:

Question 14

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft Entra tenant named contoso.com.

You have a CSV file that contains the names and email addresses of 500 external users.

You need to create a guest user account in contoso.com for each of the 500 external users.

Solution; From Microsoft Entra ID in the Azure portal, you use the Bulk invite users’ operation.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 15

You have an Azure subscription.

You plan to migrate 50 virtual machines from VMware vSphere to the subscription.

You create a Recovery Services vault.

What should you do next?

Options:

A.

Configure an extended network.

B.

Create a recovery plan.

C.

Deploy an Open Virtualization Application (OVA) template to vSphere.

D.

Configure a virtual network.

Question 16

You have an Azure Linux virtual machine that is protected by Azure Backup.

One week ago, two files were deleted from the virtual machine.

You need to reses clients connect n on-premises computer as quickly as possible.

Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question # 16

Options:

Question 17

You have an Azure App Services web app named App1.

You plan to deploy App1 by using Web Deploy.

You need to ensure that the developers of App1 can use their Azure Active Directory (Azure AD) credentials to deploy content to App1. The solution must use the principle of least privilege.

What should you do?

Options:

A.

Configure app-level credentials for FTPS.

B.

Assign The Website Contributor role to the developers.

C.

Assign the Owner role to the developers.

D.

Configure user-level credentials for FTPS.

Question 18

You have an Azure subscription named Sub1 that contains the resources shown in the following table.

Question # 18

The subscription contains the users shown in the following table.

Question # 18

You have the following Bicep file named Deploy.bicep.

Question # 18

You run the following command.

Question # 18

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 18

Options:

Question 19

You have an Azure subscription named Subscription1 that contains the resources shown in the following table.

Question # 19

You create virtual machines in Subscription1 as shown in the following table.

Question # 19

You plan to use Vault1 for the backup of as many virtual machines as possible.

Which virtual machines can be backed up to Vault1?

Options:

A.

VM1, VM3, VMA, and VMC only

B.

VM1 and VM3 only

C.

VM1, VM2, VM3, VMA, VMB, and VMC

D.

VM1 only

E.

VM3 and VMC only

Question 20

You have an Azure subscription that has a Recovery Services vault named Vault 1. The subscription contains the virtual machines shown in the following table.

Question # 20

You plan to schedule backups to occur every night at 23:00.

Which virtual machines can you back up by using Azure Backup?

Options:

A.

VM1 only

B.

VM1 and VM2 only

C.

VM1 and VM3 only

D.

VM1, VM2, VM3 and VM4

Question 21

You have an Azure subscription named Subscription1 that contains a virtual network named VNet1. You add the users in the following table.

Question # 21

Which user can perform each configuration? To answer select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question # 21

Options:

Question 22

You have an Azure subscription that contains the resources in the following table.

Question # 22

To which subnets can you apply NSG1?

Options:

A.

the subnets on VNet1 only

B.

the subnets on VNet2 only

C.

the subnets on VNet3 only

D.

the subnets on VNet2 and VNet3 only

E.

the subnets on VNet1 VNet2, and VNet3

Question 23

You have an Azure subscription.

You plan to deploy the following file named File1.bicep.

Question # 23

Question # 23

Options:

Question 24

You have an Azure policy as shown in the following exhibit.

Question # 24

What is the effect of the policy?

Options:

A.

You are prevented from creating Azure SQL servers anywhere in Subscnption1.

B.

You can create Azure SQL servers in ContosoRG1 only.

C.

You can create Azure SQL servers in any resource group within Subscnption1.

D.

You are prevented from creating Azure SQL Servers in ContosoRG1 only.

Question 25

You need to implement a backup solution for App1 after the application is moved.

What should you create first?

Options:

A.

a recovery plan

B.

an Azure Backup Server

C.

a backup policy

D.

a Recovery Services vault

Question 26

You are planning the move of App1 to Azure.

You create a network security group (NSG).

You need to recommend a solution to provide users with access to App1.

What should you recommend?

Options:

A.

Create an outgoing security rule for port 443 from the Internet. Associate the NSG to all the subnets.

B.

Create an incoming security rule for port 443 from the Internet. Associate the NSG to all the subnets.

C.

Create an incoming security rule for port 443 from the Internet. Associate the NSG to the subnet that contains the web servers.

D.

Create an outgoing security rule for port 443 from the Internet. Associate the NSG to the subnet that contains the web servers.

Question 27

You need to configure the Device settings to meet the technical requirements and the user requirements.

Which two settings should you modify? To answer, select the appropriate settings in the answer area.

Question # 27

Options:

Question 28

You need to move the blueprint files to Azure.

What should you do?

Options:

A.

Generate a shared access signature (SAS). Map a drive, and then copy the files by using File Explorer.

B.

Use the Azure Import/Export service.

C.

Generate an access key. Map a drive, and then copy the files by using File Explorer.

D.

Use Azure Storage Explorer to copy the files.

Question 29

You need to identify the storage requirements for Contoso.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 29

Options:

Question 30

You need to meet the user requirement for Admin1.

What should you do?

Options:

A.

From the Subscriptions blade, select the subscription, and then modify the Properties.

B.

From the Subscriptions blade, select the subscription, and then modify the Access control (IAM) settings.

C.

From the Azure Active Directory blade, modify the Properties.

D.

From the Azure Active Directory blade, modify the Groups.

Question 31

You need to recommend a solution for App1. The solution must meet the technical requirements. What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 31

Options:

Question 32

You need to recommend an identify solution that meets the technical requirements.

What should you recommend?

Options:

A.

federated single-on (SSO) and Active Directory Federation Services (AD FS)

B.

password hash synchronization and single sign-on (SSO)

C.

cloud-only user accounts

D.

Pass-through Authentication and single sign-on (SSO)

Question 33

You are evaluating the connectivity between the virtual machines after the planned implementation of the Azure networking infrastructure.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Question # 33

Options:

Question 34

You need to resolve the Active Directory issue.

What should you do?

Options:

A.

From Active Directory Users and Computers, select the user accounts, and then modify the User Principal Name value.

B.

Run idfix.exe, and then use the Edit action.

C.

From Active Directory Domains and Trusts, modify the list of UPN suffixes.

D.

From Azure AD Connect, modify the outbound synchronization rule.

Question 35

Which blade should you instruct the finance department auditors to use?

Options:

A.

invoices

B.

partner information

C.

cost analysis

D.

External services

Question 36

You need to prepare the environment to meet the authentication requirements.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

A.

Allow inbound TCP port 8080 to the domain controllers in the Miami office.

B.

Add http://autogon.microsoftazuread-sso.com to the intranet zone of each client computer in the Miamioffice.

C.

Join the client computers in the Miami office to Azure AD.

D.

Install the Active Directory Federation Services (AD FS) role on a domain controller in the Miami office.

E.

Install Azure AD Connect on a server in the Miami office and enable Pass-through Authentication.

Question 37

You need to prepare the environment to meet the authentication requirements.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE Each correct selection is worth one point.

Options:

A.

Azure Active Directory (AD) Identity Protection and an Azure policy

B.

a Recovery Services vault and a backup policy

C.

an Azure Key Vault and an access policy

D.

an Azure Storage account and an access policy

Question 38

You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question # 38

Options:

Question 39

You are evaluating the name resolution for the virtual machines after the planned implementation of the Azure networking infrastructure.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Question # 39

Options:

Question 40

You need to define a custom domain name for Azure AD to support the planned infrastructure.

Which domain name should you use?

Options:

A.

Join the client computers in the Miami office to Azure AD.

B.

Add http://autologon.microsoftazuread-sso.com to the intranet zone of each client computer in the Miami office.

C.

Allow inbound TCP port 8080 to the domain controllers in the Miami office.

D.

Install Azure AD Connect on a server in the Miami office and enable Pass-through Authentication

E.

Install the Active Directory Federation Services (AD FS) role on a domain controller in the Miami office.

Question 41

You need to resolve the licensing issue before you attempt to assign the license again.

What should you do?

Options:

A.

From the Groups blade, invite the user accounts to a new group.

B.

From the Profile blade, modify the usage location.

C.

From the Directory role blade, modify the directory role.

Question 42

You need to define a custom domain name for Azure AD to support the planned infrastructure.

Which domain name should you use?

Options:

A.

ad.humongousinsurance.com

B.

humongousinsurance.onmicrosoft.com

C.

humongousinsurance.local

D.

humongousinsurance.com

Question 43

Which blade should you instruct the finance department auditors to use?

Options:

A.

Partner information

B.

Overview

C.

Payment methods

D.

Invoices

Question 44

You need to configure Azure Backup to meet the technical requirements for cont1 and share1.

To what should you set the backup frequency for each resource? To answer, select the appropriate options in the answer area.  

NOTE: Each correct selection is worth one point.  

Question # 44

Options:

Question 45

You need to implement the planned changes for the new containers.

Which Azure services can you use for each image? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 45

Options:

Question 46

You need to implement the planned changes for the storage account content. Which containers and file shares can you use to organize the content?

Options:

A.

share1 only

B.

cont1 and share1 only

C.

share1 and share2 only

D.

cont1, share1, and share2 only

E.

cont1, cont2, share1, and share2

Question 47

You need to implement the planned changes for DCR1. Which type of query should you use?

Options:

A.

WQL

B.

T-SQL

C.

XPath

D.

KQL

Question 48

You need to configure encryption for the virtual machines. The solution must meet the technical requirements.

Which virtual machines can you encrypt?

Options:

A.

VM1 and VM3

B.

VM2 and VM3

C.

VM2 and VM4

D.

VM4 and VM5

Question 49

You discover that VM3 does NOT meet the technical requirements.

You need to verify whether the issue relates to the NSGs.

What should you use?

Options:

A.

Diagram in VNet1

B.

the security recommendations in Azure Advisor

C.

Diagnostic settings in Azure Monitor

D.

Diagnose and solve problems in Traffic Manager Profiles

E.

IP flow verify in Azure Network Watcher

Question 50

You need to the appropriate sizes for the Azure virtual for Server2.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 50

Options:

Question 51

You need to recommend a solution to automate the configuration for the finance department users. The solution must meet the technical requirements.

What should you include in the recommended?

Options:

A.

Azure AP B2C

B.

Azure AD Identity Protection

C.

an Azure logic app and the Microsoft Identity Management (MIM) client

D.

dynamic groups and conditional access policies

Question 52

You need to ensure that VM1 can communicate with VM4. The solution must minimize administrative effort.

What should you do?

Options:

A.

Create a user-defined route from VNET1 to VNET3.

B.

Assign VM4 an IP address of 10.0.1.5/24.

C.

Establish peering between VNET1 and VNET3.

D.

Create an NSG and associate the NSG to VMI and VM4.

Question 53

You implement the planned changes for NSG1 and NSG2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 53

Options:

Question 54

You need to implement Role1.

Which command should you run before you create Role1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 54

Options:

Question 55

You need to meet the connection requirements for the New York office.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 55

Options:

Question 56

You need to meet the technical requirement for VM4.

What should you create and configure?

Options:

A.

an Azure Notification Hub

B.

an Azure Event Hub

C.

an Azure Logic App

D.

an Azure services Bus

Question 57

You need to configure the alerts for VM1 and VM2 to meet the technical requirements.

Which three actions should you perform in sequence? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.

Question # 57

Options:

Question 58

You implement the planned changes for NSG1 and NSG2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 58

Options:

Question 59

You need to configure Azure Backup to back up the file shares and virtual machines.

What is the minimum number of Recovery Services vaults and backup policies you should create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 59

Options:

Question 60

You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements.

Which storage account should you identify?

Options:

A.

storage4

B.

storage1

C.

storage2

D.

storage3

Question 61

You need to add VM1 and VM2 to the backend poo! of LB1. What should you do first?

Options:

A.

Create a new NSG and associate the NSG to VNET1/Subnet1.

B.

Connect VM2 to VNET1/Subnet1.

C.

Redeploy VM1 and VM2 to the same availability zone.

D.

Redeploy VM1 and VM2 to the same availability set.

Question 62

You need to ensure that User1 can create initiative definitions, and User4 can assign initiatives to RG2. The solution must meet the technical requirements.

Which role should you assign to each user? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 62

Options:

Question 63

You need to ensure that you can grant Group4 Azure RBAC read-only permissions to all the A2ure file shares. What should you do?

Options:

A.

On storagel and storage4, change the Account kind type to StorageV2 (general purpose v2).

B.

Recreate storage2 and set Hierarchical namespace to Enabled.

C.

On storage2, enable identity-based access for the file shares.

D.

Create a shared access signature (SAS) for storagel, storage2, and storage4.

Question 64

You need to create storage5. The solution must support the planned changes.

Which type of storage account should you use, and which account should you configure as the destination storage account? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 64

Options:

Page: 1 / 48
Total 476 questions