Labour Day Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Microsoft AZ-104 Microsoft Azure Administrator Exam Practice Test

Page: 1 / 32
Total 320 questions

Microsoft Azure Administrator Questions and Answers

Question 1

You need to the appropriate sizes for the Azure virtual for Server2.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 1

Options:

Question 2

You need to meet the connection requirements for the New York office.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 2

Options:

Question 3

You discover that VM3 does NOT meet the technical requirements.

You need to verify whether the issue relates to the NSGs.

What should you use?

Options:

A.

Diagram in VNet1

B.

the security recommendations in Azure Advisor

C.

Diagnostic settings in Azure Monitor

D.

Diagnose and solve problems in Traffic Manager Profiles

E.

IP flow verify in Azure Network Watcher

Question 4

You need to recommend a solution to automate the configuration for the finance department users. The solution must meet the technical requirements.

What should you include in the recommended?

Options:

A.

Azure AP B2C

B.

Azure AD Identity Protection

C.

an Azure logic app and the Microsoft Identity Management (MIM) client

D.

dynamic groups and conditional access policies

Question 5

You need to implement Role1.

Which command should you run before you create Role1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 5

Options:

Question 6

You need to meet the technical requirement for VM4.

What should you create and configure?

Options:

A.

an Azure Notification Hub

B.

an Azure Event Hub

C.

an Azure Logic App

D.

an Azure services Bus

Question 7

You need to ensure that VM1 can communicate with VM4. The solution must minimize administrative effort.

What should you do?

Options:

A.

Create a user-defined route from VNET1 to VNET3.

B.

Assign VM4 an IP address of 10.0.1.5/24.

C.

Establish peering between VNET1 and VNET3.

D.

Create an NSG and associate the NSG to VMI and VM4.

Question 8

You implement the planned changes for NSG1 and NSG2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 8

Options:

Question 9

You need to configure Azure Backup to back up the file shares and virtual machines.

What is the minimum number of Recovery Services vaults and backup policies you should create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 9

Options:

Question 10

You need to ensure that you can grant Group4 Azure RBAC read-only permissions to all the A2ure file shares. What should you do?

Options:

A.

On storagel and storage4, change the Account kind type to StorageV2 (general purpose v2).

B.

Recreate storage2 and set Hierarchical namespace to Enabled.

C.

On storage2, enable identity-based access for the file shares.

D.

Create a shared access signature (SAS) for storagel, storage2, and storage4.

Question 11

You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements.

Which storage account should you identify?

Options:

A.

storage4

B.

storage1

C.

storage2

D.

storage3

Question 12

You need to create storage5. The solution must support the planned changes.

Which type of storage account should you use, and which account should you configure as the destination storage account? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 12

Options:

Question 13

You need to ensure that User1 can create initiative definitions, and User4 can assign initiatives to RG2. The solution must meet the technical requirements.

Which role should you assign to each user? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 13

Options:

Question 14

You implement the planned changes for NSG1 and NSG2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 14

Options:

Question 15

You need to configure the alerts for VM1 and VM2 to meet the technical requirements.

Which three actions should you perform in sequence? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.

Question # 15

Options:

Question 16

You need to add VM1 and VM2 to the backend poo! of LB1. What should you do first?

Options:

A.

Create a new NSG and associate the NSG to VNET1/Subnet1.

B.

Connect VM2 to VNET1/Subnet1.

C.

Redeploy VM1 and VM2 to the same availability zone.

D.

Redeploy VM1 and VM2 to the same availability set.

Question 17

You are evaluating the name resolution for the virtual machines after the planned implementation of the Azure networking infrastructure.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Question # 17

Options:

Question 18

Which blade should you instruct the finance department auditors to use?

Options:

A.

Partner information

B.

Overview

C.

Payment methods

D.

Invoices

Question 19

You need to prepare the environment to meet the authentication requirements.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE Each correct selection is worth one point.

Options:

A.

Azure Active Directory (AD) Identity Protection and an Azure policy

B.

a Recovery Services vault and a backup policy

C.

an Azure Key Vault and an access policy

D.

an Azure Storage account and an access policy

Question 20

You are evaluating the connectivity between the virtual machines after the planned implementation of the Azure networking infrastructure.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Question # 20

Options:

Question 21

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an app named App1 that is installed on two Azure virtual machines named VM1 and VM2. Connections to App1 are managed by using an Azure Load Balancer.

The effective network security configurations for VM2 are shown in the following exhibit.

Question # 21

You discover that connections to App1 from 131.107.100.50 over TCP port 443 fail. You verify that the Load Balancer rules are configured correctly.

You need to ensure that connections to App1 can be established successfully from 131.107.100.50 over TCP port 443.

Solution: You modify the priority of the Allow_131.107.100.50 inbound security rule.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 22

You have an Azure subscription that contains the resources in the following table.

Question # 22

You install the Web Server (IIS) server role on VM1 and VM2. and then add VM1 and VM2 to LB1.

LB1 is configured as shown in the LB1 exhibit. (Click the LB1 tab.)

Question # 22

Rule1 is configured as shown in the Rule1 exhibit (Click the Rule1 tab.)

Question # 22

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 22

Options:

Question 23

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.

You receive a notification that VM1 will be affected by maintenance.

You need to move VM1 to a different host immediately.

Solution: From the Overview blade, you move the virtual machine to a different subscription.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 24

You have a Recovery Services vault named RSV1. RSV1 has a backup policy that retains instant snapshots for five days and daily backup for 14 days.

RSV1 performs daily backups of VM1. VM1 hosts a static website that was updated eight days ago.

You need to recover VM1 to a point eight days ago. The solution must minimize downtime.

What should you do first?

Options:

A.

Deallocate VM1.

B.

Restore VM1 by using the Replace existing restore configuration option.

C.

Delete VM1.

D.

Restore VM1 by using the Create new restore configuration option.

Question 25

You have an Azure subscription that contains a storage account named storage1. The storage 1 account contains a container named containet1.

You create a blob lifecycle rule named rule1.

You need to configure rule1 to automatically move blobs that were NOT updated for 45 days Irom container! to the Cool access tier.

How should you complete the rule? To answer, select Ihe appropriate options in the answer area.

NOTE: Each correct answer is worth one point.

Question # 25

Options:

Question 26

You have an Azure Active Directory (Azure AD) tenant named contoso.com.

You have two external partner organizations named fabrilcam.com and litwareinc.com. FabtAam.com is configured as a connected organization.

You create an access package as shown in the Access package exhibit. (Click the Access package lab.)

Question # 26

You configure the external user lifecycle settings as shown in the Lifecycle exhibit. (Click the lifecycle tab)

Question # 26

For each of the following statements, select Yes if the statement is true Otherwise, select No

Note: Each correct selection is worth one point.

Question # 26

Options:

Question 27

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You need to ensure that an Azure Active Directory (Azure AD) user named Admin1 is assigned the required role to enable Traffic Analytics for an Azure subscription.

Solution: You assign the Traffic Manager Contributor role at the subscription level to Admin1

Options:

A.

Yes

B.

NO

Question 28

You have the role assignment file shown in the following exhibit.

Question # 28

Use the drop-down menus to select the answer choice that completes

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worm one point.

Question # 28

Options:

Question 29

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You manage a virtual network named VNet1 that is hosted in the West US Azure region.

VNet1 hosts two virtual machines named VM1 and VM2 that run Windows Server.

You need to inspect all the network traffic from VM1 to VM2 for a period of three hours.

Solution: From Azure Network Watcher, you create a connection monitor.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 30

You have an Azure subscription.

You plan to deploy a storage account named storage' by using the following Azure Resource Manager (ARM) template.

Question # 30

Question # 30

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 30

Options:

Question 31

You have an Azure subscription named Subscription1.

You have 5 TB of data that you need to transfer to Subscription1.

You plan to use an Azure Import/Export job.

What can you use as the destination of the imported data?

Options:

A.

Azure Data Lake Store

B.

a virtual machine

C.

the Azure File Sync Storage Sync Service

D.

Azure Blob storage

Question 32

You have an Azure App Service app named Appl that contains two running instances.

You havean autoscale rule configured as shown in the following exhibit

Question # 32

For the instance limits stale condition setting, you set Maximum to 5.

During a 30-minute period. Appl uses 60 percent of the available memory.

What is the maximum number of instances tor Appl during the 30-minute pefiod:

Options:

A.

2

B.

3

C.

4

D.

5

Question 33

You need to configure an Azure web app named contoso.azurewebsites.net to host www.contoso.com.

What should you do first?

Options:

A.

Create a CNAME record named asuid that contains the domain verification ID.

B.

Create A records named www.contoso.com and asuid.contoso.com.

C.

Create a TXT record named asuid that contains the domain verification ID.

D.

Create a TXT record named www.contoso.com that has a value of contoso.azurewebsites.net.

Question 34

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups.

Another administrator plans to create several network security groups (NSGs) in the subscription

You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks.

Solution: You assign a built-in policy definition to the subscription.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 35

You have an Azure subscription that contains virtual machine named VM1.

You need to back up VM. The solution must ensure that backups are stored across three availability zones in the primary region.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question # 35

Options:

Question 36

You have the Azure virtual machines shown in the following table.

Question # 36

You have a Recovery Services vault that protects VM1 and VM2.

You need to protect VM3 and VM4 by using Recovery Services.

What should you do first?

Options:

A.

Create a new Recovery Services vault.

B.

Configure the extensions for VM3 and VM4.

C.

Create a storage account.

D.

Create a new backup policy.

Question 37

You create an Azure VM named VM1 that runs Windows Server 2019.

VM1 is configured as shown in the exhibit (Click the Exhibit tab.)

Question # 37

You need to enable Desired State Configuration for VM1.

What should you do first?

Options:

A.

Configure a DNS name for VM1.

B.

Start VM1.

C.

Capture a snapshot of VM1.

D.

Connect to VM1.

Question 38

You have an Azure subscription that contains the virtual machines shown in the following table.

You deploy a load balancer that has the following configurations:

• Name: LB 1

• Type: Internal

• SKU: Standard

• Virtual network: VNET1

You need to ensure that you can add VM1 and VM2 to the backend pool of L81.

Solution: You create two Standard SKU public IP addresses and associate a Standard SKU public IP address to the network interface of each virtual machine.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 39

You configure the custom role shown in the following exhibit.

Question # 39

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE Each correct selection is worth one point.

Question # 39

Options:

Question 40

You have an app named App1 that runs on an Azure web app named webapp1.

The developers at your company upload an update of App1 to a Git repository named GUI.

Webapp1 has the deployment slots shown in the following table.

Question # 40

You need to ensure that the App1 update is tested before the update is made available to users.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

A.

Swap the slots

B.

Deploy the App1 update to webapp1-prod, and then test the update

C.

Stop webapp1-prod

D.

Deploy the App1 update to webapp1-test, and then test the update

E.

Stop webapp1-test

Question 41

You need to identify the storage requirements for Contoso.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 41

Options:

Question 42

You need to recommend an identify solution that meets the technical requirements.

What should you recommend?

Options:

A.

federated single-on (SSO) and Active Directory Federation Services (AD FS)

B.

password hash synchronization and single sign-on (SSO)

C.

cloud-only user accounts

D.

Pass-through Authentication and single sign-on (SSO)

Question 43

You need to recommend a solution for App1. The solution must meet the technical requirements. What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 43

Options:

Question 44

You need to meet the user requirement for Admin1.

What should you do?

Options:

A.

From the Subscriptions blade, select the subscription, and then modify the Properties.

B.

From the Subscriptions blade, select the subscription, and then modify the Access control (IAM) settings.

C.

From the Azure Active Directory blade, modify the Properties.

D.

From the Azure Active Directory blade, modify the Groups.

Question 45

You need to configure the Device settings to meet the technical requirements and the user requirements.

Which two settings should you modify? To answer, select the appropriate settings in the answer area.

Question # 45

Options:

Question 46

You need to implement a backup solution for App1 after the application is moved.

What should you create first?

Options:

A.

a recovery plan

B.

an Azure Backup Server

C.

a backup policy

D.

a Recovery Services vault

Question 47

You need to move the blueprint files to Azure.

What should you do?

Options:

A.

Generate a shared access signature (SAS). Map a drive, and then copy the files by using File Explorer.

B.

Use the Azure Import/Export service.

C.

Generate an access key. Map a drive, and then copy the files by using File Explorer.

D.

Use Azure Storage Explorer to copy the files.

Question 48

You are planning the move of App1 to Azure.

You create a network security group (NSG).

You need to recommend a solution to provide users with access to App1.

What should you recommend?

Options:

A.

Create an outgoing security rule for port 443 from the Internet. Associate the NSG to all the subnets.

B.

Create an incoming security rule for port 443 from the Internet. Associate the NSG to all the subnets.

C.

Create an incoming security rule for port 443 from the Internet. Associate the NSG to the subnet that contains the web servers.

D.

Create an outgoing security rule for port 443 from the Internet. Associate the NSG to the subnet that contains the web servers.

Page: 1 / 32
Total 320 questions