New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Microsoft AZ-104 Microsoft Azure Administrator Exam Practice Test

Page: 1 / 37
Total 365 questions

Microsoft Azure Administrator Questions and Answers

Question 1

You discover that VM3 does NOT meet the technical requirements.

You need to verify whether the issue relates to the NSGs.

What should you use?

Options:

A.

Diagram in VNet1

B.

the security recommendations in Azure Advisor

C.

Diagnostic settings in Azure Monitor

D.

Diagnose and solve problems in Traffic Manager Profiles

E.

IP flow verify in Azure Network Watcher

Question 2

You implement the planned changes for NSG1 and NSG2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 2

Options:

Question 3

You need to meet the connection requirements for the New York office.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 3

Options:

Question 4

You need to meet the technical requirement for VM4.

What should you create and configure?

Options:

A.

an Azure Notification Hub

B.

an Azure Event Hub

C.

an Azure Logic App

D.

an Azure services Bus

Question 5

You need to the appropriate sizes for the Azure virtual for Server2.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 5

Options:

Question 6

You need to ensure that VM1 can communicate with VM4. The solution must minimize administrative effort.

What should you do?

Options:

A.

Create a user-defined route from VNET1 to VNET3.

B.

Assign VM4 an IP address of 10.0.1.5/24.

C.

Establish peering between VNET1 and VNET3.

D.

Create an NSG and associate the NSG to VMI and VM4.

Question 7

You need to recommend a solution to automate the configuration for the finance department users. The solution must meet the technical requirements.

What should you include in the recommended?

Options:

A.

Azure AP B2C

B.

Azure AD Identity Protection

C.

an Azure logic app and the Microsoft Identity Management (MIM) client

D.

dynamic groups and conditional access policies

Question 8

You need to implement Role1.

Which command should you run before you create Role1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 8

Options:

Question 9

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.

You receive a notification that VM1 will be affected by maintenance.

You need to move VM1 to a different host immediately.

Solution: From the Overview blade, you move the virtual machine to a different subscription.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 10

You have an Azure App Service app named App1 that contains two running instances.

You have an autoscale rule configured as shown in the following exhibit.

Question # 10

For the Instance limits scale condition setting, you set Maximum to 5.

During a 30-minute period, App1 uses 80 percent of the available memory.

What is the maximum number of instances for App1 during the 30-minute period?

Options:

A.

2

B.

3

C.

4

D.

5

Question 11

You have an Azure subscription that contains a storage account named storage.

You have the devices shown in the following table.

Question # 11

From which devices can you use AzCopy to copy data to storage1?

Options:

A.

Device1 and Device2 only

B.

Device1, Device2 and Device3

C.

Device’ only

D.

Device and Device3 only

Question 12

You have an Azure Active Directory (Azure AD) tenant named contoso.com.

You have a CSV file that contains the names and email addresses of 500 external users.

You need to create a quest user account in contoso.com for each of the 500 external users.

Solution: from Azure AD in the Azure portal, you use the Bulk create user operation.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 13

You have an Azure subscription that contains the resources shown in the following table.

Question # 13

You need to create a network interface named NIC1.

In which location can you create NIC1?

Options:

A.

East US and North Europe only.

B.

East US and West Europe only.

C.

East US, West Europe, and North Europe.

D.

East US only.

Question 14

You deploy Azure virtual machines to three Azure regions.

Each region contains a virtual network. Each virtual network contains multiple subnets peered in a full mesh topology.

Each subnet contains a network security group (NSG) that has defined rules.

A user reports that he cannot use port 33000 to connect from a virtual machine in one region to a virtual machine in another region.

Which two options can you use to diagnose the issue? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

Options:

A.

Azure Virtual Network Manager

B.

IP flow verify

C.

Azure Monitor Network Insights

D.

Connection troubleshoot

E.

elective security rules

Question 15

You have an Azure subscription named Subscription1.

You have 5 TB of data that you need to transfer to Subscription1.

You plan to use an Azure Import/Export job.

What can you use as the destination of the imported data?

Options:

A.

Azure Data Lake Store

B.

a virtual machine

C.

the Azure File Sync Storage Sync Service

D.

Azure Blob storage

Question 16

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure subscription that contains the virtual machines shown in the following table.

You deploy a load balancer that has the following configurations:

•Name: LB1

•Type: Internal

•SKU: Standard

•Virtual network: VNET1

You need to ensure that you can add VM1 and VM2 to the backend pool of LB1.

Solution: You create a Standard SKU public IP address, associate the address to the network interface of VM1, and then stop VM2.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 17

You have a Microsoft Entra tenant that contains 5,000 user accounts.

You create a new user account named AdminUser1.

You need to assign the User Administrator administrative role to AdminUser1.

What should you do from the user account properties?

Options:

A.

From the Groups blade, invite the user account to a new group.

B.

From the Directory role blade, modify the directory role.

C.

From the Licenses blade, assign a new license.

Question 18

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these

questions will not appear in the review screen.

You manage a virtual network named VNet1 that is hosted in the West US Azure region.

VNet1 hosts two virtual machines named VM1 and VM2 that run Windows Server.

You need to inspect all the network traffic from VM1 to VM2 for a period of three hours.

Solution: From Azure Monitor, you create a metric on Network in and Network Out.

Does this meet the goal?

Options:

A.

Yes

B.

No

Question 19

You have an Azure subscription named Subscription1 that contains the quotas shown in the following table.

Question # 19

You deploy virtual machines to Subscription1 as shown in the following table.

Question # 19

You plan to deploy the virtual machines shown in the following table.

Question # 19

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Question # 19

Options:

Question 20

You have a pay-as-you-go Azure subscription that contains the virtual machines shown in the following table.

Question # 20

You create the budget shown in the following exhibit.

Question # 20

The AG1 action group contains a user named admin@contoso.com only.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Question # 20

Options:

Question 21

You have an Azure subscription. The subscription contains a virtual machine that runs Windows 10.

You need to join the virtual machine to an Active Directory domain.

How should you complete the Azure Resource Manager (ARM) template? To answer, select the appropriate options in the answer area.

NOTE Each correct selection is worth one point.

Question # 21

Options:

Question 22

You have an Azure Storage account that contains 5,000 blobs accessed by multiple users.

You need to ensure that the users can view only specific blobs based on blob index tags.

What should you include in the solution?

Options:

A.

just-in-time (JIT) VM access

B.

a shared access signature (SAS)

C.

a stored access policy

D.

a role assignment condition

Question 23

You need to recommend a solution for App1. The solution must meet the technical requirements. What should you include in the recommendation? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 23

Options:

Question 24

You need to implement a backup solution for App1 after the application is moved.

What should you create first?

Options:

A.

a recovery plan

B.

an Azure Backup Server

C.

a backup policy

D.

a Recovery Services vault

Question 25

You need to recommend an identify solution that meets the technical requirements.

What should you recommend?

Options:

A.

federated single-on (SSO) and Active Directory Federation Services (AD FS)

B.

password hash synchronization and single sign-on (SSO)

C.

cloud-only user accounts

D.

Pass-through Authentication and single sign-on (SSO)

Question 26

You need to configure the Device settings to meet the technical requirements and the user requirements.

Which two settings should you modify? To answer, select the appropriate settings in the answer area.

Question # 26

Options:

Question 27

You need to identify the storage requirements for Contoso.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 27

Options:

Question 28

You need to meet the user requirement for Admin1.

What should you do?

Options:

A.

From the Subscriptions blade, select the subscription, and then modify the Properties.

B.

From the Subscriptions blade, select the subscription, and then modify the Access control (IAM) settings.

C.

From the Azure Active Directory blade, modify the Properties.

D.

From the Azure Active Directory blade, modify the Groups.

Question 29

You are planning the move of App1 to Azure.

You create a network security group (NSG).

You need to recommend a solution to provide users with access to App1.

What should you recommend?

Options:

A.

Create an outgoing security rule for port 443 from the Internet. Associate the NSG to all the subnets.

B.

Create an incoming security rule for port 443 from the Internet. Associate the NSG to all the subnets.

C.

Create an incoming security rule for port 443 from the Internet. Associate the NSG to the subnet that contains the web servers.

D.

Create an outgoing security rule for port 443 from the Internet. Associate the NSG to the subnet that contains the web servers.

Question 30

You need to move the blueprint files to Azure.

What should you do?

Options:

A.

Generate a shared access signature (SAS). Map a drive, and then copy the files by using File Explorer.

B.

Use the Azure Import/Export service.

C.

Generate an access key. Map a drive, and then copy the files by using File Explorer.

D.

Use Azure Storage Explorer to copy the files.

Question 31

You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements.

Which storage account should you identify?

Options:

A.

storage4

B.

storage1

C.

storage2

D.

storage3

Question 32

You implement the planned changes for NSG1 and NSG2.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Question # 32

Options:

Question 33

You need to add VM1 and VM2 to the backend poo! of LB1. What should you do first?

Options:

A.

Create a new NSG and associate the NSG to VNET1/Subnet1.

B.

Connect VM2 to VNET1/Subnet1.

C.

Redeploy VM1 and VM2 to the same availability zone.

D.

Redeploy VM1 and VM2 to the same availability set.

Question 34

You need to create storage5. The solution must support the planned changes.

Which type of storage account should you use, and which account should you configure as the destination storage account? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 34

Options:

Question 35

You need to ensure that User1 can create initiative definitions, and User4 can assign initiatives to RG2. The solution must meet the technical requirements.

Which role should you assign to each user? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 35

Options:

Question 36

You need to configure the alerts for VM1 and VM2 to meet the technical requirements.

Which three actions should you perform in sequence? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.

Question # 36

Options:

Question 37

You need to ensure that you can grant Group4 Azure RBAC read-only permissions to all the A2ure file shares. What should you do?

Options:

A.

On storagel and storage4, change the Account kind type to StorageV2 (general purpose v2).

B.

Recreate storage2 and set Hierarchical namespace to Enabled.

C.

On storage2, enable identity-based access for the file shares.

D.

Create a shared access signature (SAS) for storagel, storage2, and storage4.

Question 38

You need to configure Azure Backup to back up the file shares and virtual machines.

What is the minimum number of Recovery Services vaults and backup policies you should create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 38

Options:

Question 39

You are evaluating the name resolution for the virtual machines after the planned implementation of the Azure networking infrastructure.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Question # 39

Options:

Question 40

You are evaluating the connectivity between the virtual machines after the planned implementation of the Azure networking infrastructure.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Question # 40

Options:

Question 41

You need to prepare the environment to meet the authentication requirements.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE Each correct selection is worth one point.

Options:

A.

Azure Active Directory (AD) Identity Protection and an Azure policy

B.

a Recovery Services vault and a backup policy

C.

an Azure Key Vault and an access policy

D.

an Azure Storage account and an access policy

Question 42

You need to resolve the Active Directory issue.

What should you do?

Options:

A.

From Active Directory Users and Computers, select the user accounts, and then modify the User Principal Name value.

B.

Run idfix.exe, and then use the Edit action.

C.

From Active Directory Domains and Trusts, modify the list of UPN suffixes.

D.

From Azure AD Connect, modify the outbound synchronization rule.

Question 43

You need to define a custom domain name for Azure AD to support the planned infrastructure.

Which domain name should you use?

Options:

A.

ad.humongousinsurance.com

B.

humongousinsurance.onmicrosoft.com

C.

humongousinsurance.local

D.

humongousinsurance.com

Question 44

You need to resolve the licensing issue before you attempt to assign the license again.

What should you do?

Options:

A.

From the Groups blade, invite the user accounts to a new group.

B.

From the Profile blade, modify the usage location.

C.

From the Directory role blade, modify the directory role.

Page: 1 / 37
Total 365 questions