Practice Free AZ-104 Exam Online Questions
DRAG DROP
You have an Azure subscription that contains virtual machine named VM1.
You need to back up VM. The solution must ensure that backups are stored across three availability zones in the primary region.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
According to 1, Availability Zones are unique physical locations within an Azure region that provide high availability and disaster recovery for your virtual machines. To back up your VM across three availability zones in the primary region, you need to perform the following actions in sequence:
Create a Recovery Services vault2 that will store your backups and enable geo-redundancy for cross-region protection.
For VM1, create a backup policy and configure the backup2 to use the Recovery Services vault as the backup destination.
Configure a replication policy1 that will replicate your VM1 to another availability zone in the same region.
You have an Azure AD tenant named adatum.com that contains the groups shown in the following table.
Adatum.com contains the users shown in the following table.
You assign the Azure AD Premium P2 license to Group l and User4.
Which users are assigned the Azure AD Premium P2 license?
- A . User4 only
- B . User1 and User4 only
- C . User1. User2. and User4 only
- D . User1, User2, User3, and User4
B
Explanation:
According to the Microsoft documentation, when you assign a license to a group, all members of that group are automatically assigned the license. However, if a user is already assigned the same license directly or through another group, the license is not duplicated.
In your scenario, you assigned the Azure AD Premium P2 license to Group1 and User4. This means that all members of Group1, which are User1 and User2, will also get the license. User4 will get the license directly.
User3 will not get the license because they are not a member of Group1 or assigned the license directly.
Therefore, the users who are assigned the Azure AD Premium P2 license are User1, User2, and User4 only.
You have an Azure AD tenant named adatum.com that contains the groups shown in the following table.
Adatum.com contains the users shown in the following table.
You assign the Azure AD Premium P2 license to Group l and User4.
Which users are assigned the Azure AD Premium P2 license?
- A . User4 only
- B . User1 and User4 only
- C . User1. User2. and User4 only
- D . User1, User2, User3, and User4
B
Explanation:
According to the Microsoft documentation, when you assign a license to a group, all members of that group are automatically assigned the license. However, if a user is already assigned the same license directly or through another group, the license is not duplicated.
In your scenario, you assigned the Azure AD Premium P2 license to Group1 and User4. This means that all members of Group1, which are User1 and User2, will also get the license. User4 will get the license directly.
User3 will not get the license because they are not a member of Group1 or assigned the license directly.
Therefore, the users who are assigned the Azure AD Premium P2 license are User1, User2, and User4 only.
HOTSPOT
You have an Azure subscription linked to a hybrid Microsoft Entra tenant.
The tenant contains the users shown in the following table.
You create the Azure Files shares shown in the following table.
You configure identity-based access for contoso2024 as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You implement the planned changes for Scope1.
You need to ensure that Scope1 meets the technical requirements.
What can you encrypt by using Scope1?
- A . containers and blobs in storage2 only
- B . containers and blobs in storage1 and storage2
- C . containers, blobs, and file shares in storage2 only
- D . containers, blobs, and file shares in storage1 and storage2
- E . containers, blobs, file shares, queues, and tables in storage2 only
HOTSPOT
You need to implement Role1.
Which command should you run before you create Role1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershellGet-AzRoleDefinition -Name "Reader" | ConvertTo-Json
https://docs.microsoft.com/en-us/powershell/module/az.resources/get-azroledefinition?view=azps-5.9.0
https://docs.microsoft.com/en-us/azure/role-based-access-control/tutorial-custom-role-powershell
https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/convertto-json?view=powershell-7.1
https://docs.microsoft.com/en-us/powershell/module/azuread/get-azureaddirectoryrole?view=azureadps-2.0
You have a Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant named contoso.com.
You plan to grant three users named User1, User2, and User3 access to a temporary Microsoft SharePoint document library named Library1.
You need to create groups for the users. The solution must ensure that the groups are deleted automatically after 180 days.
Which two groups should you create? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
- A . a Security group that uses the Assigned membership type
- B . an Office 365 group that uses the Assigned membership type
- C . an Office 365 group that uses the Dynamic User membership type
- D . a Security group that uses the Dynamic User membership type
- E . a Security group that uses the Dynamic Device membership type
B, C
Explanation:
You can set expiration policy only for Office 365 groups in Azure Active Directory (Azure AD).
Note: With the increase in usage of Office 365 Groups, administrators and users need a way to clean up unused groups. Expiration policies can help remove inactive groups from the system and make things cleaner.
When a group expires, all of its associated services (the mailbox, Planner, SharePoint site, etc.) are also deleted.
You can set up a rule for dynamic membership on security groups or Office 365 groups.
Incorrect Answers:
A, D, E: You can set expiration policy only for Office 365 groups in Azure Active Directory (Azure AD).
Reference: https://docs.microsoft.com/en-us/office365/admin/create-groups/office-365-groups-expiration-policy?view=o365-worldwide
You have an Azure App Services web app named App1.
You plan to deploy App1 by using Web Deploy.
You need to ensure that the developers of App1 can use their Azure Active Directory (Azure AD) credentials to deploy content to App1. The solution must use the principle of least privilege.
What should you do?
- A . Configure app-level credentials for FTPS.
- B . Assign The Website Contributor role to the developers.
- C . Assign the Owner role to the developers.
- D . Configure user-level credentials for FTPS.
B
Explanation:
"To secure app deployment from a local computer, Azure App Service supports two types of credentials for local Git deployment and FTP/S deployment. These credentials are not the same as your Azure subscription credentials." https://learn.microsoft.com/en-us/azure/app-service/deploy-configure-credentials?tabs=cli
HOTSPOT
You deploy an Azure Kubernetes Service (AKS) cluster that has the network profile shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
Explanation:
Box 1: Containers will get the IP address from the virtual network subnet CIDr which is 10.244.0.0/16
Box 2: Services in the AKS cluster will be assigned an IP address in the service CIDR which is 10.0.0.0/16
Reference: https://docs.microsoft.com/en-us/azure/aks/configure-azure-cni
HOTSPOT
You have three Azure subscriptions named Sub1, Sub2, and Sub3 that are linked to an Azure AD tenant.
The tenant contains a user named User1, a security group named Group1, and a management group named MG1. User1 is a member of Group1.
Sub1 and Sub2 are members of MG1. Sub1 contains a resource group named RG1. RG1 contains five Azure functions.
You create the following role assignments for MG1:
• Group1: Reader
• User1: User Access Administrator
You assign User1 the Virtual Machine Contributor role for Sub1 and Sub2.
You assign User1 the Contributor role for RG1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
