Practice Free AZ-104 Exam Online Questions
HOTSPOT
You have Azure subscriptions named Subscription1 and Subscription2.
Subscription1 has following resource groups:
RG1 includes a web app named App1 in the West Europe location.
Subscription2 contains the following resource groups:
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Explanation:
App1 present in RG1 and in RG1 there is no lock available. So you can move App1 to other resource groups, RG2, RG3, RG4.
Note:
App Service resources can only be moved from the resource group in which they were originally created. If an App Service resource is no longer in its original resource group, move it back to its original resource group.
Reference: https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/move-limitations/app-service-move-limitations
HOTSPOT
You have the role assignment file shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worm one point.
You have an Azure subscription that contains the virtual networks shown in the following table.
The subscription contains the virtual machines shown in the following table.
All The virtual machines have only private IP addresses. You deploy an Azure Bastion host named Bastion1 to VNet1.
To which virtual machines can you connect through Bastion1?
- A . VM1 only
- B . VM1 and VM2 only
- C . VM1 and VM3 only
- D . VM1, VM2, and VM3
B
Explanation:
Azure Bastion is a service that provides secure and seamless RDP and SSH access to virtual machines directly from the Azure portal, without exposing them to the public internet1. To use Azure Bastion, you need to deploy it in the same virtual network as the virtual machines you want to connect to2.
According to the tables, you deployed an Azure Bastion host named Bastion1 to VNet1. Therefore, you can connect through Bastion1 to any virtual machine that is in VNet1 or a virtual network that is peered with VNet1. VM1 and VM3 are both in VNet1, so you can connect to them through Bastion1.
VM2 is in VNet2, which is not peered with VNet1, so you cannot connect to it through Bastion1.
HOTSPOT
You have a Microsoft Entra tenant that contains the groups shown in the following table.
The tenant contains the users shown in the following table.
Which users and groups can you delete? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Users = User1, User2, User3, User4 (can delete all users whether a license is assigned directly or via inheritance from a group membership)
Groups = Group 2 and Group 4 (Groups with active license assignments cannot be deleted. You get an error)
You deploy an Azure Kubernetes Service (AKS) cluster named Cluster1 that uses the IP addresses shown in the following table.
You need to provide internet users with access to the applications that run in Cluster1.
Which IP address should you include in the DNS record for Ousted?
- A . 172.17.7.1
- B . 131.107.2.1
- C . 192.168.10.2
- D . 10.0.10.11
B
Explanation:
When any internet user will try to access the cluster which is behind a load balancer, traffic will first hit to load balancer front end IP. So in the DNS configuration you have to provide the IP address of the load balancer.
Reference: https://stackoverflow.com/questions/43660490/giving-a-dns-name-to-azure-load-balancer
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
You have a CSV file that contains the names and email addresses of 500 external users.
You need to create a quest user account in contoso.com for each of the 500 external users.
Solution: from Azure AD in the Azure portal, you use the Bulk create user operation.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
"Bulk Create" is for new Azure AD Users.
For Guests:
– Use "Bulk invite users" to prepare a comma-separated value (.csv) file with the user information and invitation preferences
– Upload the .csv file to Azure AD
– Verify the users were added to the directory
HOTSPOT
You have Azure virtual machines that run Windows Server 2019 and are configured as shown in the following table.
You create a private Azure DNS zone named adatum.com. You configure the adatum.com zone to allow auto registration from VNET1.
Which A records will be added to the adatum.com zone for each virtual machine? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You plan to move a distributed on-premises app named App1 to an Azure subscription.
After the planned move, App1 will be hosted on several Azure virtual machines.
You need to ensure that App1 always runs on at least eight virtual machines during planned Azure maintenance.
What should you create?
- A . one virtual machine scale set that has 10 virtual machines instances
- B . one Availability Set that has three fault domains and one update domain
- C . one Availability Set that has 10 update domains and one fault domain
- D . one virtual machine scale set that has 12 virtual machines instances
D
Explanation:
A virtual machine scale set is a group of identical virtual machines that are automatically distributed across fault domains and update domains in one or more placement groups1. A fault domain is a logical group of underlying hardware that share a common power source and network switch, and a failure in one fault domain will not affect virtual machines in other fault domains2. An update domain is a logical group of underlying hardware that can undergo maintenance or be rebooted at the same time3.
By creating a virtual machine scale set with 12 instances, you can ensure that App1 has high availability and scalability. You can configure the scale set to have a minimum number of instances that must always be running, and a maximum number of instances that can be scaled up or down based on demand or a schedule. You can also configure the scale set to use automatic OS image upgrades, which will apply updates to the virtual machines in batches, ensuring that at least one instance is always running during the upgrade process.
HOTSPOT
You have an Azure subscription that contains the Azure virtual machines shown in the following table.
You configure the network interfaces of the virtual machines to use the settings shown in the following table
From the settings of VNET1, you configure the DNS servers shown in the following exhibit.
The virtual machines can successfully connect to the DNS server that has an IP address of 192.168.10.15 and the DNS server that has an IP address of 193.77.134.10.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Explanation:
Box 1: Yes
You can specify DNS server IP addresses in the VNet settings. The setting is applied as the default DNS server(s) for all VMs in the VNet.
Box 2: No
You can set DNS servers per VM or cloud service to override the default network settings.
Box 3: Yes
You can set DNS servers per VM or cloud service to override the default network settings.
Reference: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-faq#name-resolution-dns
HOTSPOT
You have an Azure Storage account named storage1.
You have Azure App Service apps named App1 and App2 that run in an Azure container instance.
Each app uses a managed identity.
You need to ensure that App1 and App2 can read blobs from storage1.
The solution must meet the following requirements:
• Minimize the number of secrets used.
• Ensure that App2 can only read from storage1 for the next 30 days.
What should you configure in storage1 for each app? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point
