Microsoft AZ-104 Cert Guide PDF 100% Cover Real Exam Questions
Pass AZ-104 Exam - Real Questions and Answers
How to Register For Exam AZ-104: Microsoft Azure Administrator?
NEW QUESTION # 56
You have an Azure subscription named Subcription1 that contains the storage accounts shown in the following table.
You plan 10 use the Azure Import/Export service to export data from Subscription1.
- A. storage1
- B. storage4
- C. storage3
- D. storage2
Answer: B
Explanation:
Explanation
Azure Import/Export service supports the following of storage accounts:
* Standard General Purpose v2 storage accounts (recommended for most scenarios)
* Blob Storage accounts
* General Purpose v1 storage accounts (both Classic or Azure Resource Manager deployments), Azure Import/Export service supports the following storage types
* Import supports Azure Blob storage and Azure File storage
* Export supports Azure Blob storage
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-requirements
NEW QUESTION # 57
You have an Azure Storage accounts as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: storageaccount1 and storageaccount2 only
Box 2: All the storage accounts
Note: The three different storage account options are: General-purpose v2 (GPv2) accounts, General-purpose v1 (GPv1) accounts, and Blob storage accounts.
* General-purpose v2 (GPv2) accounts are storage accounts that support all of the latest features for blobs, files, queues, and tables.
* Blob storage accounts support all the same block blob features as GPv2, but are limited to supporting only block blobs.
* General-purpose v1 (GPv1) accounts provide access to all Azure Storage services, but may not have the latest features or the lowest per gigabyte pricing.
References: https://docs.microsoft.com/en-us/azure/storage/common/storage-account-options
NEW QUESTION # 58
You create an Azure Migrate project named TestMig in a resource group named test-migration.
You need to discover which on-premises virtual machines to assess for migration.
Which three actions should you perform in sequence? To answer, select the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
Explanation
Step 1: Download the OVA file for the collection appliance
Azure Migrate uses an on-premises VM called the collector appliance, to discover information about your on-premises machines. To create the appliance, you download a setup file in Open Virtualization Appliance (.ova) format, and import it as a VM on your on-premises vCenter Server.
Step 2: Create a migration group in the project
For the purposes of assessment, you gather the discovered VMs into groups. For example, you might group VMs that run the same application. For more precise grouping, you can use dependency visualization to view dependencies of a specific machine, or for all machines in a group and refine the group.
Step 3: Create an assessment in the project
After a group is defined, you create an assessment for it.
References:
https://docs.microsoft.com/en-us/azure/migrate/migrate-overview
NEW QUESTION # 59
You have Azure virtual machines that run Windows Server 2019 and are configured as shown in the following table.
You create a private Azure DNS zone named adatum.com. You configure the adatum.com zone to allow auto registration from VNET1.
Which A records will be added to the adatum.com zone for each virtual machine? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation:
The virtual machines are registered (added) to the private zone as A records pointing to their private IP addresses.
Reference:
https://docs.microsoft.com/en-us/azure/dns/private-dns-overview
https://docs.microsoft.com/en-us/azure/dns/private-dns-scenarios
NEW QUESTION # 60
You have an Azure subscription named Subscription1. Subscription1 contains two Azure virtual machines named VM1 and VM2. VM1 and VM2 run Windows Server 2016.
VM1 is backed up daily by Azure Backup without using the Azure Backup agent.
VM1 is affected by ransomware that encrypts data.
You need to restore the latest backup of VM1.
To which location can you restore the backup? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
References:
https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms
https://docs.microsoft.com/en-us/azure/backup/backup-azure-restore-files-from-vm#system-requirements
NEW QUESTION # 61
You have an Azure subscription named Subscription1. Subscription1 contains the resources in the following table.
In Azure, you create a private DNS zone named adatum.com. You set the registration virtual network to VNet2. The adatum.com zone is configured as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 62
You have an Azure subscription that contains the following users in an Azure Active Directory tenant named contoso.onmicrosoft.com:
User1 creates a new Azure Active Directory tenant named external.contoso.onmicrosoft.com.
You need to create new user accounts in external.contoso.com.onmicrosoft.com.
Solution: You instruct User1 to create the user accounts.
- A. No
- B. Yes
Answer: B
Explanation:
Only a global administrator can add users to this tenant.
Reference:
https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/add-users-to-azure-ad
NEW QUESTION # 63
You have an Azure subscription.
You enable multi-factor authentication for all users.
Some users report that the email applications on their mobile device cannot connect to their Microsoft
Exchange Online mailbox. The users can access Exchange Online by using a web browser and from Microsoft Outlook 2016 on their computer.
You need to ensure that the users can use the email applications on their mobile device.
What should you instruct the users to do?
- A. Enable self-service password reset
- B. Create an app password
- C. Reinstall the Microsoft Authenticator app
- D. Reset the Azure Active Directory (Azure AD) password
Answer: B
Explanation:
If you're enabled for multi-factor authentication, make sure that you have set up app passwords.
Note: During your initial two-factor verification registration process, you're provided with a single app password. If you require more than one, you'll have to create them yourself.
Go to the Additional security verification page.
References:
https://docs.microsoft.com/en-us/office365/troubleshoot/sign-in/sign-in-to-office-365-azure-intune
https://docs.microsoft.com/sv-se/azure/active-directory/user-help/multi-factor-authentication-end-user-app-passwords
NEW QUESTION # 64
You have an Azure subscription that contains a user named User1.
You need to ensure that User1 can deploy virtual machines and manage virtual networks. The solution must use the principle of least privilege.
Which role-based access control (RBAC) role should you assign to User1?
- A. Owner
- B. Virtual Machine Administrator Login
- C. Virtual Machine Contributor
- D. Contributor
Answer: C
Explanation:
To ensure that User1 can deploy virtual machines and manage virtual networks, you need to assign an RBAC role that grants the necessary permissions to perform these tasks. The solution must also use the principle of least privilege, which means that you should only grant the minimum level of access required to accomplish the goal.
Based on these requirements, the best RBAC role to assign to User1 is D.
Virtual Machine Contributor. This role allows User1 to create and manage virtual machines, disks, snapshots, and network interfaces. It also allows User1 to connect virtual machines to existing virtual networks and subnets. However, it does not allow User1 to create or delete virtual networks or subnets, or to access the virtual machines themselves. This role follows the principle of least privilege by limiting User1's access to only the resources and actions that are relevant to deploying virtual machines and managing virtual networks1.
NEW QUESTION # 65
You have an Azure Subscription named Subcription1.has
Subcription1 contains the virtual machines in the following table.
Subcription1 contains the virtual machines in the following table.
VM3 has multiple network, including a network adapter named NIC3, IP forwarding is enabled on NIC3. Routing is enabled on VM3.
You create a route table named RT1 that contains the routes in the following table.
You apply RT1 to subnet1 and Sybnet2.
For each of the following statements, select Yes if the statements is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
References:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview
https://www.quora.com/What-is-IP-forwarding
NEW QUESTION # 66
You have an Azure virtual machine that runs Windows Server 2019 and has the following configurations:
Name: VM1
Location: West US
Connected to: VNET1
Private IP address: 10.1.0.4
Public IP address: 52.186.85.63
DNS suffix in Windows Server: Adatum.com
You create the Azure DNS zones shown in the following table.
You need to identify which DNS zones you can link to VNET1 and the DNS zones to which VM1 can automatically register.
Which zones should you identify? To answer, select the appropriate options in the answer area.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/dns/private-dns-overview
NEW QUESTION # 67
You have an Azure subscription that contains the virtual networks shown in the following table.
You have the virtual machines shown in the following table.
You have the virtual network interfaces shown in the following table.
Server1 is a DNS server that contains the resources shown in the following table.
You have an Azure private DNS zone named contoso.com that has a virtual network link to VNET2 and the records shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 68
You have an Azure subscription. The subscription contains virtual machines that run Windows Server 2016 and are configured as shown in the following table.
Answer:
Explanation:
NEW QUESTION # 69
You have an Azure subscription named Subscription1 that has a subscription ID of c276fc76-9cd4-44c9-99a7-4fd71546436e.
You need to create a custom RBAC role named CR1 that meets the following requirements:
Can be assigned only to the resource groups in Subscription1
Prevents the management of the access permissions for the resource groups Allows the viewing, creating, modifying, and deleting of resource within the resource groups What should you specify in the assignable scopes and the permission elements of the definition of CR1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations#microsoftauthorization
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles
https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations#microsoftresources
NEW QUESTION # 70
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You manage a virtual network named VNet1 that is hosted in the West US Azure region.
VNet1 hosts two virtual machines named VM1 and VM2 that run Windows Server.
You need to inspect all the network traffic from VM1 to VM2 for a period of three hours.
Solution: From Performance Monitor, you create a Data Collector Set (DCS).
Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation:
You should use Azure Network Watcher.
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview
NEW QUESTION # 71
You have the App Service plans shown in the following table.
You plan to create the Azure web apps shown in the following table.
You need to identify which App Service plans can be used for the web apps.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: ASP1 ASP3
Asp1, ASP3: ASP.NET Core apps can be hosted both on Windows or Linux.
Not ASP2: The region in which your app runs is the region of the App Service plan it's in.
Box 2: ASP1
ASP.NET apps can be hosted on Windows only.
Reference:
https://docs.microsoft.com/en-us/azure/app-service/quickstart-dotnetcore?pivots=platform-linux
https://docs.microsoft.com/en-us/azure/app-service/app-service-plan-manage#
NEW QUESTION # 72
You have an Azure subscription that contains the storage accounts shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-create-premium-fileshare?tabs=azure-portal
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
NEW QUESTION # 73
You plan to deploy the following Azure Resource Manager (ARM) template.
Answer:
Explanation:
NEW QUESTION # 74
You have an Azure subscription that contains two virtual machines as shown in the following table.
You perform a reverse DNS lookup for 10.0.0.4 from VM2.
Which FQDN will be returned?
- A. vm1.internal.cloudapp.net
- B. vm1.core.windows.net
- C. vm1.westeurope.cloudapp.azure.com
- D. vm1.azure.com
Answer: A
Explanation:
This is an excerpt from the official documentation in the section "Reverse DNS Considerations" Form : https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances#dns-client-configuration [..." - All PTR queries for IP addresses of virtual machines will return FQDNs of form [vmname].internal.cloudapp.net - Forward lookup on FQDNs of form [vmname].internal.cloudapp.net will resolve to IP address assigned to the virtual machine. - If the virtual network is linked to an Azure DNS private zones as a registration virtual network, the reverse DNS queries will return two records. One record will be of the form [vmname].[privatednszonename] and the other will be of the form [vmname].internal.cloudapp.net "...]
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances
NEW QUESTION # 75
You have an Azure Storage accounts as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 76
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to ensure that an Azure Active Directory (Azure AD) user named Admin1 is assigned the required role to enable Traffic Analytics for an Azure subscription.
Solution: You assign the Owner role at the subscription level to Admin1.
Does this meet the goal?
- A. Yes
- B. No
Answer: B
Explanation:
Explanation
The Owner role is a very high-level role that grants full access to manage all resources in the scope, including the ability to assign roles to other users. This role does not follow the principle of least privilege, which means that you should only grant the minimum level of access required to accomplish the goal.
To enable Traffic Analytics for an Azure subscription, you need to have a role that grants you the following permissions at the subscription level:
Microsoft.Network/applicationGateways/read
Microsoft.Network/connections/read
Microsoft.Network/loadBalancers/read
Microsoft.Network/localNetworkGateways/read
Microsoft.Network/networkInterfaces/read
Microsoft.Network/networkSecurityGroups/read
Microsoft.Network/publicIPAddresses/read
Microsoft.Network/routeTables/read
Microsoft.Network/virtualNetworkGateways/read
Microsoft.Network/virtualNetworks/read
Microsoft.OperationalInsights/workspaces/*
Some of the built-in roles that have these permissions are Owner, Contributor, or Network Contributor1.
However, these roles also grant other permissions that may not be necessary or desirable for enabling Traffic Analytics. Therefore, the best practice is to use the principle of least privilege and create a custom role that only has the required permissions for enabling Traffic Analytics2.
Therefore, to meet the goal of ensuring that an Azure AD user named Admin1 is assigned the required role to enable Traffic Analytics for an Azure subscription, you should create a custom role with the required permissions and assign it to Admin1 at the subscription level.
NEW QUESTION # 77
You have an Azure subscription that is linked to an Azure AD tenant. The tenant contains two users named User1 and User2. The subscription contains the resources shown in the following table.
The subscription contains the alert rules shown in the following table.
The users perform the following actions:
* User1 creates a new virtual disk and attaches the disk to VM1.
* User2 creates a new resource tag and assigns the tag to RG1 and VM1.
Which alert rules are triggered by each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one pint.
Answer:
Explanation:
NEW QUESTION # 78
......
100% Free AZ-104 Daily Practice Exam With 298 Questions: https://freetorrent.braindumpsvce.com/AZ-104_exam-dumps-torrent.html