Test Online Free Microsoft AZ-104 Exam Questions and Answers

The questions for AZ-104 were last updated On Mar.07 2024

Get AZ-104 Full Access
 / 15

Question No : 1
You have an Azure Active Directory (Azure AD) tenant that has Azure AD Privileged Identity Management configured.
You have 10 users who are assigned the Security Administrator role for the tenant.
You need the users to verify whether they still require the Security Administrator role.
What should you do?

Answer:
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-start-security-review

Question No : 2
You have an Azure subscription named Subscription1.
Subscription1 contains the resources in the following table.



VNet1 is in RG1. VNet2 is in RG2. There is no connectivity between VNet1 and VNet2.
An administrator named Admin1 creates an Azure virtual machine named VM1 in RG1. VM1 uses a disk named Disk1 and connects to VNet1. Admin1 then installs a custom application in VM1.
You need to move the custom application to VNet2. The solution must minimize administrative effort.
Which two actions should you perform? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.



Answer:


Explanation:
We cannot just move a virtual machine between networks.
What we need to do is identify the disk used by the VM, delete the VM itself while retaining the disk, and recreate the VM in the target virtual network and then attach the original disk to it.
Reference:
https://blogs.technet.microsoft.com/canitpro/2014/06/16/step-by-step-move-a-vm-to-a-different-vnet-on-azure/
https://4sysops.com/archives/move-an-azure-vm-to-another-virtual-network-vnet/#migrate-an-azure-vm-between-vnets

Question No : 3
You need to create a bar chart that shows the number of distinct computers that have sent heartbeats each week.
How should you complete the Log Analytics query? To answer, select the appropriate options in the answer area. NOTE; Each correct selection is worth one point.



Answer:

Question No : 4
You have five Windows Server 2008 R2 physical servers. The servers satisfy all requirements for failover protection using Azure Site Recovery (ASR). ASR is correctly configured and active.
You need to ensure that only 10 minutes of data is lost in the event of an incident by using the minimum amount of effort.
Which PowerShell cmdlet should you run?

Answer:

Question No : 5
You have a public load balancer that balances ports 80 and 443 across three virtual machines.
You need to direct all the Remote Desktop Protocol (RDP) connections to VM3 only.
What should you configure?

Answer:
Explanation:
https://docs.microsoft.com/en-us/azure/load-balancer/tutorial-load-balancer-port-forwarding-portal
https://pixelrobots.co.uk/2017/08/azure-load-balancer-for-rds/

Question No : 6
You have an Azure subscription that contains the storage accounts shown in the following exhibit.



Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.



Answer:


Explanation:
Box 1: contoso104 only
Premium file shares are hosted in a special purpose storage account kind, called a FileStorage account.
Box 2: contoso101, contoso102, and contos103 only
Reference:
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-create-premium-fileshare?tabs=azure-portal
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers

Question No : 7
Drag and Drop
Your company has an Azure subscription that includes a number of Azure virtual machines (VMs), which are all part of the same virtual network.
Your company also has an on-premises Hyper-V server that hosts a VM, named VM1, which must be replicated to Azure.
Which of the following objects that must be created to achieve this goal? Answer by dragging the correct option from the list to the answer area.



Answer:

Question No : 8
You have an Azure virtual network named VNet1 that connects to your on-premises network by using a site-to-site VPN. VNet1 contains one subnet named Sunet1.
Subnet1 is associated to a network security group (NSG) named NSG1. Subnet1 contains a basic internal load balancer named ILB1. ILB1 has three Azure virtual machines in the backend pool.
You need to collect data about the IP addresses that connects to ILB1. You must be able to run interactive queries from the Azure portal against the collected data.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.



Answer:


Explanation:
Box 1: An Azure Log Analytics workspace
In the Azure portal you can set up a Log Analytics workspace, which is a unique Log Analytics environment with its own data repository, data sources, and solutions
Box 2: ILB1
Reference:
https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-quick-create-workspace
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnostics

Question No : 9
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription that contains the resources shown in the following table.



VM1 connects to VNET1.
You need to connect VM1 to VNET2.
Solution: You move VM1 to RG2, and then you add a new network interface to VM1.
Does this meet the goal?

Answer:
Explanation:
Instead you should delete VM1. You recreate VM1, and then you add the network interface for VM1.
Note: When you create an Azure virtual machine (VM), you must create a virtual network (VNet)or use an existing VNet. You can change the subnet a VM is connected to after it's created, butyou cannot change the VNet.
Reference: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/network-overview

Question No : 10
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) subscription.
You want to implement an Azure AD conditional access policy.
The policy must be configured to require members of the Global Administrators group to use Multi-Factor Authentication and an Azure AD-joined device when they connect to Azure AD from untrusted locations.
Solution: You access the Azure portal to alter the grant control of the Azure AD conditional access policy.
Does the solution meet the goal?

Answer:

 / 15
  TOP 50 Exam Questions
Exam