1. Home
  2. AZ-204 Free Questions
Free Demo Questions

Test Online Free Microsoft AZ-204 Exam Questions and Answers

Practice a live sample before buying full access. This page keeps the free AZ-204 question set organized by page so visitors and search engines can reach the canonical -questions.html URL directly.

Updated Jan 22, 2026 117 Questions 8 Pages
Get AZ-204 Full Access
Page 1 of 8
Next Page
Question 1 Selectable Answer
You have an Azure App Services Web App. Azure SQL Database instance. Azure Storage Account and an Azure Redis Cache instance in a resource group.
A developer must be able to publish code to the web app. You must grant the developer the Contribute role to the web app
You need to grant the role.
What two commands can you use? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Answer:
Explanation:
References:
https://docs.microsoft.com/en-us/cli/azure/role/assignment?view=azure-cli-latest#az-role-assignment-create
https://docs.microsoft.com/en-us/powershell/module/azurerm.resources/new-azurermroleassignment?view=azurermps-6.13.0
Question 2 Selectable Answer
You deploy an API to API Management
You must secure all operations on the API by using a client certificate.
You need to secure access to the backend service of the API by using client certificates.
Which two security features can you use?

Answer:
Question 3 Written Answer
HOTSPOT
You need to retrieve the database connection string.
Which values should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:


Explanation:
Azure database connection string retrieve REST API vault.azure.net/secrets/
Box 1: cpandlkeyvault
We specify the key vault, cpandlkeyvault.
Scenario: The database connection string is stored in Azure Key Vault with the following attributes:
Azure Key Vault name: cpandlkeyvault
Secret name: PostgreSQLConn
Id: 80df3e46ffcd4f1cb187f79905e9a1e8
Box 2: PostgreSQLConn
We specify the secret, PostgreSQLConn
Example, sample request:
https://myvault.vault.azure.net//secrets/mysecretname/4387e9f3d6e14c459867679a90fd0f79?api-version=7.1
Box 3: Querystring
Question 4 Written Answer
DRAG DROP
You need to ensure disaster recovery requirements are met.
What code should you add at line PC16? To answer, drag the appropriate code fragments to the correct locations. Each code fragment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.


Answer:


Explanation:
Scenario: Disaster recovery. Regional outage must not impact application availability. All DR operations must not be dependent on application running and must ensure that data in the DR region is up to date.
Box 1: DirectoryTransferContext
We transfer all files in the directory.
Note: The TransferContext object comes in two forms: SingleTransferContext and DirectoryTransferContext. The former is for transferring a single file and the latter is for transferring a directory of files.
Box 2: ShouldTransferCallbackAsync
The DirectoryTransferContext.ShouldTransferCallbackAsync delegate callback is invoked to tell whether a transfer should be done.
Box 3: False
If you want to use the retry policy in Copy, and want the copy can be resume if break in the middle, you can use SyncCopy (isServiceCopy = false).
Note that if you choose to use service side copy ('isServiceCopy' set to true), Azure (currently) doesn't provide SLA for that. Setting 'isServiceCopy' to false will download the source blob loca
Question 5 Written Answer
HOTSPOT
You need to implement event routing for retail store location data.
Which configuration should you use?


Answer:


Explanation:
Graphical user interface, text, application
Description automatically generated
Question 6 Written Answer
HOTSPOT
You need to correct the VM issues.
Which tools should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:


Explanation:
Backup and Restore: Azure Backup
Scenario: The VM is critical and has not been backed up in the past. The VM must enable a quick restore from a 7-day snapshot to include in-place restore of disks in case of failure.
In-Place restore of disks in IaaS VMs is a feature of Azure Backup.
Performance: Accelerated Networking
Scenario: The VM shows high network latency, jitter, and high CPU utilization. Accelerated networking enables single root I/O virtualization (SR-IOV) to a VM, greatly improving its networking performance. This high-performance path bypasses the host from the datapath, reducing latency, jitter, and CPU utilization, for use with the most demanding network workloads on supported VM types.
References: https://azure.microsoft.com/en-us/blog/an-easy-way-to-bring-back-your-azure-vm-with-in-place-restore/
Question 7 Selectable Answer
You need to ensure the security policies are met.
What code do you add at line CS07 of ConfigureSSE.ps1?

Answer:
Explanation:
Scenario: All certificates and secrets used to secure data must be stored in Azure Key Vault.
You must adhere to the principle of least privilege and provide privileges which are essential to perform the intended function.
The Set-AzureRmKeyValutAccessPolicy parameter -PermissionsToKeys specifies an array
of key operation permissions to grant to a user or service principal. The acceptable values for this parameter: decrypt, encrypt, unwrapKey, wrapKey, verify, sign, get, list, update, create, import, delete, backup, restore, recover, purge
Reference: https://docs.microsoft.com/en-us/powershell/module/azurerm.keyvault/set-azurermkeyvaultaccesspolicy
Question 8 Selectable Answer
You need to deploy the CheckUserContent Azure function. The solution must meet the security and cost requirements.
Which hosting model should you use?

Answer:
Question 9 Written Answer
DRAG DROP
You plan to create a Docker image that runs as ASP.NET Core application named ContosoApp. You have a setup script named setupScript.ps1 and a series of application files including ContosoApp.dll.
You need to create a Dockerfile document that meets the following requirements:
• Call setupScript.ps1 when the container is built.
• Run ContosoApp.dll when the container starts.
The Docker document must be created in the same folder where ContosoApp.dll and setupScript.ps1 are stored.
Which four commands should you use to develop the solution? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.


Answer:


Explanation:
Step 1: WORKDIR /apps/ContosoApp
Step 2: COPY ./-
The Docker document must be created in the same folder where ContosoApp.dll and setupScript.ps1 are stored.
Step 3: EXPOSE ./ContosApp/ /app/ContosoApp
Step 4: CMD powershell ./setupScript.ps1
ENTRYPOINT ["dotnet", "ContosoApp.dll"]
You need to create a Dockerfile document that meets the following requirements:
✑ Call setupScript.ps1 when the container is built.
✑ Run ContosoApp.dll when the container starts.
References: https://docs.microsoft.com/en-us/azure/app-service/containers/tutorial-custom-docker-image
Question 10 Selectable Answer
You need to ensure that all messages from Azure Event Grid are processed.
What should you use?

Answer:
Explanation:
As a solution architect/developer, you should consider using Service Bus queues when:
✑ Your solution needs to receive messages without having to poll the queue. With Service Bus, you can achieve it by using a long-polling receive operation using the TCP-based protocols that Service Bus supports.
Reference: https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-azure-and-service-bus-queues-compared-contrasted
Question 11 Written Answer
HOTSPOT
You need to configure Azure Cosmos DB.
Which settings should you use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:


Explanation:
Graphical user interface, application, table
Description automatically generated
Box 1: Strong
When the consistency level is set to strong, the staleness window is equivalent to zero, and the clients are guaranteed to read the latest committed value of the write operation. Scenario: Changes to the Order data must reflect immediately across all partitions. All reads to the Order data must fetch the most recent writes.
Note: You can choose from five well-defined models on the consistency spectrum. From
strongest to weakest, the models are: Strong, Bounded staleness, Session, Consistent prefix, Eventual
Box 2: SQL
Scenario: You identify the following requirements for data management and manipulation: Order data is stored as nonrelational JSON and must be queried using Structured Query Language (SQL).
Question 12 Written Answer
DRAG DROP
You develop and deploy a Java application to Azure. The application has been instrumented by using the Application Insights SDK.
The telemetry data must be enriched and processed before it is sent to the Application Insights service.
You need to modify the telemetry data.
Which Application Insights SDK features should you use? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.


Answer:

Question 13 Written Answer
DRAG DROP
You need to add code at line EG15 in EventGridController.cs to ensure that the Log policy applies to all services.
How should you complete the code? To answer, drag the appropriate code segments to the correct locations. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.


Answer:


Explanation:
Scenario, Log policy: All Azure App Service Web Apps must write logs to Azure Blob storage.
Box 1: Status
Box 2: Succeeded
Box 3: operationName
Microsoft.Web/sites/write is resource provider operation. It creates a new Web App or updates an existing one.
Question 14 Selectable Answer
You are a developer for a SaaS company that offers many web services.
All web services for the company must meet the following requirements:
✑ Use API Management to access the services
✑ Use OpenID Connect for authentication
✑ Prevent anonymous usage
A recent security audit found that several web services can be called without any authentication.
Which API Management policy should you implement?

Answer:
Explanation:
Add the validate-jwt policy to validate the OAuth token for every incoming request.
Reference: https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad
Question 15 Written Answer
HOTSPOT
You need to configure the integration for Azure Service Bus and Azure Event Grid.
How should you complete the CLI statement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.


Answer:


Explanation:
Box 1: eventgrid
To create event subscription use: az eventgrid event-subscription create
Box 2: event-subscription
Box 3: servicebusqueue
Scenario: Azure Service Bus and Azure Event Grid
Azure Event Grid must use Azure Service Bus for queue-based load leveling. Events in Azure Event Grid must be routed directly to Service Bus queues for use in buffering.
Events from Azure Service Bus and other Azure services must continue to be routed to Azure Event Grid for processing.
Showing page 1 of 8
Next Page

All copyrights reserved 2026 PassQuestion NETWORK CO.,LIMITED. All Rights Reserved.

Passquestion doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All Passquestion content is sourced from the Internet.