Practice Free AZ-104 Exam Online Questions
HOTSPOT
You have an Azure subscription that contains the resources shown in the following table:
You assign a policy to RG6 as shown in the following table:
To RG6, you apply the tag: RGroup: RG6.
You deploy a virtual network named VNET2 to RG6.
Which tags apply to VNET1 and VNET2? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/tag-policies
You have a Microsoft Entra tenant that contains 5,000 user accounts.
You create a new user account named AdminUser1.
You need to assign the User Administrator administrative role to AdminUser1.
What should you do from the user account properties?
- A . From the Groups blade, invite the user account to a new group.
- B . From the Directory role blade, modify the directory role.
- C . From the Licenses blade, assign a new license.
HOTSPOT
You have an Azure subscription.
You plan to deploy a storage account named storage’ by using the following Azure Resource Manager (ARM) template.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription named Subscription1.
In Subscription1, you create an Azure file share named share1.
You create a shared access signature (SAS) named SAS1 as shown in the following exhibit.
To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You create an Azure Storage account.
You plan to add 10 blob containers to the storage account.
For one of the containers, you need to use a different key to encrypt data at rest.
What should you do before you create the container?
- A . Modify the minimum TLS version.
- B . Create an encryption scope.
- C . Generate a shared access signature (SAS).
- D . Rotate the access keys.
B
Explanation:
https://learn.microsoft.com/en-us/azure/storage/blobs/encryption-scope-overview#how-encryption-scopes-work
You have an Azure subscription That contains a Recovery Services vault named Vault1.
You need to enable multi-user authorization (MAU) for Vaultl.
Which resource should you create first?
- A . a managed identity
- B . a resource guard
- C . an administrative unit
- D . a custom Azure role
B
Explanation:
https://learn.microsoft.com/en-us/azure/backup/multi-user-authorization?tabs=azure-portal&pivots=vaults-recovery-services-vault#before-you-start Before you start
Ensure the Resource Guard and the Recovery Services vault are in the same Azure region. Ensure the Backup admin does not have Contributor permissions on the Resource Guard. You can choose to have the Resource Guard in another subscription of the same directory or in another directory to ensure maximum isolation.
Ensure that your subscriptions containing the Recovery Services vault as well as the Resource Guard (in different subscriptions or tenants) are registered to use the providers – Microsoft.RecoveryServices and Microsoft.DataProtection . For more information, see Azure
HOTSPOT
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
You have two external partner organizations named fabrilcam.com and litwareinc.com.
FabtAam.com is configured as a connected organization.
You create an access package as shown in the Access package exhibit. (Click the Access package lab.)
You configure the external user lifecycle settings as shown in the Lifecycle exhibit. (Click the lifecycle tab)
For each of the following statements, select Yes if the statement is true Otherwise, select No Note: Each correct selection is worth one point.
Explanation:
Litwareinc.com users can be assigned to package1. = No
After 365 days, fabrikam.com users will be removed from Group1. = Yes
After 395 days, fabrikam.com users will be removed from the contoso.com tenant = No
Litwareinc.com users cannot be assigned to package1 because they are not a connected organization in the contoso.com tenant. Only users from connected organizations can request access packages that are configured for external users1
Fabrikam.com users will be removed from Group1 after 365 days because the access package has an expiration policy of 365 days for external users. This means that the access assignments for external users will end after 365 days, unless they are renewed or extended2
Fabrikam.com users will not be removed from the contoso.com tenant after 395 days because the external user lifecycle settings have a deletion policy of 30 days after blocking. This means that external users will be blocked from signing in after 365 days of inactivity, and then deleted after another 30 days. Therefore, the total time before deletion is 395 days of inactivity, not 395 days from the date of assignment3
HOTSPOT
You have an Azure subscription that contains an Azure Storage account named storageaccount1. You export storageaccount1 as an Azure Resource Manager template.
The template contains the following sections.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription that uses Azure Container Instances.
You have a computer that has Azure Command-Line Interface (CLI) and Docker installed.
You create a container image named image1.
You need to provision a new Azure container registry and add image1 to the registry.
Which command should you run for each requirement? To answer, select the options in the answer area. NOTE: Each correct answer is worth one point.
HOTSPOT
You have an Azure subscription that contains an Azure Directory (Azure AD) tenant named contoso.com. The tenant is synced to the on-premises Active Directory domain.
The domain contains the users shown in the following table.
You enable self-service password reset (SSPR) for all users and configure SSPR to have the following authentication methods:
– Number of methods required to reset: 2
– Methods available to users: Mobile phone, Security questions
– Number of questions required to register: 3
– Number of questions required to reset: 3
You select the following security questions:
What is your favorite food?
In what city was your first job?
What was the name of your first pet?
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Explanation:
No, No, Yes
https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-security-questions