Back

Practice Free AZ-104 Exam Online Questions

Question #21

You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements.

Which storage account should you identify?

  • A . storage4
  • B . storage1
  • C . storage2
  • D . storage3

Reveal Solution Hide Solution

Correct Answer: D
Question #22

HOTSPOT

You need to ensure that User1 can create initiative definitions, and User4 can assign initiatives to RG2. The solution must meet the technical requirements.

Which role should you assign to each user? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/governance/policy/overview

Question #23

HOTSPOT

You have an Azure subscription named Subscription1 that contains the following resource group:

– Name: RG1

– Region: West US

– Tag: "tag1": "value1"

You assign an Azure policy named Policy1 to Subscription1 by using the following configurations:

– Exclusions: None

– Policy definition: Append a tag and its value to resources

– Assignment name: Policy1

– Parameters:

– Tag name: Tag2

– Tag value: Value2

After Policy1 is assigned, you create a storage account that has the following configuration:

– Name: storage1

– Location: West US

– Resource group: RG1

– Tags: "tag3": "value3"

You need to identify which tags are assigned to each resource.

What should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:

Explanation:

Box 1: "tag1": "value1" only

Box 2: "tag2": "value2" and "tag3": "value3"

Tags applied to the resource group are not inherited by the resources in that resource group.

Reference: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags

Question #24

You have an Azure Storage account named storage1.

You need to enable a user named User1 to list and regenerate storage account keys for storage1.

Solution: You assign the Storage Account Key Operator Service Role to User1.

Does this meet the goal?

  • A . Yes
  • B . No

Reveal Solution Hide Solution

Correct Answer: A
Question #25

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, those questions will not appear in the review screen.

You have a Microsoft Entra tenant named contoso.com.

You have a CSV file that contains the names and email addresses of 500 external users.

You need to create a guest user account in contoso.com for each of the 500 external users.

Solution; From Microsoft Entra ID in the Azure portal, you use the Bulk create user operation.

Does this meet the goal?

  • A . Yes
  • B . No

Reveal Solution Hide Solution

Correct Answer: B
Question #26

You create an Azure Storage account named Contoso storage.

You plan to create a file share named data.

Users need to map a drive to the data file share from home computers that run Windows 10.

Which outbound port should be open between the home computers and the data file share?

  • A . 80
  • B . 443
  • C . 445
  • D . 3389

Reveal Solution Hide Solution

Correct Answer: C
C

Explanation:

Ensure port 445 is open: The SMB protocol requires TCP port 445 to be open; connections will fail if port 445 is blocked.

Reference: https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-windows
Question #27

HOTSPOT

You have an Azure subscription.

You plan to deploy the following file named File1.bicep.

Reveal Solution Hide Solution

Correct Answer:


Question #28

You have an Azure subscription that contains the virtual networks shown in the following table. You need to ensure that all the traffic between VNet1 and VNet2 traverses the Microsoft backbone network.

What should you configure?

  • A . ExpressRoute
  • B . a private endpoint
  • C . peering
  • D . a route table

Reveal Solution Hide Solution

Correct Answer: A
Question #29

You have an Azure subscription that contains a storage account named storage 1.

You need to ensure that the access keys for storage! rotate automatically.

What should you configure?

  • A . a backup vault
  • B . redundancy for storage!
  • C . lifecycle management for storage1
  • D . an Azure key vault
  • E . a Recovery Services vault

Reveal Solution Hide Solution

Correct Answer: D
Question #30

You have an Azure subscription.

Users access the resources in the subscription from either home or from customer sites. From home, users must establish a point-to-site VPN to access the Azure resources. The users on the customer sites access the Azure resources by using site-to-site VPNs.

You have a line-of-business app named App1 that runs on several Azure virtual machine. The virtual machines run Windows Server 2016.

You need to ensure that the connections to App1 are spread across all the virtual machines.

What are two possible Azure services that you can use? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

  • A . a public load balancer
  • B . Traffic Manager
  • C . an Azure Content Delivery Network (CDN)
  • D . an internal load balancer
  • E . an Azure Application Gateway

Reveal Solution Hide Solution

Correct Answer: D,E
D,E

Explanation:

Line of Business WebAPP works on VMs need internal load balancer. So D is needed. Then deploy WebAPP on VMs, check the link. https://docs.microsoft.com/en-us/azure/application-gateway/quick-create-portal So B is needed as well. The orignal answer is not accomplished.