Practice Free AZ-104 Exam Online Questions

HOTSPOT

You have an Azure subscription. The subscription contains a virtual machine that runs Windows 10.

You need to join the virtual machine to an Active Directory domain.

How should you complete the Azure Resource Manager (ARM) template? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:

HOTSPOT

You have an Azure Active Directory tenant named Contoso.com that includes following users:

Contoso.com includes following Windows 10 devices:

You create following security groups in Contoso.com:

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Reveal Solution Hide Solution

Correct Answer:

Explanation:

Box 1: Yes

User1 is a Cloud Device Administrator.

Device2 is Azure AD joined.

Group1 has the assigned to join type. User1 is the owner of Group1.

Note: Assigned groups – Manually add users or devices into a static group.

Azure AD joined or hybrid Azure AD joined devices utilize an organizational account in Azure AD

Box 2: No

User2 is a User Administrator.

Device1 is Azure AD registered.

Group1 has the assigned join type, and the owner is User1.

Note: Azure AD registered devices utilize an account managed by the end user, this account is either a Microsoft account or another locally managed credential.

Box 3: Yes

User2 is a User Administrator.

Device2 is Azure AD joined.

Group2 has the Dynamic Device join type, and the owner is User2.

Reference: https://docs.microsoft.com/en-us/azure/active-directory/devices/overview

HOTSPOT

You have an on-premises network.

You have an Azure subscription that contains two virtual networks named VNet1 and VNet2. VNet1 uses an IP address space of 192.168.8.0/24. VNet2 uses an IP address space of 192.168.9.0/24. You need to configure the virtual networks.

The solution must meet the following requirements:

* Ensure that the resources on VNet1 can communicate with the resources on VNet2.

* Ensure that the resources on the on-premises network can communicate with Azure resources.

* Minimize costs.

Reveal Solution Hide Solution

Correct Answer:

You have five Azure virtual machines that run Windows Server 2016. The virtual machines are configured as web servers.

You have an Azure load balancer named LB1 that provides load balancing services for the virtual machines.

You need to ensure that visitors are serviced by the same web server for each request.

What should you configure?

Reveal Solution Hide Solution

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You manage a virtual network named VNet1 that is hosted in the West US Azure region.

VNet1 hosts two virtual machines named VM1 and VM2 that run Windows Server.

You need to inspect all the network traffic from VM1 to VM2 for a period of three hours.

Solution: From Azure Monitor, you create a metric on Network in and Network Out.

Does this meet the goal?

Reveal Solution Hide Solution

You have the Azure virtual machines shown in the following table.

A DNS service is installed on VM1.

You configure the DNS server’s settings for each virtual network as shown in the following exhibit

You need to ensure that all the virtual machines can resolve DNS names by using the DNS service on VM 1.

What should you do?

Reveal Solution Hide Solution

Topic 2, Contoso Ltd

Overview

Contoso, Ltd. is a manufacturing company that has offices worldwide. Contoso works with partner organizations to bring products to market.

Contoso products are manufactured by using blueprint files that the company authors and maintains.

Existing Environment

Currently, Contoso uses multiple types of servers for business operations, including the following:

✑ File servers

✑ Domain controllers

✑ Microsoft SQL Server servers

Your network contains an Active Directory forest named contoso.com. All servers and client computers are joined to Active Directory.

You have a public-facing application named App1.

App1 is comprised of the following three tiers:

✑ A SQL database

✑ A web front end

✑ A processing middle tier

Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only.

Requirements

Planned Changes

Contoso plans to implement the following changes to the infrastructure:

✑ Move all the tiers of App1 to Azure.

✑ Move the existing product blueprint files to Azure Blob storage.

✑ Create a hybrid directory to support an upcoming Microsoft Office 365 migration project.

Technical Requirements

Contoso must meet the following technical requirements:

✑ Move all the virtual machines for App1 to Azure.

✑ Minimize the number of open ports between the App1 tiers.

✑ Ensure that all the virtual machines for App1 are protected by backups.

✑ Copy the blueprint files to Azure over the Internet.

✑ Ensure that the blueprint files are stored in the archive storage tier.

✑ Ensure that partner access to the blueprint files is secured and temporary.

✑ Prevent user passwords or hashes of passwords from being stored in Azure.

✑ Use unmanaged standard storage for the hard disks of the virtual machines.

✑ Ensure that when users join devices to Azure Active Directory (Azure AD), the users use a mobile phone to verify their identity.

✑ Minimize administrative effort whenever possible.

User Requirements

Contoso identifies the following requirements for users:

✑ Ensure that only users who are part of a group named Pilot can join devices to Azure AD.

✑ Designate a new user named Admin1 as the service administrator of the Azure subscription.

✑ Ensure that a new user named User3 can create network objects for the Azure subscription.

You need to meet the user requirement for Admin1.

What should you do?

Reveal Solution Hide Solution

HOTSPOT

You plan to deploy an Azure container instance by using the following Azure Resource Manager template.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the template.

Reveal Solution Hide Solution

Correct Answer:

Explanation:

Reference:

https://docs.microsoft.com/en-us/cli/azure/container?view=azure-cli-latest

https://docs.docker.com/config/containers/start-containers-automatically/

HOTSPOT

You have an Azure subscription that contains a virtual machine named VM1.

To VM1, you plan to add a 1-TB data disk that meets the following requirements:

• Provides data resiliency in the event of a datacenter outage.

• Provides the lowest latency and the highest performance.

• Ensures that no data loss occurs if a host fails.

You need to recommend which type of storage and host caching to configure for the new data disk.

Reveal Solution Hide Solution

Correct Answer:

Explanation:

Storage Type: Premium SSD that uses zone-redundant storage (ZRS)

Host Caching: Read-only

The reasons for this recommendation are:

Premium SSD disks provide the lowest latency and the highest performance among the available disk types12.

Zone-redundant storage (ZRS) provides data resiliency in the event of a datacenter outage by replicating the data across three availability zones in the same region12.

Read-only host caching can improve the read performance of the disk by using the VM’s RAM and local SSD as a cache13. This can also reduce the impact of a host failure on the disk data, as the cached data is not lost4.

Read/write host caching is not recommended for Premium SSD disks, as it can introduce additional latency and reduce the durability guarantees of the disk13.

HOTSPOT

You are evaluating the name resolution for the virtual machines after the planned implementation of the Azure networking infrastructure.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

Reveal Solution Hide Solution

Correct Answer:

Explanation:

Statement 1: Yes

All client computers in the Paris office will be joined to an Azure AD domain.

A virtual network named Paris-VNet that will contain two subnets named Subnet1 and Subnet2.

Microsoft Windows Server Active Directory domains, can resolve DNS names between virtual networks. Automatic registration of virtual machines from a virtual network that’s linked to a private zone with auto-registration enabled. Forward DNS resolution is supported across virtual networks that are linked to the private zone.

Statement 2: Yes

A virtual network named ClientResources-VNet that will contain one subnet named ClientSubnet You plan to create a private DNS zone named humongousinsurance.local and set the registration network to the ClientResources-VNet virtual network.

As this is a registration network so this will work.

Statement 3: No

Only VMs in the registration network, here the ClientResources-VNet, will be able to register hostname records. Since Subnet4 not connected to Client Resources Network thus not able to register its hostname with humongoinsurance.local

Reference:

https://docs.microsoft.com/en-us/azure/dns/private-dns-overview

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances