Practice Free AZ-104 Exam Online Questions
HOTSPOT
You have an Azure subscription.
You deploy a virtual machine scale set that is configure as shown in the following exhibit.
Use the drop-down menus to select the answer choice that answers each questions based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
Explanation:
Box-1: 3
Initial starts 2 VM’s 15 minutes have passed. at 10 minutes 1 VM was added we now have 3 VM’s.
Cool down is 5 Minutes before another 10 minute wait cycle starts so the answer is 3.
Box-2: 1
Initial 5 VM’s 60 minutes Pass. 1 VM removed every 15 minute cycle. 10 minutes wait timer plus 5 minute cool down equals 15 minutes cycle. Four 15 minute cycles pass equaling 60 minutes removing 4 VM’s. We have 1 VM left.
Default Scale in and Out Default Durations are 10 minutes with 5 minute cool down.
The default scale set settings in Azure are:
-Minimum number of instances 1
-Maximum number of instances 10
-Scale out CPU threshold (%) 75
-Duration in minutes10
-Number of instances to increase by 1
-Scale in CPU threshold (%) 25
-Number of instances to decrease by -1
https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-autoscale-portal#create-a-rule-to-automatically-scale-in
HOTSPOT
You have an Azure subscription that contains the storage account shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
You have an Azure virtual network named VNet1 that contains a subnet named Subnet1. Subnet1 contains three Azure virtual machines. Each virtual machine has a public IP address.
The virtual machines host several applications that are accessible over port 443 to user on the Internet.
Your on-premises network has a site-to-site VPN connection to VNet1.
You discover that the virtual machines can be accessed by using the Remote Desktop Protocol (RDP) from the Internet and from the on-premises network.
You need to prevent RDP access to the virtual machines from the Internet, unless the RDP connection
is established from the on-premises network. The solution must ensure that all the applications can
still be accesses by the Internet users.
What should you do?
- A . Modify the address space of the local network gateway.
- B . Remove the public IP addresses from the virtual machines.
- C . Modify the address space of Subnet1.
- D . Create a deny rule in a network security group (NSG) that is linked to Subnet1.
D
Explanation:
You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.
You can use a site-to-site VPN to connect your on-premises network to an Azure virtual network. Users on your on-premises network connect by using the RDP or SSH protocol over the site-to-site VPN connection. You don’t have to allow direct RDP or SSH access over the internet. And this can be achieved by configuring a deny rule in a network security group (NSG) that is linked to Subnet1 for RDP / SSH protocol coming from internet.
Modify the address space of Subnet1: Incorrect choice
Modifying the address space of Subnet1 will have no impact on RDP traffic flow to the virtual network.
Modify the address space of the local network gateway: Incorrect choice
Modifying the address space of the local network gateway will have no impact on RDP traffic flow to the virtual network.
Remove the public IP addresses from the virtual machines: Incorrect choice
If you remove the public IP addresses from the virtual machines, none of the applications be accessible publicly by the Internet users.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
https://docs.microsoft.com/en-us/azure/security/fundamentals/network-best-practices
You need to define a custom domain name for Azure AD to support the planned infrastructure.
Which domain name should you use?
- A . ad.humongousinsurance.com
- B . humongousinsurance.onmicrosoft.com
- C . humongousinsurance.local
- D . humongousinsurance.com
D
Explanation:
Every Azure AD directory comes with an initial domain name in the form of domainname.onmicrosoft.com.
The initial domain name cannot be changed or deleted, but you can add your corporate domain name to Azure AD as well. For example, your organization probably has other domain names used to do business and users who sign in using your corporate domain name. Adding custom domain names to Azure AD allows you to assign user names in the directory that are familiar to your users, such as ‘[email protected].’ instead of ‘alice@domain name.onmicrosoft.com’.
Scenario:
Network Infrastructure: Each office has a local data center that contains all the servers for that office.
Each office has a dedicated connection to the Internet.
Humongous Insurance has a single-domain Active Directory forest named humongousinsurance.com Planned Azure AD Infrastructure: The on-premises Active Directory domain will be synchronized to Azure AD.
Reference: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-custom-domain
HOTSPOT
You have an Azure AD tenant.
You need to create a Microsoft 365 group that contains only members of a marketing department in France.
How should you complete the dynamic membership rule? To answer, select the appropriate options in the answer area. NOTE: Each correct answer is worth one point.
You have an Azure subscription that contains a web app named webapp1. You need to add a custom domain named www.contoso.com to webapp1.
What should you do first?
- A . Upload a certificate.
- B . Add a connection string.
- C . Stop webapp1.
- D . Create a DNS record.
D
Explanation:
You can use either a CNAME record or an A record to map a custom DNS name to App Service. You should use CNAME records for all custom DNS names except root domains (for example, contoso.com). For root domains, use A records.
Reference: https://docs.microsoft.com/en-us/Azure/app-service/app-service-web-tutorial-custom-domain
You have an Azure subscription.
You plan to deploy the resources shown in the following table.
You need to create a single Azure Resource Manager (ARM) template that will be used to deploy the resources.
Which resource should be added to the dependsOn section for VM1?
- A . IP1
- B . VNET1
- C . NIC1
- D . NSG1
You have a deployment template named Template1 that is used to deploy 10 Azure web apps.
You need to identify what to deploy before you deploy Tempi ate 1. The solution must minimize Azure costs,
What should you identify?
- A . one App Service plan
- B . one Azure Traffic Manager
- C . five Azure Application Gateways
- D . 10 App Service plans
- E . one Azure Application Gateway
HOTSPOT
You have an Azure subscription named Subscription1 that contains a virtual network named VNet1.
You add the users in the following table.
Which user can perform each configuration? To answer select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
User1 – The Owner Role lets you manage everything, including access to resources.
User3 – The Network Contributor role lets you manage networks, including creating subnets.
User2 – The Security Admin role can view security policies, view security states, edit security policies, view alerts and recommendations, dismiss alerts and recommendations.
You have an Azure subscription that contains a virtual machine named VM1. VM1 hosts a line-of business application that is available 24 hours a day. VM1 has one network interface and one managed disk. VM1 uses the D4s v3 size.
You plan to make the following changes to VM1:
• Change the size to D8s v3.
• Add a 500-GB managed disk.
• Add the Puppet Agent extension.
• Enable Desired State Configuration Management.
Which change will cause downtime for VM1?
- A . Add the Puppet Agent extension.
- B . Change the size to D8s v3.
- C . Enable Desired State Configuration Management.
- D . Add a 500-GB managed disk.