Practice Free AZ-104 Exam Online Questions
You need to meet the technical requirement for VM4.
What should you create and configure?
- A . an Azure Notification Hub
- B . an Azure Event Hub
- C . an Azure Logic App
- D . an Azure services Bus
B
Explanation:
Scenario: Create a workflow to send an email message when the settings of VM4 are modified.
You can start an automated logic app workflow when specific events happen in Azure resources or third-party resources. These resources can publish those events to an Azure event grid. In turn, the event grid pushes those events to subscribers that have queues, webhooks, or event hubs as endpoints. As a subscriber, your logic app can wait for those events from the event grid before running automated workflows to perform tasks – without you writing any code.
Reference: https://docs.microsoft.com/en-us/azure/event-grid/monitor-virtual-machine-changes-event-grid-logic-app
HOTSPOT
You have an Azure subscription that contains the users shown in the following table.
The groups are configured as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Explanation:
https://learn.microsoft.com/en-us/azure/active-directory/roles/groups-concept#how-are-role-assignable-groups-protected
"Group nesting isn’t supported. A group can’t be added as a member of a role-assignable group."
For the second question:
https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/how-to-manage-groups#add-or-remove-a-group-from-another-group
"We currently don’t support:
…
Adding Microsoft 365 groups to Security groups or other Microsoft 365 groups."
For the third question, although it appears truncated in the screenshot (ending with "for…") there is a reference about Microsoft 365 groups support for roles assignment here:
https://learn.microsoft.com/en-us/azure/active-directory/roles/groups-concept#how-role-assignments-to-groups-work
"To assign a role to a group, you must create a new security or Microsoft 365 group with the isAssignableToRole property set to true."
HOTSPOT
You have an Azure Storage account named storage1 that stores images.
You need to create a new storage account and replicate the images in storage1 to the new account by using object replication.
How should you configure the new account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have an Azure Subscription that contains the virtual networks Shown in the following table.
All the virtual networks are peered. Each virtual network contains nine virtual machines.
You need to configure secure RDP corrections to the virtual machines by using Azure Boston.
Whit is the minimum number of Bastion nests required?
- A . 1
- B . 3
- C . 9
- D . 10
B
Explanation:
According to the Microsoft documentation, Azure Bastion is a service that provides more secure and seamless RDP and SSH access to virtual machines without any exposure through public IP addresses. You can provision the service directly in your local or peered virtual network to get support for all the VMs within it.
In your scenario, you have three virtual networks that are peered with each other. This means that they can communicate with each other as if they were in the same virtual network. Therefore, you can deploy one Bastion host in any of the virtual networks and use it to connect to all the virtual machines in the peered virtual networks. You don’t need to deploy a separate Bastion host for each virtual network or each virtual machine.
For more information about how to deploy and use Azure Bastion, see Tutorial: Deploy Bastion using
specified settings: Azure portal.
HOTSPOT
You have an Azure subscription that contains the storage accounts shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
Explanation:
Box 1: contoso104 only
Premium file shares are hosted in a special purpose storage account kind, called a FileStorage account.
Box 2: contoso101, contoso102, and contos103 only
Reference:
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-create-premium-fileshare?tabs=azure-portal
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers
You need to prepare the environment to meet the authentication requirements.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE Each correct selection is worth one point.
- A . Azure Active Directory (AD) Identity Protection and an Azure policy
- B . a Recovery Services vault and a backup policy
- C . an Azure Key Vault and an access policy
- D . an Azure Storage account and an access policy
C
Explanation:
D: Seamless SSO works with any method of cloud authentication – Password Hash Synchronization or Pass-through Authentication, and can be enabled via Azure AD Connect.
B: You can gradually roll out Seamless SSO to your users. You start by adding the following Azure AD URL to all or selected users’ Intranet zone settings by using Group Policy in Active Directory: https://autologon.microsoftazuread-sso.com
HOTSPOT
You have a Microsoft Entra tenant.
You need to modify the Default user role permissions settings for the tenant.
The solution must meet the following requirements:
* Standard users must be prevented from creating new service principals.
* Standard users must only be able to use PowerShell or Microsoft Graph to manage their own Azure resources.
Which two settings should you modify? To answer, select the appropriate settings in the answer area. NOTE: Each correct answer is worth one point.
You have an Azure subscription that contains an Azure Stream Analytics job named Job1. You need to monitor input events for Job1 to identify the number of events that were NOT processed.
Which metric should you use?
- A . Output Events
- B . Backlogged Input Events
- C . Out-of-Order Events
- D . Late Input Events
B
Explanation:
Backlogged Input Events is a metric that shows the number of input events that are waiting to be processed by the Stream Analytics job1. This metric indicates the performance and health of the job, as well as the input data rate and latency. If the Backlogged Input Events metric is high or increasing, it means that the job is not able to keep up with the incoming events and some events are not processed in a timely manner2.
Output Events is a metric that shows the number of output events that are emitted by the Stream Analytics job1. This metric indicates the output data rate and throughput of the job. It does not show how many input events were not processed by the job.
Out-of-Order Events is a metric that shows the number of input events that arrive out of order based on their timestamp1. This metric indicates the quality and consistency of the input data source. It does not show how many input events were not processed by the job.
Late Input Events is a metric that shows the number of input events that arrive after the late arrival window has expired1. This metric indicates the timeliness and reliability of the input data source. It does not show how many input events were not processed by the job.
You need to implement a backup solution for App1 after the application is moved.
What should you create first?
- A . a recovery plan
- B . an Azure Backup Server
- C . a backup policy
- D . a Recovery Services vault
D
Explanation:
A Recovery Services vault is a logical container that stores the backup data for each protected resource, such as Azure VMs. When the backup job for a protected resource runs, it creates a recovery point inside the Recovery Services vault.
Scenario:
There are three application tiers, each with five virtual machines.
Move all the virtual machines for App1 to Azure.
Ensure that all the virtual machines for App1 are protected by backups.
Reference: https://docs.microsoft.com/en-us/azure/backup/quick-backup-vm-portal
HOTSPOT
You have an Azure subscription and a Microsoft Entra ID P1 license.
You need to perform the following actions:
* Enable self-service password reset (SSPR) for all users.
* Require the users to answer four questions when registering for SSPR.
Which two settings should you use? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.
