Microsoft Azure Administrator AZ-104 Exam Practice Test

Page: 1 / 14
Total 430 questions
Question 1

You have an Azure subscription.

You create an Azure container registry and a container image

You need to push the container image to the container registry by using the Azure Command-Line Interface (CU).

You sign in to the container registry.

Which action should you perform next?



Answer : A

To push a container image to an Azure Container Registry (ACR) using the Azure CLI, there is a well-defined sequence of steps you must follow. Signing in to the registry is an essential part, but the next critical step involves tagging the image correctly before pushing.


Question 2

You have an Azure subscription named Subscription1.

You have 5 TB of data that you need to transfer to Subscription1.

You plan to use an Azure Import/Export job.

What can you use as the destination of the imported data?



Answer : D

Azure Import/Export service is used to securely import large amounts of data to Azure Blob storage and Azure Files by shipping disk drives to an Azure datacenter.

The maximum size of an Azure Files Resource of a file share is 5 TB.


https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-service

Question 3

You plan to create an Azure virtual machine named VM1 that will be configured as shown in the following exhibit.

The planned disk configurations for VM1 are shown in the following exhibit.

You need to ensure that VM1 can be created in an Availability Zone.

Which two settings should you modify? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.



Answer : A, B

https://docs.microsoft.com/en-us/azure/site-recovery/move-azure-vms-avset-azone https://docs.microsoft.com/en-us/azure/virtual-machines/windows/create-portal-availability-zone https://docs.microsoft.com/en-us/azure/virtual-machines/manage-availability https://docs.microsoft.com/en-us/azure/availability-zones/az-overview#availability-zones


Question 4

You have an Azure subscription that contains the virtual machines shown in the following table.

javascript:void(0)

You deploy a load balancer that has the following configurations:

* Name: LB1

* Type internal

* SKU: Standard

* Virtual network VNET1

You need to ensure that you can add VM1 and VM2 to the backend pool of LB1.

Solution: You create a Basic SKU public IP address, associate the address to the network interface of VM1, and then start VM1.

Does this meet the goal?



Answer : B

You can only attach virtual machines that are in the same location and on the same virtual network as the LB. Virtual machines must have a standard SKU public IP or no public IP.

The LB needs to be a standard SKU to accept individual VMs outside an availability set or vmss. VMs do not need to have public IPs but if they do have them they have to be standard SKU. Vms can only be from a single network. When they don't have a public IP they are assigned an ephemeral IP.

Also, when adding them to a backend pool, it doesn't matter in which status are the VMs.

Note: Load balancer and the public IP address SKU must match when you use them with public IP addresses.


Question 5

You have a Microsoft Entra tenant that contains 5,000 user accounts.

You create a new user account named AdminUser1.

You need to assign the User Administrator administrative role to AdminUser1.

What should you do from the user account properties?



Answer : B


Question 6

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You need to ensure that an Azure Active Directory (Azure AD) user named Admin1 is assigned the required role to enable Traffic Analytics for an Azure subscription.

Solution: You assign the Owner role at the subscription level to Admin1.

Does this meet the goal?



Answer : B

The Owner role is a very high-level role that grants full access to manage all resources in the scope, including the ability to assign roles to other users. This role does not follow the principle of least privilege, which means that you should only grant the minimum level of access required to accomplish the goal.

To enable Traffic Analytics for an Azure subscription, you need to have a role that grants you the following permissions at the subscription level:

Microsoft.Network/applicationGateways/read

Microsoft.Network/connections/read

Microsoft.Network/loadBalancers/read

Microsoft.Network/localNetworkGateways/read

Microsoft.Network/networkInterfaces/read

Microsoft.Network/networkSecurityGroups/read

Microsoft.Network/publicIPAddresses/read

Microsoft.Network/routeTables/read

Microsoft.Network/virtualNetworkGateways/read

Microsoft.Network/virtualNetworks/read

Microsoft.OperationalInsights/workspaces/*

Some of the built-in roles that have these permissions are Owner, Contributor, or Network Contributor1. However, these roles also grant other permissions that may not be necessary or desirable for enabling Traffic Analytics.Therefore, the best practice is to use the principle of least privilege and create a custom role that only has the required permissions for enabling Traffic Analytics2.

Therefore, to meet the goal of ensuring that an Azure AD user named Admin1 is assigned the required role to enable Traffic Analytics for an Azure subscription, you should create a custom role with the required permissions and assign it to Admin1 at the subscription level.


Question 7

You need to ensure that VM1 can communicate with VM4. The solution must minimize administrative effort.

What should you do?



Answer : B


https://docs.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal

Page:    1 / 14   
Total 430 questions