Microsoft AZ-104 Exam Practice Test Instant Access

Question 1

You have an Azure subscription named Subscription1 that contains virtual network named VNetl. VNetl is in a resource group named RG1. A user named Userl has the following roles for Subscription!:

* Reader

* Security Admin

* Security Reader

You need to ensure that User1 can assign the Readerrole for VNet1 to other users. What should you do?

ARemove User1 from the Security Reader and Reader roles for Subscription1.

BAssign User1 the Owner role for VNet1.

CRemove User1 from the Security Reader role for Subscription1. Assign User1 the Contributor role for RG1.

DRemove User1 from the Security Reader and Reader roles for Subscription1. Assign User1 the Contributor role for Subscription1.

Answer : B

Question 2

You have an Azure subscription that contains 10 network security groups (NSGs), 10 virtual machines, and a Log Analytics workspace named Workspaces Each NSG is connected to a virtual machine.

You need to configure an Azure Monitor Network Insights alert that will be triggered when suspicious network traffic is detected.

What should you do first?

ADeploy Connection Monitor.

BConfigure a private link.

CConfigure NSG flow logs.

DConfigure data collection endpoints.

Answer : C

Question 3

You plan to deploy the resources shown in the following table.

You need to create a single Azure Resource Manager (ARM) template that will be used to deploy the resources.

Which resource should be added to the depends On section for VM1?

ANIC 1

BVNET1

CNSG1

DIP1

Answer : A

Question 4

You need to configure an Azure web app named contoso.azurewebsites.net to host wwwcontoso.com.

What should you do first?

ACreate a TXT record named wwsv.contoso.com that has a value of contosoazurewebsites.net.

BCreate a TXT record named asuid that contains the domain verification ID.

CCreate a CNAME record named asuid that contains the domain verification ID.

DCreate A records named www.contoso.com and asuid.contoso.com.

Answer : D

Question 5

You have an Azure Subscription that contains the virtual networks Shown in the following table.

All the virtual networks are peered. Each virtual network contains nine virtual machines.

You need to configure secure RDP corrections to the virtual machines by using Azure Boston.

Whit is the minimum number of Bastion nests required?

D10

Answer : C

Question 6

You have an Azure subscription that contains an Azure Kubernetes Service (AKS) cluster named Cluster1. Cluster1 hosts a node pool named Pool1 that has four nodes. You need to perform a coordinated upgrade of Cluster1. The solution must meet the following requirements:

* Deploy two new nodes to perform the upgrade.

* Minimize costs.

How should you complete the command

AExplanation:
Answer below

Answer : A

Question 7

You have an Azure subscription that contains 10 virtual machines, a key vault named Vault 1, and a network security group (NSG) named NSG1. All the resources are deployed to the East US Azure region.

The virtual machines are protected by using NSG1. NSG1 is configured to block all outbound traffic to the internet.

You need to ensure that the virtual machines can access Vault1. The solution must use the principle of least privilege and minimize administrative effort.

What should you configure as the destination of the outbound security rule for NSG1 ?

Aan application security group

Ban IP address range

Ca service tag

Answer : C

Microsoft AZ-104 Microsoft Azure Administrator Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7