A. A virtual network
B. Azure AD credentials
C. A virtual machine
D. A public IP address
Answer- B. Azure AD Credentials
2.You have to deploy an
application onto a set of virtual machines on Azure. You need to implement
design aspects of scalability and availability for the application.
Which of the following could be used to implement the aspect of scalability?
A. Azure Virtual Machine Scale Sets
B. Azure Availability Sets
C. Azure Availability Zones
Answer- A. Azure Virtual Machine
Scale Sets
3. You have a set of virtual
machines set up in Azure. You are testing for inbound connectivity from several
data sources. You need to use a tool to diagnose incoming traffic connectivity
issues. Which of the following would you use for this purpose?
A. Network Watcher - Next hop
B. Network Watcher - IP flow verify
C. Network Watcher - VPN diagnostics
D. Network Watcher - Diagnostics
Answer- B. Network Watcher - IP flow
verify
4. Your company currently has the
following infrastructure setup
● On-premise network IP address
range – 172.16.80.0/24
● On-premise VPN device public IP address – 40.12.0.5
● Azure virtual network
● Name – staging-network
● IP Address range - 10.4.0.0/16
● Subnets
● SubnetA – 10.4.0.0/24
The company wants to set up a site-to-site VPN connection.
Which of the following would you create in the Azure virtual network?
A. A Route Table
B. A Gateway Subnet
C. An Azure Load Balancer
Answer- B. A Gateway Subnet
5. Your company currently has the
following infrastructure setup
● On-premise network IP address
range – 172.16.80.0/24
● On-premise VPN device public IP address – 40.12.0.5
● Azure virtual network
● Name – staging-network
● IP Address range - 10.4.0.0/16
● Subnets
● SubnetA – 10.4.0.0/24
The company wants to set up a
site-to-site VPN connection.
Which of the following would you
specify as the IP address range in the Local Network Gateway resource you
create in Azure?
A. 40.12.0.5/32
B. 40.12.0.5/16
C. 172.16.80.0/24
D. 10.4.0.0/16
E. 10.4.0.0/24
Answer- C. 172.16.80.0/24
6. Your company has a series of
virtual machines created as part of their Azure subscription. They want to
ensure the IT administrative team is notified if any of the virtual machines go
into the “deallocated” state. Which of the following could you perform to
fulfill this requirement?
A. Create an Azure policy using an
in-built definition from the Compute category
B. Assign a resource tag for the virtual machines and then create an alert
based on the resource tags
C. Enable Diagnostics logs for the virtual machine. Create an alert based on
the deallocated activity from the log trail
D. Create an alert based on the Activity log for the virtual machines
Answer- D. Create an alert based on
the Activity log for the virtual machines
7. A company has currently set up an
Azure subscription. The company has several departments that would be creating
and using resources on the Azure platform. These departments would be using
resources scattered across several resource groups. The management wants to
have the ability to bill each department separately based on the resource
usage. Which of the following can be done to fulfill this requirement?
A. Create a billing report and
categorize the report resource group-wise
B. Tag the various resources department-wise
C. Add a property for each resource with the department name
D. Add a tag to each resource group with each department using the resources
within the resource group
Answer- B. Tag the various resources
department-wise.
8. A company has currently set up
an Azure subscription. The company wants to ensure that if any Azure SQL
databases are created as part of the subscription, they need to have
Transparent Data Encryption enabled. This is to keep in line with the security guidelines
set by the company. Which of the following could be used to achieve this?
A. Azure Advisor
B. Azure Locks
C. Azure Policies
D. Azure Monitor
Answer- C. Azure Policies
9. Which of the following tools
could be used to determine underutilized virtual machines running as part of
your Azure subscription?
A. Azure Advisor
B. Azure Subscription
C. Azure Policies
D. Azure Resource Group
Answer- A. Azure Advisor
10. You have an Azure subscription
with a tenant called contoso.com in Azure Active Directory (Azure AD) and an
Azure Kubernetes Service (AKS) cluster named AKS1.
An administrator states that she is unable to grant users in contoso.com access
to AKS1.
You must make certain that the contoso.com users have access to AKS1.
What should you start with?
A. From contoso.com, modify the
Organization relationships settings
B. From contoso.com, create an OAuth 2.0 authorization endpoint
C. Recreate AKS1
D. From AKS1, create a namespace
Answer- B. From contoso.com, create
an OAuth 2.0 authorization endpoint
11. Contoso.com is the name of a
Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant. You plan
to grant access to a temporary Microsoft SharePoint document library called
Library1 to three users named User1, User2, and User3. For the users, you must
build classes. After 180 days, the solution must ensure that the groups are
automatically removed.
Which of the two groups should you form?
NOTE: Each correct selection is worth one point.
A. An Office 365 group that uses the
Assigned membership type
B. A Security group that uses the Assigned membership type
C. An Office 365 group that uses the Dynamic User membership type
D. A Security group that uses the Dynamic User membership type
E. A Security group that uses the Dynamic Device membership type
Answer- A. An Office 365 group that
uses the Assigned membership type, and
C. An Office 365 group that uses the Dynamic User membership type
12. You've recently developed a new
Azure subscription with Admin1 as a recipient. Admin1 uses an Azure Resource Manager
template to deploy an Azure Marketplace resource. When Admin1 uses Azure
PowerShell to deploy the template, he receives the following error message:
"User failed validation to purchase resources." Error Message:
"This subscription's legal terms have not been approved for this item.
Please go to the Azure portal (http://go.microsoft.com/fwlink/?LinkId=534873)
and configure programmatic deployment for the Marketplace object, or build it
for the first time there, to acknowledge the legal terms."
You must ensure that Admin1 can successfully deploy the Marketplace resource.
So, what are your options?
A. From Azure PowerShell, run the
Set-AzApiManagementSubscription cmdlet
B. From the Azure portal, register the Microsoft.Marketplace resource provider
C. From Azure PowerShell, run the Set-AzMarketplaceTerms cmdlet
D. From the Azure portal, assign the Billing Administrator role to Admin1
Answer- C. From Azure PowerShell,
run the Set-AzMarketplaceTerms cmdlet
13. There are 5,000 user accounts in
your Azure Active Directory (Azure AD) tenant. You build AdminUser1 as a new
user account. You must give AdminUser1 the administrative position of User
administrator. What do you do with the assets of the user account?
A. From the Licenses blade, assign a
new license
B. From the Directory role blade, modify the directory role
C. From the Groups blade, invite the user account to a new group
Answer- B. From the Directory role
blade, modify the directory role
14. You have a tenant called
contoso.onmicrosoft.com that includes 100 user accounts in Azure Active
Directory (Azure AD). For the tenant, you buy ten Azure AD Premium P2 licenses.
You must ensure that ten users have access to all Azure AD Premium features.
So, what are your options?
A. From the Licenses blade of Azure AD,
assign a license
B. From the Groups blade of each user, invite the users to a group
C. From the Azure AD domain, add an enterprise application
D. From the Directory role blade of each user, modify the directory role
Answer- A. From the Licenses blade of
Azure AD, assign a license
15. You have a Microsoft System
Center Service Manager on-premises deployment and an Azure subscription called
Subscription1. A virtual machine, VM1 is included in Subscription1. When the
amount of usable memory on VM1 falls below 10%, you must ensure that an alarm
is set in the Service Manager.
What should you start with?
A. Create an automation runbook
B. Deploy a function app
C. Deploy the IT Service Management Connector (ITSM)
D. Create a notification
Answer- C. Deploy the IT Service
Management Connector (ITSM)
The AZ-104 Microsoft Azure Administrator certification
validates the competencies of candidates in managing cloud services including
computing, networking, storage, storage, security, and other Microsoft Azure
cloud capabilities. The certification and training renders across the board
understanding of cloud services across the entire IT lifecycle that would include
applications, infrastructure services and environments.
