AZ-104 exam simplified with latest dumps

Venture beyond the ordinary and tap into the extraordinary wealth of knowledge encapsulated within the AZ-104 dumps. Precisely engineered to reflect the multifaceted tapestry of the syllabus, the AZ-104 dumps lay out a galaxy of practice questions, illuminating the path to mastery. Whether you\’re drawn to the crisp articulation in PDFs or captivated by the dynamic interplay in the VCE format, the AZ-104 dumps stand as a testament to academic excellence. A holistic study guide, synergistically entwined with the AZ-104 dumps, unravels the mysteries, providing clarity and purpose. With unwavering faith in the caliber of these tools, we pledge our 100% Pass Guarantee.

[Latest Addition] Set the stage for a 100% pass with the AZ-104 PDF and Exam Questions, available for free

Question 1:

Your company has an Azure subscription.

You need to deploy a number of Azure virtual machines (VMs) using Azure Resource Manager (ARM) templates. You have been informed that the VMs will be included in a single availability set.

You are required to make sure that the ARM template you configure allows for as many VMs as possible to remain accessible in the event of fabric failure or maintenance.

Which of the following is the value that you should configure for the platformUpdateDomainCount property?

A. 10

B. 20

C. 30

D. 40

Correct Answer: B

Each availability set can be configured with up to three fault domains and twenty update domains. https://docs.microsoft.com/en-us/azure/virtual-machines/availability-set-overview

Question 2:

Your network contains an on-premises Active Directory Domain Services (AD DS) domain named contoso.com. The domain contains the servers shown in the following table.

You plan to migrate contoso.com to Azure.

You create an Azure virtual network named VNET1 that has the following settings:

Address space: 10.0.0.0/16

Subnet:

Name: Subnet1

IPv4: 10.0.1.0/24

You need to move DC1 to VNET1. The solution must ensure that the member servers in contoso.com can resolve AD DS DNS names.

How should you configure DO? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Correct Answer:

Question 3:

You have an Azure AD tenant named adatum.com that contains the groups shown in the following table.

Adatum.com contains the users shown in the following table.

You assign the Azure Active Directory Premium Plan 2 license to Group1 and User4. Which users are assigned the Azure Active Directory Premium Plan 2 license?

A. User4 only

B. User1 and User4 only

C. User1, User2, and User4 only

D. User1, User2, User3, and User4

Correct Answer: B

Question 4:

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You need to ensure that an Azure Active Directory (Azure AD) user named Admin1 is assigned the required role to enable Traffic Analytics for an Azure subscription.

Solution: You assign the Network Contributor role at the subscription level to Admin1.

Does this meet the goal?

A. Yes

B. No

Correct Answer: A

Your account must meet one of the following to enable traffic analytics:

Your account must have any one of the following Azure roles at the subscription scope: owner, contributor, reader, or network contributor.

Reference: https://docs.microsoft.com/en-us/azure/network-watcher/traffic-analytics-faq

Question 5:

You plan to back up an Azure virtual machine named VM1.

You discover that the Backup Pre-Check status displays a status of Warning.

What is a possible cause of the Warning status?

A. VM1 is stopped.

B. VM1 does not have the latest version of the Azure VM Agent (WaAppAgent.exe) installed.

C. VM1 has an unmanaged disk.

D. A Recovery Services vault is unavailable.

Correct Answer: B

The Warning state indicates one or more issues in VM\’s configuration that might lead to backup failures and provides recommended steps to ensure successful backups. Not having the latest VM Agent installed, for example, can cause backups to fail intermittently and falls in this class of issues.

Reference: https://azure.microsoft.com/en-us/blog/azure-vm-backup-pre-checks/

Question 6:

You deploy an Azure Kubernetes Service (AKS) cluster named Cluster1 that uses the IP addresses shown in the following table.

You need to provide internet users with access to the applications that run in Cluster1. Which IP address should you include in the DNS record for Cluster1?

A. 172.17.7.1

B. 131.107.2.1

C. 192.168.10.2

D. 10.0.10.11

Correct Answer: B

When any internet user will try to access the cluster which is behind a load balancer, traffic will first hit to load balancer front end IP. So in the DNS configuration you have to provide the IP address of the load balancer.

Reference:

https://stackoverflow.com/questions/43660490/giving-a-dns-name-to-azure-load-balancer

Question 7:

You have an Azure subscription that contains two virtual machines as shown in the following table.

You perform a reverse DNS lookup for 10.0.0.4 from VM2. Which FQDN will be returned?

A. vm1.core.windows.net

B. vm1.internal.cloudapp.net

C. vm1.westeurope.cloudapp.azure.com

D. vm1.azure.com

Correct Answer: B

This is an excerpt from the official documentation in the section “Reverse DNS Considerations” Form : https://docs.microsoft.com/en-us/azure/virtual-network/virtual- networks-name-resolution-for-vms-and-role-instances#dns-clientconfiguration […” – All PTR queries for IP addresses of virtual machines will return FQDNs of form [vmname].internal.cloudapp.net – Forward lookup on FQDNs of form

[vmname].internal.cloudapp.net will resolve to IP address assigned to the virtual machine. – If the virtual network is linked to an Azure DNS private zones as a registration virtual network, the reverse DNS queries will return two records. One record will be of the form [vmname].[privatednszonename] and the other will be of the form [vmname].internal.cloudapp.net “…] https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution- for-vms-and-roleinstances

Question 8:

You have the Azure virtual machines shown in the following table.

A DNS service is installed on VM1.

You configure the DNS servers settings for each virtual network as shown in the following exhibit.

You need to ensure that all the virtual machines can resolve DNS names by using the DNS service on VM1. What should you do?

A. Configure a conditional forwarder on VM1

B. Add service endpoints on VNET1

C. Add service endpoints on VNET2 and VNET3

D. Configure peering between VNET1, VNET2, and VNET3

Correct Answer: D

Virtual network peering enables you to seamlessly connect networks in Azure Virtual Network. The virtual networks appear as one for connectivity purposes. The traffic between virtual machines uses the Microsoft backbone infrastructure.

Incorrect Answers:

B, C: Virtual Network (VNet) service endpoint provides secure and direct connectivity to Azure services over an optimized route over the Azure backbone network. Endpoints allow you to secure your critical Azure service resources to only

your virtual networks. Service Endpoints enables private IP addresses in the VNet to reach the endpoint of an Azure service without needing a public IP address on the VNet.

Reference:

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview

Question 9:

You have an Azure App Service plan named AdatumASP1 that hosts several Azure web apps.

You discover that the web apps respond slowly.

You need to provide additional memory and CPU resources to each instance of the web apps.

What should you do?

A. Add continues WebJob that use the multi-instance scale

B. Scale out AdatumASP1

C. Add a virtual machine scale set

D. Scale up AdatumASP1

Correct Answer: D

References:

https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/app-service/web-sites-scale.md Scale up : Correct Choice

Scale up: Get more CPU, memory, disk space, and extra features like dedicated virtual machines (VMs), custom domains and certificates, staging slots, autoscaling, and more. You scale up by changing the pricing tier of the App Service plan

that your app belongs to.

Scale out : Incorrect Choice

Scale out: Increase the number of VM instances that run your app. You can scale out to as many as 30 instances, depending on your pricing tier. App Service Environments in Isolated tier further increases your scale-out count to 100

instances. For more information about scaling out, see Scale instance count manually or automatically.

Add continuous WebJobs : Incorrect Choice

WebJobs is a feature of Azure App Service that enables you to run a program or script in the same instance as a web app, API app, or mobile app. Add continuous WebJobs will Starts immediately when the WebJob is created. To keep the

job from ending, the program or script typically does its work inside an endless loop. If the job does end, you can restart it.Starts only when triggered manually or on a schedule.

Add a virtual machine scale set : Incorrect Choice

A virtual machine scale set allows you to deploy and manage a set of identical, autoscaling virtual machines. You can scale the number of VMs in the scale set manually. You can also define rules to autoscale based on resource usage such

as CPU, memory demand, or network traffic. It will not increase the slowness of the apps.

References:

https://docs.microsoft.com/en-us/azure/app-service/manage-scale-up https://docs.microsoft.com/en-us/azure/app-service/webjobs-create#webjob-types

Question 10:

You need to recommend a solution to automate the configuration for the finance department users. The solution must meet the technical requirements.

What should you include in the recommendation?

A. Azure AP B2C

B. Azure AD Identity Protection

C. an Azure logic app and the Microsoft Identity Management (MIM) client

D. dynamic groups and conditional access policies

Correct Answer: D

Scenario: Ensure Azure Multi-Factor Authentication (MFA) for the users in the finance department only.

The recommendation is to use conditional access policies that can then be targeted to groups of users, specific applications, or other conditions.

Technically, The finance department needs to migrate their users from AD to AAD using AADC based on the finance OU, and need to enforce MFA use. This is conditional access policy. Employees also often get promotions and/or join other departments and when that occurs, the user\’s OU attribute will change when the admin puts the user in a new OU, and the dynamic group conditional access exception (OU= [Department Name Value]) will move the user to the appropriate dynamic group on next AADC delta sync.

References: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamicmembership https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

Question 11:

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups.

Another administrator plans to create several network security groups (NSGs) in the subscription.

You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks.

Solution: You assign a built-in policy definition to the subscription.

Does this meet the goal?

A. Yes

B. No

Correct Answer: B

Resource policy definition used by Azure Policy enables you to establish conventions for resources in your organization by describing when the policy is enforced and what effect to take. However, there are no built-in policy definitions. Though there are sample policy defintions.

Reference: https://docs.microsoft.com/en-us/azure/azure-policy/policy-definition

Question 12:

You have an Azure web app named App1 that streams video content to users. App1 is located in the East US Azure region.

Users in North America stream the video content without any interruption.

Users in Asia and Europe report that the video buffer often and do not play back smoothly.

You need to recommend a solution to improve video streaming to the European and Asian users.

What should you recommend?

A. Scale out the App Service plan.

B. Scale up the App Service plan.

C. Configure an Azure Content Delivery Network (CDN) endpoint.

D. Configure Azure File Sync.

Correct Answer: C

A content delivery network (CDN) is a distributed network of servers that can efficiently deliver web content to users. CDNs\’ store cached content on edge servers in point-of-presence (POP) locations that are close to end users, to minimize

latency.

Azure Content Delivery Network (CDN) offers developers a global solution for rapidly delivering high- bandwidth content to users by caching their content at strategically placed physical nodes across the world.

Reference: https://docs.microsoft.com/en-us/azure/cdn/cdn-overview

Question 13:

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure subscription that contains the virtual machines shown in the following table.

You deploy a load balancer that has the following configurations:

1.

Name: LB1

2.

Type: Internal

3.

SKU: Standard

4.

Virtual network: VNET1

You need to ensure that you can add VM1 and VM2 to the backend pool of LB1.

Solution: You create a Standard SKU public IP address, associate the address to the network interface of VM1, and then stop VM2.

Does this meet the goal?

A. Yes

B. No

Correct Answer: B

You can only attach virtual machines that are in the same location and on the same virtual network as the LB. Virtual machines must have a standard SKU public IP or no public IP.

The LB needs to be a standard SKU to accept individual VMs outside an availability set or vmss. VMs do not need to have public IPs but if they do have them they have to be standard SKU. Vms can only be from a single network. When they

don\’t have a public IP they are assigned an ephemeral IP.

Also, when adding them to a backend pool, it doesn\’t matter in which status are the VMs.

Note: Load balancer and the public IP address SKU must match when you use them with public IP addresses.

Reference:

https://docs.microsoft.com/en-us/azure/load-balancer/backend-pool-management

Question 14:

You have an Active Directory forest named contoso.com.

You install and configure Azure AD Connect to use password hash synchronization as the single sign-on (SSO) method. Staging mode is enabled.

You review the synchronization results and discover that the Synchronization Service Manager does not display any sync jobs.

You need to ensure that the synchronization completes successfully.

What should you do?

A. From Synchronization Service Manager, run a full import.

B. Run Azure AD Connect and set the SSO method to Pass-through Authentication.

C. From Azure PowerShell, run Start-AdSyncSyncCycle -PolicyType Initial.

D. Run Azure AD Connect and disable staging mode.

Correct Answer: D

Staging mode must be disabled. If the Azure AD Connect server is in staging mode, password hash synchronization is temporarily disabled.

References:

https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync- troubleshoot-password-hash-synchronization#no-passwords-are-synchronized-troubleshoot-by- using-the-troubleshooting-task

Question 15:

You have an Azure subscription. The subscription contains a storage account named storage1 that has the lifecycle management rules shown in the following table.

On June 1, you store a blob named File1 in the Hot access tier of storage1. What is the state of File1 on June 7?

A. stored in the Archive access tier

B. stored in the Hot access tier

C. stored in the Cool access tier

D. deleted

Correct Answer: D

If you define more than one action on the same blob, lifecycle management applies the least expensive action to the blob. For example, action delete is cheaper than action tierToArchive. Action tierToArchive is cheaper than action tierToCool.

https://learn.microsoft.com/en-us/azure/storage/blobs/lifecycle-management-overview