Microsoft Microsoft Certifications AZ-104 Questions & Answers
Question 401:
You have an Azure subscription that contains 100 virtual machines.
You regularly create and delete virtual machines.
You need to identify unattached disks that can be deleted.
What should you do?
A. From Azure Cost Management, view Cost Analysis
B. From Azure Advisor, modify the Advisor configuration
C. From Microsoft Azure Storage Explorer, view the Account Management properties
D. From Azure Cost Management, view Advisor Recommendations
Correct Answer: C
You can find unused disks in the Azure Storage Explorer console.Once you drill down to the Blob containers under a storage account, you can see the lease state of the residing VHD (the lease state determines if the VHD is being used by
any resource) and the VM to which it is leased out. If you find that the lease state and the VM fields are blank, it means that the VHD in question is unused. The screenshot below shows two active VHDs being used by VMs as data and OS
disks.
The name of the VM and lease state are shown in the "VM Name" and "Lease State" columns, respectively.
You have a Basic App Service plan named ASP1 that hosts an Azure App Service named App1. You need to configure a custom domain and enable backups for App1. What should you do first?
A. Configure a WebJob for App1.
B. Scale up ASP1.
C. Scale out ASP1.
D. Configure the application settings for App1.
Correct Answer: B
Scale up ASP1 : Correct
Basic App service plan does not support backup/restore.
The Backup and Restore feature requires the App Service plan to be in the Standard, Premium or Isolated tier. Since in question it is mentioned as a Basic service plan app so at first you need to do it to Scale up the service plan so that backup can be enabled on App1. Scale up: Get more CPU, memory, disk space, and extra features like dedicated virtual machines (VMs), custom domains and certificates, staging slots, autoscaling, and more. You scale up by changing the pricing tier of the App Service plan that your app belongs to. Configure a WebJob for App1 : Incorrect WebJobs is a feature of Azure App Service that enables you to run a program or script in the same instance as a web app, API app, or mobile app. There is no additional cost to use WebJobs
Scale out ASP1 : Incorrect Scale out: Increase the number of VM instances that run your app. You can scale out to as many as 30 instances, depending on your pricing tier. Configure the application settings for App1 : Incorrect This is the 2nd step you need to perform once azure service plan upgraded to standard. Most folks don't realize how easy it is to configure a backup copy of your Azure App Service to ensure you have restorable archive copies of your app and database. In order to take advantage of this, you'll need to log into your Azure account and go to your App Service that you created and look under Settings then you will see Backup
You plan to move services from your on-premises network to Azure. You identify several virtual machines that you believe can be hosted in Azure. The virtual machines are shown in the following table.
Which two virtual machines can you access by using Azure migrate? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
A. Sea-CA0l
B. Hou-NW01
C. NYC-FS01
D. Sea-DC01
E. BOS-DB01
Correct Answer: CE
Azure Migrate provides a centralized hub to assess and migrate to Azure on-premises servers, infrastructure, applications, and data. It provides the following:
Unified migration platform: A single portal to start, run, and track your migration to Azure. Range of tools: A range of tools for assessment and migration. Azure Migrate tools include Server Assessment and Azure Migrate: Server Migration.
Azure Migrate also integrates with other Azure services and tools, and with independent software vendor (ISV) offerings. Assessment and migration: In the Azure Migrate hub, you can assess and migrate:
Servers: Assess on-premises servers and migrate them to Azure virtual machines or Azure VMware Solution (AVS) (Preview).
Databases: Assess on-premises databases and migrate them to Azure SQL Database or to SQL Managed Instance.
Web applications: Assess on-premises web applications and migrate them to Azure App Service by using the Azure App Service Migration Assistant. Virtual desktops: Assess your on-premises virtual desktop infrastructure (VDI) and migrate
it to Windows Virtual Desktop in Azure.
Data: Migrate large amounts of data to Azure quickly and cost-effectively using Azure Data Box products.
Based on this information let's analyze each option:
NYC-FS01 : Its role "Server" fall under above categories. Hence it can be accessed by using Azure migrate.
BOS-DB01 : Its role "server" fall under above categories. Hence it can be accessed by using Azure migrate.
Sea-CA01 : Its role "CA" does not fall under above categories. Hence it can not be accessed by using Azure migrate.
Hou-NW01 : Its role "DNS" does not fall under above categories. Hence it can not be accessed by using Azure migrate.
Sea-DC01 : Its role "DC" does not fall under above categories. Hence it can not be accessed by using Azure migrate.
Advisor helps you optimize and reduce your overall Azure spend by identifying idle and underutilized resources. You can get cost recommendations from the Cost tab on the Advisor dashboard.
Question 405:
You are the global administrator for an Azure Active Directory (Azure AD) tenet named adatum.com. You need to enable two-step verification for Azure users. What should you do?
A. Create a sign-in risk policy in Azure AD Identity Protection
B. Enable Azure AD Privileged Identity Management.
C. Create and configure the Identity Hub.
D. Configure a security policy in Azure Security Center.
Correct Answer: A
Identity Protection analyzes signals from each sign-in, both real-time and offline, and calculates a risk score based on the probability that the sign-in wasn't performed by the user. Administrators can make a decision based on this risk score signal to enforce organizational requirements. Administrators can choose to block access, allow access, or allow access but require multi-factor authentication. If risk is detected, users can perform multi-factor authentication to self-remediate and close the risky sign-in event to prevent unnecessary noise for administrators. With Azure Active Directory Identity Protection, you can:
1.
require users to register for multi-factor authentication
You have a resource group named RG1. RG1 contains an Azure Storage account named storageaccount1 and a virtual machine named VM1 that runs Windows Server 2016. Storageaccount1 contains the disk files for VM1. You apply a
ReadOnly lock to RG1.
What can you do from the Azure portal?
A. Generate an automation script for RG1.
B. View the keys of storageaccount1.
C. Upload a blob to storageaccount1.
D. Start VM1.
Correct Answer: C
Applying locks can lead to unexpected results because some operations that don't seem to modify the resource actually require actions that are blocked by the lock. Locks are inherited to all of its resources if it applies on resource group level. Upload a blob to storageaccount1 is possible if we have readonly lock on RG1 since we are trying to modify the data not resource properties. When a R/O lock is put on a resource, you lock it's properties not the resource. So while a read only lock is present on a storage account(inherited from a resource group), a file can still be uploaded to the already existing container of a storage account.
Incorrect Answers:
Generate an automation script for RG1 is NOT possible in read only mode. A read-only lock on a storage account prevents all users from listing the keys. The list keys operation is handled through a POST request because the returned keys
are available for write operations. When we tried to read the Access Key of the Storage Account , get the below message. Access blocked The resource is locked Cannot access the data plane because of a read lock on the resource or its
parent.
A read-only lock on a resource group that contains a virtual machine prevents all users from starting or restarting the virtual machine. These operations require a POST request.
You have an Azure subscription that contains a resource group named RG1. RG1 contains 100 virtual machines.
Your company has three cost centers named Manufacturing, Sales, and Finance.
You need to associate each virtual machine to a specific cost center.
What should you do?
A. Add an extension to the virtual machines.
B. Modify the inventory settings of the virtual machine.
C. Assign tags to the virtual machines.
D. Configure locks for the virtual machine.
Correct Answer: C
You apply tags to your Azure resources, resource groups, and subscriptions to logically organize them into a taxonomy. Each tag consists of a name and a value pair. For example, you can apply the name "Environment" and the value "Production" to all the resources in production
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates.
You need to view the date and time when the resources were created in RG1.
Solution: From the Subscriptions blade, you select the subscription, and then click Resource providers.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Through activity logs, you can determine:
1.
what operations were taken on the resources in your subscription
2.
who started the operation
3.
when the operation occurred
4.
the status of the operation
5.
the values of other properties that might help you research the operation
1. On the Azure portal menu, select Monitor, or search for and select Monitor from any page
2. Select Activity Log.
3. You see a summary of recent operations. A default set of filters is applied to the operations. Notice the information on the summary includes who started the action and when it happened.
You have an Azure subscription named Subscription1. Subscription1 contains the resource groups in the following table.
RG1 has a web app named WebApp1. WebApp1 is located in West Europe.
You move WebApp1 to RG2.
What is the effect of the move?
A. The App Service plan to WebApp1 moves to North Europe. Policy2 applies to WebApp1.
B. The App Service plan to WebApp1 moves to North Europe. Policy1 applies to WebApp1.
C. The App Service plan to WebApp1 remains to West Europe. Policy2 applies to WebApp1.
D. The App Service plan to WebApp1 remains to West Europe. Policy1 applies to WebApp1.
Correct Answer: C
You can move an app to another App Service plan, as long as the source plan and the target plan are in the same resource group and geographical region. The region in which your app runs is the region of the App Service plan it's in. However, you cannot change an App Service plan's region.
You have an Azure subscription named Subscription1 that contains two Azure virtual networks named VNet1 and VNet2. VNet1 contains a VPN gateway named VPNGW1 that uses static routing. There is a site-to-site VPN connection between your on-premises network and VNet1.
On a computer named Client1 that runs Windows 10, you configure a point-to-site VPN connection to VNet1.
You configure virtual network peering between VNet1 and VNet2. You verify that you can connect to VNet2 from the on-premises network. Client1 is unable to connect to VNet2.
You need to ensure that you can connect Client1 to VNet2.
What should you do?
A. Select Use the remote virtual network's gateway or Route Server on VNet1 to VNet2 peering.
B. Select Use the remote virtual network s gateway or Route Server on VNet2 to VNet1 peering.
C. Download and re-install the VPN client configuration package on Client1.
D. Enable BGP on VPNGW1.
Correct Answer: C
If you make a change to the topology of your network and have Windows VPN clients, the VPN client package for Windows clients must be downloaded and installed again in order for the changes to be applied to the client. https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site-routing
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your AZ-104 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.
