Az-104 2
Uploaded by
khannasavi2001Az-104 2
Uploaded by
khannasavi2001Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Exam Questions AZ-104
Microsoft Azure Administrator
https://www.2passeasy.com/dumps/AZ-104/
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
NEW QUESTION 1
- (Topic 5)
You have an Azure subscription. The subscription contains virtual machines that connect to a virtual network named VNet1.
You plan to configure Azure Monitor for VM Insights.
You need to ensure that all the virtual machines only communicate with Azure Monitor through VNet1.
What should you create first?
A. an Azure Monitor Private Link Scope (AMPIS)
B. a private endpoint
C. a Log Analytics workspace
D. a data collection rule (DCR)
Answer: A
Explanation:
Azure Monitor for VM Insights is a feature of Azure Monitor that provides comprehensive monitoring and diagnostics for your Azure virtual machines and virtual
machine scale sets. It collects performance data, process information, and network dependencies from your virtual machines and displays them in interactive
charts and maps. You can use Azure Monitor for VM Insights to troubleshoot performance issues, optimize resource utilization, and identify network bottlenecks1.
To enable Azure Monitor for VM Insights, you need to install two agents on your virtual machines: the Azure Monitor agent (preview) and the Dependency agent.
The Azure Monitor agent collects performance metrics and sends them to a Log Analytics workspace. The Dependency agent collects process information and
network dependencies and sends them to the InsightsMetrics table in the same workspace2.
By default, the agents communicate with Azure Monitor over the public internet. However, if you want to ensure that all the virtual machines only communicate with
Azure Monitor through a virtual network named VNet1, you need to configure private network access for the agents.
Private network access allows the agents to communicate with Azure Monitor using a
private endpoint, which is a special network interface that connects your virtual network to
an Azure service without exposing it to the public internet. A private endpoint uses a private IP address from your virtual network address space, so you can
secure and control the network traffic between your virtual machines and Azure Monitor3.
To configure private network access for the agents, you need to create an Azure Monitor Private Link Scope (AMPIS) first. An AMPIS is a resource that groups
one or more Log Analytics workspaces together and associates them with a private endpoint. An AMPIS allows you to manage the private connectivity settings for
multiple workspaces in one place4.
After creating an AMPIS, you need to create a private endpoint in VNet1 and link it to the AMPIS. This will enable the agents on your virtual machines to send data
to the Log Analytics workspaces in the AMPIS using the private IP address of the private endpoint5.
NEW QUESTION 2
- (Topic 5)
You have an Azure subscription that contains two Log Analytics workspaces named Workspace 1 and Workspace? and 100 virtual machines that run Windows
Server.
You need to collect performance data and events from the virtual machines. The solution must meet the following requirements:
• Logs must be sent to Workspace! and Workspace?
• All Windows events must be captured
• All security events must be captured.
What should you install and configure on each virtual machine?
A. the Azure Monitor agent
B. the Windows Azure diagnostics extension (WAD)
C. the Windows VM agent
Answer: A
Explanation:
https://learn.microsoft.com/en-us/azure/azure-monitor/agents/agents-overview Azure Monitor Agent (AMA) collects monitoring data from the guest operating
system of Azure and hybrid virtual machines and delivers it to Azure Monitor for use by features, insights, and other services, such as Microsoft Sentinel and
Microsoft Defender for Cloud. Azure Monitor Agent replaces all of Azure Monitor's legacy monitoring agents.
NEW QUESTION 3
HOTSPOT - (Topic 5)
You have an Azure Load Balancer named LB1.
You assign a user named User1 the roles shown in the following exhibit.
A. Mastered
B. Not Mastered
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Answer: A
Explanation:
User Access Administrator can only assign access to other users
https://docs.microsoft.com/en-us/azure/role-based-access-control/rbac-and-directory- admin-roles
Virtual Machine Contributor can Manage VMs, which includes deleting VMs too. https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-
roles#virtual-machine-contributor
https://docs.microsoft.com/en-us/answers/questions/350635/can-virtual-machine-contributor-create-vm.html
NEW QUESTION 4
- (Topic 5)
You have an Azure subscription that contains the resources in the following table.
VM1 and VM2 are deployed from the same template and host line-of-business applications accessed by using Remote Desktop. You configure the network
security group (NSG) shown in the exhibit. (Click the Exhibit button.)
You need to prevent users of VM1 and VM2 from accessing websites on the Internet. What should you do?
A. Associate the NSG to Subnet1.
B. Disassociate the NSG from a network interface.
C. Change the DenyWebSites outbound security rule.
D. Change the Port_80 inbound security rule
Answer: A
Explanation:
Outbound rule “DenyWebSites” is setup correctly to block outbound internet traffic over port 80. In the screenshot it states, "Associated with: 0 subnets, 0 NIC's",
so you need to associate the NSG to Subnet1.You can associate or dissociate a network security group from a NIC or Subnet. Reference:
https://docs.microsoft.com/en-us/azure/virtual- network/manage-network-security-group
NEW QUESTION 5
- (Topic 5)
You deploy an Azure Kubernetes Service (AKS) cluster named Cluster1 that uses the IP addresses shown in the following table.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
You need to provide internet users with access to the applications that run in Cluster1. Which IP address should you include in the DNS record for Ousted?
A. 172.17.7.1
B. 131.107.2.1
C. 192.168.10.2
D. 10.0.10.11
Answer: B
Explanation:
When any internet user will try to access the cluster which is behind a load balancer, traffic
will first hit to load balancer front end IP. So in the DNS configuration you have to provide the IP address of the load balancer.
Reference:
https://stackoverflow.com/questions/43660490/giving-a-dns-name-to-azure-load-balancer
NEW QUESTION 6
- (Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named
Developers. Subscription1 contains a resource group named Dev.
You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.
Solution: On Subscription1, you assign the Logic App Operator role to the Developers group.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
The Logic App Operator role only grants the ability to read, enable, disable, and run logic apps. It does not grant the ability to create logic apps. To create logic
apps, you need to assign the Logic App Contributor role or a higher-level role such as Owner or Contributor. Then, References: [Built-in roles for Azure resources]
[Azure Logic Apps permissions and access control]
NEW QUESTION 7
HOTSPOT - (Topic 5)
You have an Azure Storage accounts as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
A. Mastered
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
B. Not Mastered
Answer: A
Explanation:
Box 1: storageaccount1 and storageaccount2 only Box 2: All the storage accounts
Note: The three different storage account options are: General-purpose v2 (GPv2) accounts, General-purpose v1 (GPv1) accounts, and Blob storage accounts.
? General-purpose v2 (GPv2) accounts are storage accounts that support all of the
latest features for blobs, files, queues, and tables.
? Blob storage accounts support all the same block blob features as GPv2, but are limited to supporting only block blobs.
? General-purpose v1 (GPv1) accounts provide access to all Azure Storage services, but may not have the latest features or the lowest per gigabyte pricing.
References: https://docs.microsoft.com/en-us/azure/storage/common/storage-account- options
NEW QUESTION 8
HOTSPOT - (Topic 5)
You have an Azure subscription that contains the container images shown in the following table.
You plan to use the following services:
• Azure Container Instances
• Azure Container Apps
• Azure App Service
In which services can you run the images? To answer, select the options in the answer area.
NOTE: Each correct answer is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Image 1: Azure Container Apps only.image 2: Azure Container Instances, Azure Container Apps, and App Services.
The images you have in your Azure subscription are different types of container images that can run on different Azure services. A container image is a package of
software that includes everything needed to run an application, such as code, libraries, dependencies, and configuration files. Container images are portable and
consistent across different environments, such as development, testing, and production.
Azure Container Instances is a service that allows you to run containers directly on the Azure cloud, without having to manage any infrastructure or orchestrators.
You can use Azure Container Instances to run any container image that is compatible with the Docker image format and follows the Open Container Initiative (OCI)
specification. You can also run Windows or Linux containers on Azure Container Instances.
Azure Container Apps is a service that allows you to build and deploy cloud-native applications and microservices using serverless containers. You can use Azure
Container Apps to run any container image that is compatible with the Docker image format and follows the Open Container Initiative (OCI) specification. You can
also run Windows or Linux containers on Azure Container Apps.
Azure App Service is a service that allows you to build and host web applications, mobile backends, and RESTful APIs using various languages and frameworks.
You can use Azure App Service to run custom container images that are compatible with the Docker image format and follow the App Service Docker image
contract. You can also run Windows or Linux containers on Azure App Service.
NEW QUESTION 9
HOTSPOT - (Topic 5)
Your company purchases a new Azure subscription.
You create a file named Deploy json as shown in the following exhibit
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
You connect to the subscription and run the following cmdlet:
New-AzDeployment -Location westus -TemplateFile “deploy.json”"
For each of the following statements, select Yes if the statement is true. Otherwise, select
No.
A. Mastered
B. Not Mastered
Answer: A
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Explanation:
Based on the file named Deploy.json and the cmdlet you ran, here are the answers to your statements:
? You can deploy a virtual machine to RGI. = No
? You can deploy a virtual machine to RG2. = No
? You can manually create a resource group named RG3. = Yes Let me explain why:
? The Deploy.json file defines a template for creating a resource group and a virtual machine in Azure. The template has two parameters: resourceGroupName
and vmName. The template also has two resources: one for the resource group and one for the virtual machine. The resource group resource has a property
called name, which is set to the value of the resourceGroupName parameter. The virtual machine resource has a property called location, which is set to the value
of the location parameter of the deployment cmdlet.
? The cmdlet you ran specifies the location as westus and the template file as Deploy.json. However, it does not specify any values for the resourceGroupName
and vmName parameters. Therefore, the cmdlet will prompt you to enter those values interactively before creating the deployment.
? If you enter RGI as the value for the resourceGroupName parameter and VM1 as the value for the vmName parameter, then the cmdlet will create a resource
group named RGI and a virtual machine named VM1 in the westus location. Therefore, you can deploy a virtual machine to RGI.
? However, if you enter RG2 as the value for the resourceGroupName parameter, then the cmdlet will fail with an error. This is because RG2 already exists in your
subscription and you cannot create a resource group with the same name as an existing one. Therefore, you cannot deploy a virtual machine to RG2 using this
template and cmdlet.
? You can manually create a resource group named RG3 by using another cmdlet: New-AzResourceGroup. This cmdlet takes two parameters: Name and
RG3 in westus:
Location. For example, you
New-AzResourceGroup can RG3
-Name run the following
-Location cmdlet to create a resource group named
westus
NEW QUESTION 10
HOTSPOT - (Topic 5)
Peering for VNET2 is configured as shown in the following exhibit.
Peering for VNET3 is configured as shown in the following exhibit.
How can packets be routed between the virtual networks? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1. VNET2 and VNET3 Box 2: VNET1
Gateway transit is disabled.
NEW QUESTION 10
- (Topic 5)
You plan to create an Azure virtual machine named VM1 that will be configured as shown in the following exhibit.
The planned disk configurations for VM1 are shown in the following exhibit.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
You need to ensure that VM1 can be created in an Availability Zone.
Which two settings should you modify? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Use managed disks
B. Availability options
C. OS disk type
D. Size
E. Image
Answer: AB
Explanation:
https://docs.microsoft.com/en-us/azure/site-recovery/move-azure-vms-avset-azone https://docs.microsoft.com/en-us/azure/virtual-machines/windows/create-portal-
availability- zone https://docs.microsoft.com/en-us/azure/virtual-machines/manage-availability https://docs.microsoft.com/en-us/azure/availability-zones/az-
overview#availability-zones
NEW QUESTION 11
- (Topic 5)
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the
500 external users.
Solution: You create a Power Shell script that runs the New-MgUser cmdlet for each user. Does this meet the goal?
A. Yes
B. NO
Answer: B
Explanation:
https://learn.microsoft.com/en-us/azure/active-directory/external-identities/tutorial-bulk-invite?source=recommendations
NEW QUESTION 14
HOTSPOT - (Topic 5)
You manage two Azure subscriptions named Subscription 1 and Subscription2. Subscription! has following virtual networks:
The virtual networks contain the following subnets:
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Subscnption2 contains the following virtual network:
- Name: VNETA
• Address space: 10.10.128.0/17
• Region: Canada Central
VNETA contains the following subnets:
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
A. Mastered
B. Not Mastered
Answer: A
NEW QUESTION 19
HOTSPOT - (Topic 5)
You need to configure a new Azure App Service app named WebApp1. The solution must meet the following requirements:
• WebApp1 must be able to verify a custom domain name of app.contoso.com.
• WebApp1 must be able to automatically scale up to eight instances.
• Costs and administrative effort must be minimized.
Which pricing plan should you choose, and which type of record should you use to verify the domain? To answer, select the appropriate options in the answer
area.
NOTE: Each correct answer is worth one point.
Answer:
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
A. Mastered
B. Not Mastered
Answer: A
NEW QUESTION 23
HOTSPOT - (Topic 5)
You have an Azure subscription named Sub1 that contains the Azure resources shown in the following table.
You assign an Azure policy that has the following settings:
? Scope: Sub1
? Exclusions: Sub1/RG1/VNET1
? Policy definition: Append a tag and its value to resources
? Policy enforcement: Enabled
? Tag name: Tag4
? Tag value: value4
You assign tags to the resources as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
? RG1 has the Tag2: IT tag assigned only. No, this is not correct. According to the tables, RG1 has two tags assigned: Tag2: IT and Tag3: value2. The Azure
policy does not affect RG1, because it is excluded from the scope of the policy. Therefore, RG1 does not have the Tag4: value4 tag appended by the policy.
? Storage1 has the Tag1: subscription, Tag2: IT, Tag3: value1, and Tag4: value4 tags assigned. Yes, this is correct. According to the tables, Storage1 has three
tags assigned: Tag1: subscription, Tag2: IT, and Tag3: value1. The Azure policy affects Storage1, because it is within the scope of the policy and not excluded.
Therefore, Storage1 has the Tag4: value4 tag appended by the policy.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
? VNET1 has the Tag2: IT and Tag3: value2 tags assigned only. Yes, this is correct.
According to the tables, VNET1 has two tags assigned: Tag2: IT and Tag3: value2. The Azure policy does not affect VNET1, because it
is excluded from the scope of the policy. Therefore, VNET1 does not have the Tag4: value4 tag appended by the policy.
NEW QUESTION 24
- (Topic 5)
You have an Azure virtual machine named VM1.
You use Azure Backup to create a backup of VM1 named Backup1. After creating Backup1, you perform the following changes to VM1:
? Modify the size of VM1.
? Copy a file named Budget.xls to a folder named Data.
? Reset the password for the built-in administrator account.
? Add a data disk to VM1.
An administrator uses the Replace existing option to restore VM1 from Backup1. You need to ensure that all the changes to VM1 are restored.
Which change should you perform again?
A. Modify the size of VM1.
B. Add a data disk.
C. Reset the password for the built-in administrator account.
D. Copy Budget.xls to Data.
Answer: D
Explanation:
The scenario mentioned in the question, we are using the replace option. So in this case we would lose the existing data written to the disk after the backup was
taken. The file was copied to the disk after the backup was taken. Hence, we would need to copy the file once again.
References:
https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms#replace- existing-disks
NEW QUESTION 29
- (Topic 5)
You have an Azure subscription named Subscription 1 and an on-premises deployment of Microsoft System Center Service Manager Subscription! contains a
virtual machine named VM1.
You need to ensure that an alert is set in Service Manager when the amount of available memory on VM1 is below 10 percent. What should you do first?
A. Create a notification.
B. Create an automation runbook.
C. Deploy the IT Service Management Connector (ITSM).
D. Deploy a function app
Answer: C
Explanation:
IT Service Management Connector (ITSMC) allows you to connect Azure to
a supported IT Service Management (ITSM) product or service. Azure services like Azure Log Analytics and Azure Monitor provide
tools to detect, analyze, and troubleshoot problems with your Azure and non-Azure resources. But the work items related to an issue typically reside in an ITSM
product or service. ITSMC provides a bi-directional connection between Azure and ITSM tools to help you resolve issues faster. ITSMC supports connections with
the following ITSM tools: ServiceNow, System Center Service Manager, Provance, Cherwell.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/alerts/itsmc-overview
NEW QUESTION 32
HOTSPOT - (Topic 5)
You have an Azure subscription named Sub1.
You plan to deploy a multi-tiered application that will contain the tiers shown in the following table.
You need to recommend a networking solution to meet the following requirements:
• Ensure that communication between the web servers and the business logic tier spreads equally across the virtual machines.
• Protect the web servers from SQL injection attacks.
Which Azure resource should you recommend for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection
is worth one point.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: an internal load balancer
Azure Internal Load Balancer (ILB) provides network load balancing between virtual machines that reside inside a cloud service or a virtual network with a regional
scope.
Box 2: an application gateway that uses the WAF tier
Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection of your web applications from common exploits and
vulnerabilities. Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities. Application gateway which uses WAF
tier.
NEW QUESTION 36
HOTSPOT - (Topic 5)
You have an Azure subscription that contains a resource group named RG1.
You plan to use an Azure Resource Manager (ARM) template named template1 to deploy
resources. The solution must meet the following requirements:
• Deploy new resources to RG1.
• Remove all the existing resources from RG1 before deploying the new resources.
How should you complete the command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
https://learn.microsoft.com/en-us/powershell/module/az.resources/new- azresourcegroupdeployment?view=azps-9.3.0#-resourcegroupname Specifies the name of
the resource group to deploy.
https://learn.microsoft.com/en-us/powershell/module/az.resources/new- azresourcegroupdeployment?view=azps-9.3.0#-mode
Specifies the deployment mode. The acceptable values for this parameter are:
-Complete: In complete mode, Resource Manager deletes resources that exist in the resource group but are not specified in the template.
- Incremental: In incremental mode, Resource Manager leaves unchanged resources that
exist in the resource group but are not specified in the template.
NEW QUESTION 40
DRAG DROP - (Topic 5)
You have a windows 11 device named Device1 and an Azure subscription that contains the resources shown in the following table.
Device 1 has Azure PowerShell and Azure Command-Line Interface (CLI) installed. From Device1, you need to establish a Remote Desktop connection to VM1.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
correct order.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
https://learn.microsoft.com/en-us/azure/bastion/connect-native-client-windows
NEW QUESTION 45
- (Topic 4)
You need to add VM1 and VM2 to the backend poo! of LB1. What should you do first?
A. Create a new NSG and associate the NSG to VNET1/Subnet1.
B. Connect VM2 to VNET1/Subnet1.
C. Redeploy VM1 and VM2 to the same availability zone.
D. Redeploy VM1 and VM2 to the same availability set.
Answer: B
NEW QUESTION 50
- (Topic 3)
You need to implement a backup solution for App1 after the application is moved. What should you create first?
A. a recovery plan
B. an Azure Backup Server
C. a backup policy
D. a Recovery Services vault
Answer: D
Explanation:
A Recovery Services vault is a logical container that stores the backup data for each
protected resource, such as Azure VMs. When the backup job for a protected resource runs, it creates a recovery point inside the
Recovery Services vault.
Scenario:
There are three application tiers, each with five virtual machines. Move all the virtual machines for App1 to Azure.
Ensure that all the virtual machines for App1 are protected by backups. References: https://docs.microsoft.com/en-us/azure/backup/quick-backup-vm-portal
NEW QUESTION 51
- (Topic 3)
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
You need to recommend an identify solution that meets the technical requirements. What should you recommend?
A. federated single-on (SSO) and Active Directory Federation Services (AD FS)
B. password hash synchronization and single sign-on (SSO)
C. cloud-only user accounts
D. Pass-through Authentication and single sign-on (SSO)
Answer: A
Explanation:
Active Directory Federation Services is a feature and web service in the Windows Server Operating System that allows sharing of identity information outside a
company’s network.
Scenario: Technical Requirements include:
Prevent user passwords or hashes of passwords from being stored in Azure. References: https://www.sherweb.com/blog/active-directory-federation-services/
NEW QUESTION 56
- (Topic 3)
You need to meet the user requirement for Admin1. What should you do?
A. From the Subscriptions blade, select the subscription, and then modify the Properties.
B. From the Subscriptions blade, select the subscription, and then modify the Access control (IAM) settings.
C. From the Azure Active Directory blade, modify the Properties.
D. From the Azure Active Directory blade, modify the Groups.
Answer: A
Explanation:
Change the Service administrator for an Azure subscription
? Sign in to Account Center as the Account administrator.
? Select a subscription.
? On the right side, select Edit subscription details.
Scenario: Designate a new user named Admin1 as the service administrator of the Azure subscription.
References: https://docs.microsoft.com/en-us/azure/billing/billing-add-change-azure-subscription-administrator
NEW QUESTION 57
HOTSPOT - (Topic 3)
You need to recommend a solution for App1. The solution must meet the technical requirements. What should you include in the recommendation? To answer,
select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
This reference architecture shows how to deploy VMs and a virtual network configured for an N-tier application, using SQL Server on Windows for the data tier.
Description automatically generated with medium confidence
Scenario: You have a public-facing application named App1. App1 is comprised of the following three tiers:
? A SQL database
? A web front end
? A processing middle tier
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only.
? Technical requirements include:
? Move all the virtual machines for App1 to Azure.
? Minimize the number of open ports between the App1 tiers.
References: https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/n- tier/n-tier-sql-server
NEW QUESTION 61
- (Topic 2)
You need to resolve the Active Directory issue. What should you do?
A. From Active Directory Users and Computers, select the user accounts, and then modify the User Principal Name value.
B. Run idfix.exe, and then use the Edit action.
C. From Active Directory Domains and Trusts, modify the list of UPN suffixes.
D. From Azure AD Connect, modify the outbound synchronization rule.
Answer: B
Explanation:
IdFix is used to perform discovery and remediation of identity objects and their attributes in an on-premises Active Directory environment in preparation for
migration to Azure Active Directory. IdFix is intended for the Active Directory administrators responsible for directory
synchronization
with Azure Active Directory.
Scenario: Active Directory Issue
Several users in humongousinsurance.com have UPNs that contain special characters. You suspect that some of the characters are unsupported in Azure AD.
References: https://www.microsoft.com/en-us/download/details.aspx?id=36832
NEW QUESTION 62
- (Topic 2)
Which blade should you instruct the finance department auditors to use?
A. invoices
B. partner information
C. cost analysis
D. External services
Answer: C
Explanation:
Cost analysis: Correct Option
In cost analysis blade of Azure, you can see all the detail for custom time span. You can use this to determine expenditure of last few day, weeks, and month.
Below options are available in Cost analysis blade for filtering information by time span: last 7 days, last 30 days, and custom date range. Choosing the first option
(last 7 days) auditors can view the costs by time span.
Cost analysis shows data for the current month by default. Use the date selector to switch to common date ranges quickly. Examples include the last seven days,
the last month, the current year, or a custom date range. Pay-as-you-go subscriptions also include date ranges based on your billing period, which isn't bound to
the calendar month, like the
current billing period or last invoice. Use the <PREVIOUS andNEXT> links at the top of the menu to jump to the previous or next period, respectively. For example,
<PREVIOUS will switch from the Last 7 days to8-14 days ago o1r 5-21 days ago.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Invoice: Incorrect Option
Invoices can only be used for past billing periods not for current billing period, i.e. if your requirement is to know the last week's cost then that also not filled by
invoices because Azure generates invoice at the end of the month. Even though Invoices have custom timespan, but when you put in dates for a week, the pane
would be empty. Below is from Microsoft document:
Resource Provider: Incorrect Option
When deploying resources, you frequently need to retrieve information about the resource providers and types. For example, if you want to store keys and secrets,
you work with the Microsoft.KeyVault resource provider. This resource provider offers a resource type called vaults for creating the key vault. This is not useful for
reviewing all Azure costs from the past week which is required for audit.
Payment method: Incorrect Option
Payment methods is not useful for reviewing all Azure costs from the past week which is required for audit.
Reference:
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
https://docs.microsoft.com/en-us/azure/cost-management-billing/costs/quick-acm-cost- analysis
https://docs.microsoft.com/en-us/azure/cost-management-billing/manage/download-azure-invoice-daily-usage-date
NEW QUESTION 64
- (Topic 2)
Which blade should you instruct the finance department auditors to use?
A. Partner information
B. Overview
C. Payment methods
D. Invoices
Answer: D
Explanation:
You can opt in and configure additional recipients to receive your Azure invoice in an email. This feature may not be available for certain subscriptions such as
support offers, Enterprise Agreements, or Azure in Open.
? Select your subscription from the Subscriptions page. Opt-in for each subscription you own. Click Invoices then Email my invoice.A screenshot of a computer
Description automatically generated
? Click Opt in and accept the terms.
Scenario: During the testing phase, auditors in the finance department must be able to review all Azure costs from the past week.
References: https://docs.microsoft.com/en-us/azure/billing/billing-download-azure-invoice-daily-usage-date
NEW QUESTION 67
DRAG DROP - (Topic 2)
You need to prepare the environment to ensure that the web administrators can deploy the web apps as quickly as possible.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
* 1. Web administrators will deploy Azure web apps for the marketing department.
* 2. Each web app will be added to a separate resource group.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
* 3. The initial configuration of the web apps will be identical.
* 4. The web administrators have permission to deploy web apps to resource groups.
Steps:
1 --> Create a resource group, and then deploy a web app to the resource group.
2 --> From the Automation script blade of the resource group , click Add to Library.
3 --> From the Templates service, select the template, and then share the template to the web administrators .
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/quickstart-create-templates-use-the-portal
NEW QUESTION 72
HOTSPOT - (Topic 2)
You are evaluating the name resolution for the virtual machines after the planned implementation of the Azure networking infrastructure.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Answer:
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Statement 1: Yes
All client computers in the Paris office will be joined to an Azure AD domain.
A virtual network named Paris-VNet that will contain two subnets named Subnet1 and Subnet2.
Microsoft Windows Server Active Directory domains, can resolve DNS names between virtual networks. Automatic registration of virtual machines from a virtual
network that's linked to a private zone with auto-registration enabled. Forward DNS resolution is supported across virtual networks that are linked to the private
zone.
Statement 2: Yes
A virtual network named ClientResources-VNet that will contain one subnet named ClientSubnet You plan to create a private DNS zone named
humongousinsurance.local and set the registration network to the ClientResources-VNet virtual network.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
As this is a registration network so this will work.
Statement 3: No
Only VMs in the registration network, here the ClientResources-VNet, will be able to register hostname records. Since Subnet4 not connected to Client Resources
Network thus not able to register its hostname with humongoinsurance.local
NEW QUESTION 76
- (Topic 1)
You need to ensure that VM1 can communicate with VM4. The solution must minimize administrative effort.
What should you do?
A. Create a user-defined route from VNET1 to VNET3.
B. Assign VM4 an IP address of 10.0.1.5/24.
C. Establish peering between VNET1 and VNET3.
D. Create an NSG and associate the NSG to VMI and VM4.
Answer: B
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal
NEW QUESTION 77
- (Topic 2)
You need to prepare the environment to meet the authentication requirements.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Allow inbound TCP port 8080 to the domain controllers in the Miami office.
B. Add http://autogon.microsoftazuread-sso.com to the intranet zone of each client computer in the Miami
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
office.
C. Join the client computers in the Miami office to Azure AD.
D. Install the Active Directory Federation Services (AD FS) role on a domain controller in the Miami office.
E. Install Azure AD Connect on a server in the Miami office and enable Pass-through Authentication.
Answer: BE
Explanation:
B: You can gradually roll out Seamless SSO to your users. You start by adding the following Azure AD URL to all or selected users' Intranet zone settings by using
Group Policy in Active Directory: https://autologon.microsoftazuread-sso.com
E: Seamless SSO works with any method of cloud authentication - Password Hash Synchronization or Pass-through Authentication, and can be enabled via Azure
AD Connect.
References:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick- start
NEW QUESTION 82
HOTSPOT - (Topic 1)
You need to meet the connection requirements for the New York office.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: Create a virtual network gateway and a local network gateway.
Azure VPN gateway. The VPN gateway service enables you to connect the VNet to the on- premises network through a VPN appliance. For more information, see
Connect an on- premises network to a Microsoft Azure virtual network. The VPN gateway includes the following elements:
? Virtual network gateway. A resource that provides a virtual VPN appliance for the
VNet. It is responsible for routing traffic from the on-premises network to the VNet.
? Local network gateway. An abstraction of the on-premises VPN appliance.
Network traffic from the cloud application to the on-premises network is routed
through this gateway.
? Connection. The connection has properties that specify the connection type (IPSec) and the key shared with the on-premises VPN appliance to encrypt traffic.
? Gateway subnet. The virtual network gateway is held in its own subnet, which is subject to various requirements, described in the Recommendations section
below.
Box 2: Configure a site-to-site VPN connection
On premises create a site-to-site connection for the virtual network gateway and the local network gateway.
A diagram of a computer network
Description automatically generated
Scenario: Connect the New York office to VNet1 over the Internet by using an encrypted connection.
NEW QUESTION 85
- (Topic 1)
You need to recommend a solution to automate the configuration for the finance department users. The solution must meet the technical requirements.
What should you include in the recommended?
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
A. Azure AP B2C
B. Azure AD Identity Protection
C. an Azure logic app and the Microsoft Identity Management (MIM) client
D. dynamic groups and conditional access policies
Answer: D
Explanation:
Technically, The finance department needs to migrate their users from AD to AAD using AADC based on the finance OU, and need to enforce MFA use. This is
conditional access policy. Employees also often get promotions and/or join other departments and when that occurs, the user's OU attribute will change when the
admin puts the user in a new OU, and the dynamic group conditional access exception (OU= [Department Name Value]) will move the user to the appropriate
dynamic group on next AADC delta sync.
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamic- membership
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-
mfa- userstates
NEW QUESTION 89
- (Topic 1)
You need to meet the technical requirement for VM4. What should you create and configure?
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Scenario: Create a workflow to send an email message when the settings of VM4 are modified.
You can start an automated logic app workflow when specific events happen in Azure resources or third-party resources. These resources can publish those
events to an Azure event grid. In turn, the event grid pushes those events to subscribers that have queues, webhooks, or event hubs as endpoints. As a
subscriber, your logic app can wait for those events from the event grid before running automated workflows to perform tasks - without you writing any code.
References:
https://docs.microsoft.com/en-us/azure/event-grid/monitor-virtual-machine-changes-event- grid-logic-app
NEW QUESTION 91
HOTSPOT - (Topic 5)
You have an Azure virtual machine named VM1 and a Recovery Services vault named Vault1.
You create a backup Policy1 as shown in the exhibit. (Click the Exhibit tab.)
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
You configure the backup of VM1 to use Policy1 on Thursday, January 1.
You need to identify the number of available recovery points for VM1.
How many recovery points are available on January 8 and on January 15? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: 6
4 daily + 1 weekly + monthly
Box 2: 8
4 daily + 2 weekly + monthly + yearly
NEW QUESTION 95
DRAG DROP - (Topic 5)
You need to create container1 and share1.
Which storage accounts should you use for each resource? To answer, select the appropriate options in t he answer area.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers https://docs.microsoft.com/en-us/azure/storage/common/storage-account-
overview
NEW QUESTION 97
- (Topic 5)
You have an Azure subscription named Subscription1 that contains a virtual network named VNet1. VNet1 is in a resource group named RG1.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Subscription1 has a user named User1. User1 has the following roles;
• Reader
• Security Admin
• Security Reader
You need to ensure that User1 can assign the Reader role for VNet1 to other users. What should you do?
Assign User1 the Contributor role for VNet1.
A.
B. Remove User from the Security Reader and Reader roles tot Subscription1.
C. Assign User1 the Network Contributor role for VNet1.
D. Assign User1 the User Access Administrator role for VNet1
Answer: D
Explanation:
https://docs.microsoft.com/en-us/azure/role-based-access-control/rbac-and-directory- admin-
roles#:~:text=The%20User%20Access%20Administrator%20role%20enables%20the%20u
ser%20to%20grant,Azure%20subscriptions%20and%20management%20groups.
NEW QUESTION 99
HOTSPOT - (Topic 5)
You have an Azure subscription that is linked to an Azure AD tenant. The tenant contains two users named User1 and User2. The subscription contains the
resources shown in the following table.
The subscription contains the alert rules shown in the following table.
The users perform the following actions:
• User1 creates a new virtual disk and attaches the disk to VM1.
• User2 creates a new resource tag and assigns the tag to RG1 and VM1.
Which alert rules are triggered by each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
A. Mastered
B. Not Mastered
Answer: A
Explanation:
In this case, you have two alert rules: Alert1 and Alert2. Alert1 has a scope of RG1, which means it applies to all the resources in the resource group named RG1.
Alert1 has a condition of All Administrative operations, which means it triggers when any administrative operation is performed on the resources in RG1. An
administrative operation is any operation that changes the configuration or state of a resource, such as creating, deleting, updating, or restarting.
Alert2 has a scope of VM1, which means it applies only to the virtual machine named VM1. Alert2 also has a condition of All Administrative operations, which
means it triggers when any administrative operation is performed on VM1.
Now, let’s see which alert rules are triggered by each user.
User1 creates a new virtual disk and attaches the disk to VM1. This is an administrative operation on VM1, so it triggers Alert2. However, it does not trigger Alert1,
because the new disk is not part of RG1. Therefore, the correct answer for User1 is C. Only Alert2 is triggered.
User2 creates a new resource tag and assigns the tag to RG1 and VM1. This is also an administrative operation on both RG1 and VM1, so it triggers both Alert1
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
and Alert2. Therefore, the correct answer for User2 is D. Alert1 and Alert2 are triggered.
NEW QUESTION 103
HOTSPOT - (Topic 5)
You have an Azure subscription that contains two storage accounts named contoso101 and contoso102.
The subscription contains the virtual machines shown in the following table.
VNet1 has service endpoints configured as shown in the Service endpoints exhibit. (Click the Service endpoints tab.)
The Microsoft. Storage service endpoint has the service endpoint policy shown in the Microsoft. Storage exhibit. (Click the Microsoft.
Storage tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
A. Mastered
B. Not Mastered
Answer: A
NEW QUESTION 104
HOTSPOT - (Topic 5)
You have an Azure subscription that contains the virtual networks shown in the following table.
The subscription contains the subnets shown in the following table.
The subscription contains the storage accounts shown in the following table.
You create a service endpoint policy named policy1 in the South Central US Azure region to allow connectivity to all the storage accounts in the subscription.
Fow each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
A. Mastered
B. Not Mastered
Answer: A
Explanation:
? Policy1 can be applied to Subnet3. = YES
? Only storage1 and storage2 can be accessed from VNet2. = NO
? Only storage2 can be accessed from VNet3. = Yes
? According to the Microsoft documentation, a service endpoint policy can be applied to any subnet in a virtual network that has a service endpoint enabled for the
same service as the policy. In your scenario, Subnet3 has a service endpoint enabled for Microsoft.Storage, which is the same service as policy1. Therefore,
policy1 can be applied to Subnet3.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
? According to the Microsoft documentation, when you configure network rules for a
storage account, you can limit access to your storage account to requests that come from specified IP addresses, IP ranges, subnets in an Azure virtual network,
or resource instances of some Azure services. In your scenario, storage1 and storage2 have network rules that allow access from Subnet1 and Subnet2
respectively. However, this does not mean that only these subnets can access the storage accounts. Other subnets or resources that have the same IP range or
resource ID as Subnet1 or Subnet2 can also access the storage accounts. For example, Subnet4 in VNet2 has the same IP range as Subnet1 in VNet1, so it can
also access storage1. Similarly, Subnet5 in VNet3 has the same IP range as Subnet2 in VNet1, so it can also access storage2. Therefore, only storage1 and
storage2 cannot be accessed from VNet2.
? According to the Microsoft documentation, when you create a private endpoint for
a storage account, you assign a private IP address from your virtual network to the storage account. This enables secure traffic between your virtual network and
the storage account over a private link. In your scenario, you have created a private endpoint for storage2 in Subnet6 of VNet3. This means that only Subnet6 can
access storage2 over the private link. However, this does not mean that only Subnet6 can access storage2 at all. Other subnets or resources that have the same
IP range or resource ID as Subnet6 can also access storage2 over the public endpoint of the storage account. For example, Subnet7 in VNet4 has the same IP
range as Subnet6 in VNet3, so it can also access storage2 over the public endpoint. Therefore, only storage2 cannot be accessed from VNet3.
NEW QUESTION 107
HOTSPOT - (Topic 5)
You have an Azure App Service plan named ASP1. CPU usage for ASP1 is shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
? The average CPU percentage is calculated 24 times per day. This is because the
exhibit shows the CPU percentage for ASP1 in a 24-hour period, with one data point for each hour. Therefore, the average CPU
percentage is calculated once per hour, or 24 times per day1.
? ASP1 must be scaled out to optimize CPU usage. This is because the exhibit
shows that the CPU percentage for ASP1 is consistently above 80%, which indicates that the app service plan is under high load and needs more instances to
handle the traffic. Scaling out means adding more instances to an app service plan, which can improve the performance and availability of the apps hosted on it2.
Scaling up means changing the pricing tier of an app service plan, which can increase the resources available for each instance, but not necessarily reduce the
CPU usage3.
NEW QUESTION 110
- (Topic 5)
Your on-premises network contains an SMB share named Share1. You have an Azure subscription that contains the following resources: A web app named
webapp1
A virtual network named VNET1
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
You need to ensure that webapp1 can connect to Share1. What should you deploy?
A. an Azure Application Gateway
B. an Azure Active Directory (Azure AD) Application Proxy
C. an Azure Virtual Network Gateway
Answer: C
Explanation:
A Site-to-Site VPN gateway connection can be used to connect your on- premises network to an Azure virtual network over an IPsec/IKE (IKEv1 or IKEv2) VPN
tunnel. This type of connection requires a VPN device, a VPN gateway, located on- premises that has an externally facing public IP address assigned to it.
A: Application Gateway is for http, https and Websocket - Not SMB
B: Application Proxy is also for accessing web applications on-prem - Not SMB. Application Proxy is a feature of Azure AD that enables users to access on-
from a remote client.
premises
Reference: web applications
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal
NEW QUESTION 111
- (Topic 5)
You have an Azure subscription that contains multiple virtual machines in the West US Azure region.
You need to use Traffic Analytics in Azure Network Watcher to monitor virtual machine traffic.
Which two resources should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. a Data Collection Rule (OCR) in Azure Monitor
B. a Log Analytics workspace
C. an Azure Monitor workbook
D. a storage account
E. a Microsoft Sentinel workspace
Answer: BD
Explanation:
To use Traffic Analytics in Azure Network Watcher, you need to create a Log Analytics workspace and a storage account. A Log Analytics workspace is a cloud-
based repository that collects and stores data from various sources, such as NSG flow logs. A storage account is a container that provides a unique namespace to
store and access your data objects in Azure Storage. You need to enable NSG flow logs and configure them to send data to both the Log Analytics workspace and
the storage account. Traffic Analytics analyzes the NSG flow logs and provides insights into traffic flow in your Azure cloud. References:
? Traffic analytics - Azure Network Watcher | Microsoft Learn
? Traffic analytics FAQ - Azure Network Watcher | Microsoft Learn
NEW QUESTION 114
HOTSPOT - (Topic 5)
You have the App Service plan shown in the following exhibit.
The scale-in settings for the App Service plan are configured as shown in the following exhibit.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
The scale out rule is configured with the same duration and cool down tile as the scale in rule.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the
graphic.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 116
- (Topic 5)
You have an Azure virtual machine named VM1. Azure collects events from VM1.
You are creating an alert rule in Azure Monitor to notify an administrator when an error is logged in the System event log of VM1.
You need to specify which resource type to monitor. What should you specify?
A. metric alert
B. Azure Log Analytics workspace
C. virtual machine
D. virtual machine extension
Answer: B
Explanation:
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Azure Monitor can collect data directly from your Azure virtual machines into a Log Analytics workspace for analysis of details and correlations. Installing the Log
Analytics VM extension for Windows and Linux allows Azure Monitor to collect data from your Azure VMs.
Azure Log Analytics workspace is also used for on-premises computers monitored by System Center Operations Manager.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/learn/quick-collect-azurevm
NEW QUESTION 121
HOTSPOT - (Topic 5)
You have an Azure subscription that contains an Azure Availability Set named WEBPROD- AS-USE2 as shown in the following exhibit.
You add 14 virtual machines to WEBPROD-AS-USE2.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: 2
There are 10 update domains. The 14 VMs are shared across the 10 update domains so four update domains will have two VMs and six update domains will have
one VM. Only one update domain is rebooted at a time.
Therefore, a maximum of two VMs will be offline. Box 2: 7
There are 2 fault domains. The 14 VMs are shared across the 2 fault domains, so 7 VMs in each fault domain.
A rack failure will affect one fault domain so 7 VMs will be offline.
NEW QUESTION 123
- (Topic 5)
You have an Azure subscription named Subscription1 that is used be several departments at your company. Subscription1 contains the resources in the following
table:
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Another administrator deploys a virtual machine named VM1 and an Azure Storage account named Storage2 by using a single Azure Resource Manager template.
You need to view the template used for the deployment.
From which blade can you view the template that was used for the deployment?
A. RG1
B. VM1
C. Storage1
D. Container1
Answer: A
Explanation:
* 1. View template from deployment history
Go to the resource group for your new resource group. Notice that the portal shows the result of the last deployment. Select this link.
* 2. You see a history of deployments for the group. In your case, the portal probably lists only one deployment. Select this deployment.
The portal displays a summary of the deployment. The summary includes the status of the deployment and its operations and the values that you provided for
parameters. To see the template that you used for the deployment, select View template.
References: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-export-template
NEW QUESTION 125
- (Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique
solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.
You receive a notification that VM1 will be affected by maintenance. You need to move VM1 to a different host immediately.
Solution: From the Overview blade, you move the virtual machine to a different subscription.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
Moving the virtual machine to a different subscription does not change the host that the virtual machine runs on. It only changes the billing and management of the
resources. To move the virtual machine to a different host, you need to redeploy it or use Azure Site Recovery. Then, References: [Move resources to new
resource group or subscription] [Redeploy Windows VM to new Azure node] [Use Azure Site Recovery to migrate Azure VMs between Azure regions]
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
NEW QUESTION 130
- (Topic 5)
You have an Azure subscription That contains a Recovery Services vault named Vault1. You need to enable multi-user authorization
(MAU) for Vaultl.
Which resource should you create first?
A. a managed identity
B. a resource guard
C. an administrative unit
D. a custom Azure role
Answer: B
Explanation:
https://learn.microsoft.com/en-us/azure/backup/multi-user-authorization?tabs=azure-portal&pivots=vaults-recovery-services-vault#before-you-start
Before you start
Ensure the Resource Guard and the Recovery Services vault are in the same Azure region.
Ensure the Backup admin does not have Contributor permissions on the Resource Guard. You can choose to have the Resource Guard in another subscription of
the same directory or in another directory to ensure maximum isolation.
Ensure that your subscriptions containing the Recovery Services vault as well as the Resource Guard (in different subscriptions or tenants) are registered to use
the providers - Microsoft.RecoveryServices and Microsoft.DataProtection . For more information, see Azure
NEW QUESTION 133
HOTSPOT - (Topic 5)
You have an Azure subscription that contains the resources shown in the following table.
You plan to create a data collection rule named DCRI in Azure Monitor.
Which resources can you set as data sources in DCRI, and which resources can you set as destinations in DCRI? To answer, select
the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Data Sources: VM1 only Destination: Workspace1 Only
NEW QUESTION 135
HOTSPOT - (Topic 5)
You have an Azure subscription that contains an Azure Directory (Azure AD) tenant named contoso.com. The tenant is synced to the on-premises Active Directory
domain. The domain contains the users shown in the following table.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
You enable self-service password reset (SSPR) for all users and configure SSPR to have the following authentication methods:
? Number of methods required to reset: 2
? Methods available to users: Mobile phone, Security questions
? Number of questions required to register: 3
? Number of questions required to reset: 3
You select the following security questions:
? What is your favorite food?
? In what city was your first job?
? What was the name of your first pet?
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
A. Mastered
B. Not Mastered
Answer: A
Explanation:
No, No, Yes
https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept- authentication-security-questions
NEW QUESTION 136
HOTSPOT - (Topic 5)
You have an Azure subscription that contains a storage account named storage1. The storage 1 account contains a container named containet1.
You create a blob lifecycle rule named rule1.
You need to configure rule1 to automatically move blobs that were NOT updated for 45 days Irom container! to the Cool access tier.
How should you complete the rule? To answer, select Ihe appropriate options in the answer area.
NOTE: Each correct answer is worth one point.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Answer:
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
* 1. daysAfterModificationGreaterThan
* 2. Blockblob
https://learn.microsoft.com/en-us/azure/storage/blobs/lifecycle-management-overview#rule- actions
daysAfterModificationGreaterThan
NEW QUESTION 138
- (Topic 5)
You have an Azure Active Directory (Azure AD) tenant named contoso.com.
You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the
500 external users.
Solution: You create a Power Shell script that runs the New-MgUser cmdlet for each user.
Does this meet the goal?
A. Yes
B. NO
Answer: B
Explanation:
The New-MgUser cmdlet is part of the Microsoft Graph PowerShell SDK, which is a module that allows you to interact with the Microsoft Graph API. The Microsoft
Graph API is a service that provides access to data and insights across Microsoft 365, such as users, groups, mail, calendar, contacts, files, and more1.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
The New-MgUser cmdlet can be used to create new users in your Azure AD tenant, but it has some limitations and requirements. For example, you need to have
the Global Administrator or User Administrator role in your tenant, you need to authenticate with the Microsoft Graph API using a certificate or a client secret, and
you need to specify the required parameters for the new user, such as userPrincipalName, accountEnabled, displayName, mailNickname, and passwordProfile2.
However, the New-MgUser cmdlet does not support creating guest user accounts in your Azure AD tenant. Guest user accounts are accounts that belong to
external users from other organizations or domains. Guest user accounts have limited access and permissions in your tenant, and they are typically used for
collaboration or sharing purposes3.
To create guest user accounts in your Azure AD tenant, you need to use a different cmdlet: New-AzureADMSInvitation. This cmdlet is part of the Azure AD
PowerShell module, which is a module that allows you to manage your Azure AD resources and objects. The New- AzureADMSInvitation cmdlet can be used to
create and send an invitation email to an external user, which contains a link to join your Azure AD tenant as a guest user. You can also specify some optional
parameters for the invitation, such as the invited user display name, message info, redirect URL, or send invitation message.
Therefore, to meet the goal of creating guest user accounts for 500 external users from a CSV file, you need to use a PowerShell script that runs the New-
AzureADMSInvitation cmdlet for each user, not the New-MgUser cmdlet.
NEW QUESTION 140
- (Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You manage a virtual network named VNet1 that is hosted in the West US Azure region. VNet1 hosts two virtual machines named VM1 and VM2 that run Windows
Server.
You need to inspect all the network traffic from VM1 to VM2 for a period of three hours. Solution: From Performance Monitor, you create a Data Collector Set
(DCS).
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
Correct answer is packet capture in Azure Network Watcher. https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-packet-capture-overview
NEW QUESTION 142
- (Topic 5)
You have an Azure subscription that contains a storage account named storage. You have the devices shown in the following table.
From which devices can you use AzCopy to copy data to storage1?
A. Device1 and Device2 only
B. Device1, Device2 and Device3
C. Device’ only
Device and Device3 only
D.
Answer: B
Explanation:
https://learn.microsoft.com/en-us/azure/storage/common/storage-use-azcopy- v10#download-azcopy
NEW QUESTION 147
- (Topic 5)
You have an Azure subscription that contains the storage accounts shown in the following table.
You need to identify which storage account can be converted to zone-redundant storage (ZRS) replication by requesting a live migration from Azure support.
What should you identify?
A. Storage1
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
B. Storage2
C. Storage3
D. Storage4
Answer: B
Explanation:
https://learn.microsoft.com/en-us/azure/storage/common/redundancy- migration?tabs=portal
NEW QUESTION 148
HOTSPOT - (Topic 5)
You have an Azure subscription that contains the public load balancers shown in the following table.
You plan to create six virtual machines and to load balance requests to the virtual machines. Each load balancer will load balance three virtual machines.
You need to create the virtual machines for the planned solution.
How should you create the virtual machines? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
A. Mastered
B. Not Mastered
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/load-balancer/skus>
NEW QUESTION 150
- (Topic 5)
You have an Azure subscription that contains a virtual network named VNET1. VNET1 contains the subnets shown in the following table.
Each virtual machine uses a static IP address.
You need to create network security groups (NSGs) to meet following requirements:
? Allow web requests from the internet to VM3, VM4, VM5, and VM6.
? Allow all connections between VM1 and VM2.
? Allow Remote Desktop connections to VM1.
? Prevent all other network traffic to VNET1.
What is the minimum number of NSGs you should create?
A. 1
B. 3
4
C.
D. 12
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Answer: C
Explanation:
Note: A network security group (NSG) contains a list of security rules that allow or deny network traffic to resources connected to Azure Virtual Networks (VNet).
NSGs can be associated to subnets, individual VMs (classic), or individual network interfaces (NIC) attached to VMs (Resource Manager).
Each network security group also contains default security rules.
References:
https://docs.microsoft.com/en-us/azure/virtual-network/security-overview#default-security- rules
NEW QUESTION 152
- (Topic 5)
You have an Azure subscription that has the public IP addresses shown in the following table.
You plan to deploy an instance of Azure Firewall Premium named FW1. Which IP addresses can you use?
A. IP2 Only
B. IP1 and lP2 only
C. IP1, IP2, and IP5 only
D. IP1, IP2, IP4, and IP5 only
Answer: B
Explanation:
https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/public-ip-addresses#at- a-glance
Azure Firewall
- Dynamic IPv4: No
- Static IPv4: Yes
Dynamic IPv6: No
-- Static IPv6: No
https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/configure-public-ip- firewall
Azure Firewall is a cloud-based network security service that protects your Azure Virtual Network resources. Azure Firewall requires at least one public static IP
address to be configured. This IP or set of IPs are used as the external connection point to the firewall. Azure Firewall supports standard SKU public IP addresses.
Basic SKU public IP address and public IP prefixes aren't supported.
NEW QUESTION 154
HOTSPOT - (Topic 5)
You have an Azure subscription. The subscription contains virtual machines that run Windows Server 2016 and are configured as shown in the following table.
You create a public Azure DNS zone named adatum.com and a private Azure DNS zone named conioso.com.
You create a virtual network link for contoso.com as shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
All three VMs are in VNET2. Auto registration is enabled for private Azure DNS zone named contoso.com, which is linked to VNET2. So, VM1, VM2 and VM3 will
auto-register their host records to contoso.com.
None of the VM will auto-register to the public Azure DNS zone named adatum.com. You cannot register private IPs on the internet
(adatum.com)
Box 1: Yes
Auto registration is enabled for private Azure DNS zone named contoso.com.
Box 2: Yes
Auto registration is enabled for private Azure DNS zone named contoso.com.
Box 3: No
None of the VM will auto-register to the public Azure DNS zone named adatum.com
NEW QUESTION 155
- (Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one
correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups.
Another administrator plans to create several network security groups (NSGs) in the subscription
You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks.
Solution: You assign a built-in policy definition to the subscription. Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
No, this does not meet the goal. Assigning a built-in policy definition to the subscription is not enough to ensure that when an NSG is created, it automatically
blocks TCP port 8080 between the virtual networks. This is because there is no built-in policy definition that matches this requirement. The closest built-in policy
definition is “Network security groups should not allow unrestricted inbound traffic on well-known ports”, but this policy only blocks TCP port 80 and 443, not
80801.
To meet the goal, you need to create a custom policy definition that enforces a default security rule for NSGs. A policy definition is a set of rules and actions that
Azure performs when evaluating your resources2. You can use a policy definition to specify the required properties and values for NSGs, such as the direction,
protocol, source, destination, and port of the security rule. You can then assign the policy definition to the subscription scope, so that it applies to all the resource
groups and virtual networks in the subscription.
NEW QUESTION 156
HOTSPOT - (Topic 5)
You have an Azure subscription named Subscription1 that contains the virtual networks in the following table.
Subscripton1 contains the virtual machines in the following table.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
In Subscription1, you create a load balancer that has the following configurations:
? Name: LB1
? SKU: Basic
? Type: Internal
? Subnet: Subnet12
? Virtual network: VNET1
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 160
HOTSPOT - (Topic 5)
You have an Azure Active Directory (Azure AD) tenant that contains three global administrators named Admin1, Admin2, and Admin3.
The tenant is associated to an Azure subscription. Access control for the subscription is configured as shown in the Access control exhibit. (Click the Exhibit tab.)
You sign in to the Azure portal as Admin1 and configure the tenant as shown in the Tenant exhibit. (Click the Exhibit tab.)
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
They are all Global admins so they can all modify user permission. i.e add self as owner etc.
You can be GA in one of the subscription, it doesn't mean that you can create the resources in all subscription. As a Global Administrator in Azure Active Directory
(Azure AD), you might not have access to all subscriptions and management groups in your directory. Azure AD and Azure resources are secured independently
from one another. That is, Azure AD role assignments do not grant access to Azure resources, and Azure role assignments do not grant access to Azure AD.
However, if you are a Global Administrator in Azure AD, you can assign yourself access to all Azure subscriptions and management groups in your directory
NEW QUESTION 165
- (Topic 5)
You have an Azure subscription that contains an Azure virtual machine named VM1. VM1 runs a financial
reporting app named App1 that does not support multiple active instances. At the end of each month, CPU usage for VM1 peaks when App1 runs.
You need to create a scheduled runbook to increase the processor performance of VM1 at the end of each month.
What task should you include in the runbook?
A. Add the Azure Performance Diagnostics agent to VM1.
B. Modify the VM size property of VM1.
C. Add VM1 to a scale set.
D. Increase the vCPU quota for the subscription.
E. Add a Desired State Configuration (DSC) extension to VM1.
Answer: B
Explanation:
To create a scheduled runbook to increase the processor performance of VM1 at the end of each month, you need to modify the VM size property of VM1. This will
allow you to scale up the VM to a larger size that has more CPU cores and memory. You can use Azure Automation to create a PowerShell runbook that changes
the VM size using the Set-AzVM cmdlet. You can then schedule the runbook to run at the end of each month using the Azure portal or Azure PowerShell. For more
information, see How to resize a virtual machine in Azure using Azure Automation1.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
NEW QUESTION 170
- (Topic 5)
You sign up for Azure Active Directory (Azure AD) Premium.
You need to add a user named admin1@contoso.com as an administrator on all the computers that will be joined to the Azure AD domain.
What should you configure in Azure AD?
A. Device settings from the Devices blade.
B. General settings from the Groups blade.
C. User settings from the Users blade.
D. Providers from the MFA Server blade.
Answer: A
Explanation:
https://docs.microsoft.com/en-us/azure/active-directory/devices/assign-local-admin
NEW QUESTION 171
- (Topic 5)
You have a Recovery Service vault that you use to test backups. The test backups contain two protected virtual machines.
You need to delete the Recovery Services vault. What should you do first?
A. From the Recovery Service vault, stop the backup of each backup item.
B. From the Recovery Service vault, delete the backup data.
C. Modify the disaster recovery properties of each virtual machine.
D. Modify the locks of each virtual machine.
Answer: A
Explanation:
You can't delete a Recovery Services vault if it is registered to a server and holds backup data. If you try to delete a vault, but can't, the vault is still configured to
receive backup data.
Remove vault dependencies and delete vault
In the vault dashboard menu, scroll down to the Protected Items section, and click Backup Items. In this menu, you can stop and delete Azure File Servers, SQL
Servers in Azure VM, and Azure virtual machines.
References: https://docs.microsoft.com/en-us/azure/backup/backup-azure-delete-vault
NEW QUESTION 175
- (Topic 5)
You have an Azure virtual machine named VM1 and an Azure key vault named Vault1. On VM1, you plan to configure Azure Disk Encryption to use a key
encryption key (KEK) You need to prepare Vault! for Azure Disk Encryption.
Which two actions should you perform on Vault1? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Create a new key.
B. Select Azure Virtual machines for deployment
C. Configure a key rotation policy.
D. Create a new secret.
E. Select Azure Disk Encryption for volume encryption
Answer: AC
Explanation:
To prepare Vault1 for Azure Disk Encryption, you need to perform the following actions on Vault1:
? Create a new key. A key encryption key (KEK) is an encryption key that is used to
encrypt the encryption secrets before they are stored in the key vault. You can create a new KEK by using the Azure CLI, the Azure PowerShell, or the Azure
portal1. You can also import an existing KEK from another source, such as a hardware security module (HSM)2. The KEK must be a 2048-bit RSA key or a 256-bit
AES key3.
? Select Azure Disk Encryption for volume encryption. This is an advanced access
policy setting that enables Azure Disk Encryption to access the keys and secrets in the key vault. You can select this setting by using the Azure CLI, the Azure
PowerShell, or the Azure portal4. You must also enable access to Microsoft Trusted Services if you have enabled the firewall on the key vault.
NEW QUESTION 176
- (Topic 5)
You deploy Azure virtual machines to three Azure regions.
Each region contains a virtual network. Each virtual network contains multiple subnets peered in a full mesh topology.
Each subnet contains a network security group (NSG) that has defined rules.
A user reports that he cannot use port 33000 to connect from a virtual machine in one region to a virtual machine in another region.
Which two options can you use to diagnose the issue? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
A. Azure Virtual Network Manager
B. IP flow verify
C. Azure Monitor Network Insights
D. Connection troubleshoot
E. elective security rules
Answer: BD
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Explanation:
https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-ip- flow-verify-overview
IP flow verify checks if a packet is allowed or denied to or from a virtual machine. The information consists of direction, protocol, local IP, remote IP, local port, and
a remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned. While any source or destination IP can be
chosen, IP flow verify helps administrators quickly diagnose connectivity issues from or to the internet and from or to the on-premises environment.
NEW QUESTION 181
- (Topic 5)
You have an Azure subscription that contains 20 virtual machines, a network security group (NSG) named NSG1, and two virtual networks named VNET1 and
VNET2 that are peered.
You plan to deploy an Azure Bastion Basic SKU host named Bastion1 to VNET1. You need to configure NSG1 to allow inbound access from the internet to
Bastion1.
Which port should you configure for the inbound security rule?
A. 22
B. 443
C. 3389
D. 8080
Answer: B
Explanation:
Azure Bastion is a service that provides secure and seamless RDP/SSH connectivity to virtual machines directly over TLS from the Azure portal or via native
client. Azure Bastion uses an HTML5 based web client that is automatically streamed to your local device. Your RDP/SSH session is over TLS on port 443. This
enables the traffic to traverse firewalls more securely. To allow inbound access from the internet to Bastion1, you need to configure NSG1 to allow port 443 for the
inbound security rule. References:
? What is Azure Bastion?
? About Azure Bastion configuration settings
NEW QUESTION 182
- (Topic 5)
You have five Azure virtual machines that run Windows Server 2016. The virtual machines are configured as web servers.
You have an Azure load balancer named LB1 that provides load balancing services for the virtual machines.
You need to ensure that visitors are serviced by the same web server for each request. What should you configure?
A. Floating IP (direct server return) to Enabled
B. Idle Time-out (minutes) to 20
C. Protocol to UDP
D. Session persistence to Client IP and Protocol
Answer: D
Explanation:
https://learn.microsoft.com/en-us/azure/load-balancer/distribution-mode-concepts
Session persistence: Client IP and protocol - Traffic from the same client IP and protocol is routed to the same backend instance
NEW QUESTION 186
- (Topic 5)
You develop the following Azure Resource Manager (ARM) template to create a resource group and deploy an Azure Storage account to the resource group.
Which cmdlet should you run to deploy the template?
A. New-AzTenantDeployment
B. New-AzResourceGroupDeploy»ent
C. New-AzResource
D. New-AzOeployment
Answer: B
Explanation:
The New-AzResourceGroupDeployment cmdlet deploys an Azure Resource Manager template to a resource group. You can use this cmdlet to create a new
resource group or update an existing one with the resources defined in the template. The template can be a local file or a URI. Then, References: [New-
AzResourceGroupDeployment]
NEW QUESTION 190
- (Topic 5)
You plan to move a distributed on-premises app named App1 to an Azure subscription. After the planned move, App1 will be hosted on several Azure virtual
machines.
You need to ensure that App1 always runs on at least eight virtual machines during planned Azure maintenance.
What should you create?
one virtual machine scale set that has 10 virtual machines instances
A.
B. one Availability Set that has three fault domains and one update domain
C. one Availability Set that has 10 update domains and one fault domain
D. one virtual machine scale set that has 12 virtual machines instances
Answer: A
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Explanation:
A virtual machine scale set is a group of identical virtual machines that are centrally managed, configured, and updated1. A virtual machine scale set can
automatically increase or decrease the number of virtual machine instances in response to demand or a defined schedule2. A virtual machine scale set also
provides high availability and fault tolerance by distributing the virtual machine instances across multiple fault domains and update domains3.
A fault domain is a logical group of underlying hardware that share a common power source and network switch. A fault domain can fail due to hardware or
software failures, power outages, or network interruptions4. A virtual machine scale set can have up to five fault domains in a region.
An update domain is a logical group of underlying hardware that can undergo maintenance or be rebooted at the same time. An update domain can be affected by
planned events, such as OS updates, application updates, or configuration changes4. A virtual machine scale set can have up to 20 update domains in a region.
By creating a virtual machine scale set that has 10 virtual machine instances, you can ensure that App1 always runs on at least eight virtual machines during
planned Azure maintenance. This is because the default configuration of a virtual machine scale set is to have five fault domains and five update domains. This
means that at any given time, only one fault domain or one update domain can be unavailable due to maintenance or failure. Therefore, at least eight out of 10
virtual machine instances will be available to run App1. An availability set is another option for providing high availability and fault tolerance for your virtual
machines. An availability set is a logical grouping of two or more virtual machines that are deployed across multiple fault domains and update domains. However,
an availability set does not provide automatic scaling of resources or load balancing of traffic. You need to manually create and manage the number of virtual
machine instances in an availability set.
Therefore, a virtual machine scale set is a better option than an availability set for your scenario. To create a virtual machine scale set, you can follow these steps:
? Sign in to the Azure portal.
? Select Create a resource > Compute > Virtual machine scale set.
? On the Basics tab, enter a name for your scale set, select your subscription and resource group, select Windows Server 2019 as the image type, and enter a
username and password for the administrator account.
? On the Instance details tab, select the region where you want to deploy your scale set, select the size of the virtual machine instances, and enter 10 as the initial
instance count.
? On the Scaling tab, configure the scaling policy for your scale set based on metrics or schedule.
? On the Load balancing tab, configure the load balancer for your scale set to
distribute traffic across the instances.
? On the Management tab, configure the diagnostics settings, automatic OS upgrades, extensions, and backup options for your scale set.
? On the Advanced tab, configure the availability zone, proximity placement group, accelerated networking, host group, and custom script extension options for
your scale set.
? On the Tags tab, optionally add tags to your scale set resources.
? On the Review + create tab, review your settings and select Create.
NEW QUESTION 193
HOTSPOT - (Topic 5)
You have an Azure subscription.
You deploy a virtual machine scale set that is configure as shown in the following exhibit.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Use the drop-down menus to select the answer choice that answers each questions based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box-1 : 3
Initial starts 2 VM's 15 minutes have passed. at 10 minutes 1 VM was added we now have 3 VM's. Cool down is 5 Minutes before another 10 minute wait cycle
starts so the answer is 3.
Box-2: 1
Initial 5 VM's 60 minutes Pass. 1 VM removed every 15 minute cycle. 10 minutes wait timer plus 5 minute cool down equals 15 minutes cycle. Four 15 minute
cycles pass equaling 60 minutes removing 4 VM's. We have 1 VM left.
Default Scale in and Out Default Durations are 10 minutes with 5 minute cool down. The default scale set settings in Azure are:
-Minimum number of instances 1
-Maximum number of instances 10
-Scale out CPU threshold (%) 75
-Duration in minutes10
-Number of instances to increase by 1
-Scale in CPU threshold (%) 25
-Number of instances to decrease by -1
https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale- sets-autoscale-portal#create-a-rule-to-automatically-scale-in
NEW QUESTION 196
HOTSPOT - (Topic 5)
You have an Azure subscription.
You create the following file named Deploy.json.
You connect to the subscription and run the following commands.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
NEW QUESTION 197
- (Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups.
Another administrator plans to create several network security groups (NSGs) in the subscription.
You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks.
Solution: You configure a custom policy definition, and then you assign the policy to the subscription.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
A custom policy definition is a way to define your own rules for using Azure resources. You can use custom policies to enforce compliance, security, cost
management, or organization-specific requirements. However, a custom policy definition alone is not enough to meet the goal of automatically blocking TCP port
8080 between the virtual networks. You also need to create a policy assignment that applies the custom policy definition to the scope of the subscription. A policy
assignment is the link between a policy definition and an Azure resource. Without a policy assignment, the custom policy definition will not take effect. Therefore,
the solution does not meet the goal.
References:
? Tutorial: Create a custom policy definition
? Create and manage policies to enforce compliance
NEW QUESTION 200
- (Topic 5)
You have an Azure App Service app named App1 that contains two running instances. You have an autoscale rule configured as shown in the following exhibit.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
For the Instance limits scale condition setting, you set Maximum to 5. During a 30-minute period, App1 uses 80 percent of the available memory.
What is the maximum number of instances for App1 during the 30-minute period?
A. Mastered
B. Not Mastered
Answer: A
NEW QUESTION 203
- (Topic 5)
You plan to automate the deployment of a virtual machine scale set that uses the Windows Server 2016 Datacenter image.
You need to ensure that when the scale set virtual machines are provisioned, they have web server components installed.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE Each correct selection is worth one point.
A. Modify the extensionProfile section of the Azure Resource Manager template.
B. Create a new virtual machine scale set in the Azure portal.
C. Create an Azure policy.
D. Create an automation account.
E. Upload a configuration script.
Answer: AB
Explanation:
To automate the deployment of a virtual machine scale set that uses the Windows Server 2016 Datacenter image and has web server components installed, you
need to perform the following actions:
? Modify the extensionProfile section of the Azure Resource Manager template. This section defines the extensions that are applied to the scale set virtual
machines after they are provisioned. You can use the Custom Script Extension to run PowerShell scripts that install and configure the web server components. For
more information, see Deploy an application to an Azure Virtual Machine Scale Set1.
commands to install and configure the web server
? Upload a configuration script. This is the PowerShell script that contains the
components. You can upload the script to a storage account or a GitHub repository, and then reference it in the extensionProfile section of the template. For an
example of a configuration script, see Tutorial: Install applications in Virtual Machine Scale Sets with Azure PowerShell2.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
NEW QUESTION 204
- (Topic 5)
You have an app named App1 that runs on an Azure web app named webapp1.
The developers at your company upload an update of App1 to a Git repository named GUI. Webapp1 has the deployment slots shown in the following table.
You need to ensure that the App1 update is tested before the update is made available to users.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Swap the slots
B. Deploy the App1 update to webapp1-prod, and then test the update
Stop webapp1-prod
C.
D. Deploy the App1 update to webapp1-test, and then test the update
E. Stop webapp1-test
Answer: AD
Explanation:
https://docs.microsoft.com/en-us/azure/app-service/deploy-staging-slots
NEW QUESTION 209
- (Topic 5)
You have a Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant named contoso.com.
You plan to grant three users named User1, User2, and User3 access to a temporary Microsoft SharePoint document library named Library1.
You need to create groups for the users. The solution must ensure that the groups are deleted automatically after 180 days.
Which two groups should you create? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
A. a Security group that uses the Assigned membership type
B. an Office 365 group that uses the Assigned membership type
C. an Office 365 group that uses the Dynamic User membership type
D. a Security group that uses the Dynamic User membership type
E. a Security group that uses the Dynamic Device membership type
Answer: BC
Explanation:
You can set expiration policy only for Office 365 groups in Azure Active Directory (Azure AD).
Note: With the increase in usage of Office 365 Groups, administrators and users need a way to clean up unused groups. Expiration policies can help remove
inactive groups from the system and make things cleaner.
When a group expires, all of its associated services (the mailbox, Planner, SharePoint site, etc.) are also deleted.
You can set up a rule for dynamic membership on security groups or Office 365 groups.
NEW QUESTION 211
- (Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups.
Another administrator plans to create several network security groups (NSGs) in the subscription.
You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks.
Solution: From the Resource providers blade, you unregister the Microsoft.ClassicNetwork provider.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
No, this does not meet the goal. Unregistering the Microsoft.ClassicNetwork provider does not affect the creation of network security groups (NSGs) in the
subscription. The Microsoft.ClassicNetwork provider is used for managing classic deployment model resources, such as virtual networks, network interfaces, and
public IP addresses1. However, NSGs are only supported for Resource Manager deployment model resources2. Therefore, unregistering the
Microsoft.ClassicNetwork provider will not automatically block TCP port 8080 between the virtual networks.
To meet the goal, you need to create a custom policy definition that enforces a default security rule for NSGs. A policy definition is a set of rules and actions that
Azure performs when evaluating your resources3. You can use a policy definition to specify the required properties and values for NSGs, such as the direction,
protocol, source, destination, and port of the security rule. You can then assign the policy definition to the subscription scope, so that it applies to all the resource
groups and virtual networks in the subscription.
NEW QUESTION 215
HOTSPOT - (Topic 5)
You have an Azure subscription that contains the storage accounts shown in the following table.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
You need to identify which storage accounts support lifecycle management, and which storage accounts support moving data to the Archive access tier. What
should you identify for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct answer is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
1) storage1, storage2, storage3
"Lifecycle management policies are supported for block blobs and append blobs in general- purpose v2, premium block blob, and Blob Storage accounts."
https://learn.microsoft.com/en-us/azure/storage/blobs/lifecycle-management-overview
2) storage2
"The archive tier isn't supported for ZRS, GZRS, or RA-GZRS accounts." https://learn.microsoft.com/en-us/azure/storage/blobs/access-tiers-overview#archive-
access-tier
NEW QUESTION 217
HOTSPOT - (Topic 5)
You have the Azure resources shown on the following exhibit.
You plan to track resource usage and prevent the deletion of resources.
To which resources can you apply locks and tags? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
A. Mastered
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
B. Not Mastered
Answer: A
Explanation:
Box 1: Sub1, RG1, and VM1 only
You can lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying critical resources.
Box 2: Sub1, RG1, and VM1 only
You apply tags to your Azure resources, resource groups, and subscriptions.
NEW QUESTION 221
- (Topic 5)
You are configuring Azure AD authentication for an Azure Storage account named storage1.
You need to ensure that the members of a group named Group1 can upload files by using the Azure portal. The solution must use the principle of least privilege.
Which two roles should you assign to Group1? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Storage Blob Data Contributor
A.
B. Reader
C. Storage Blob Data Reader
D. Contributor
E. Storage Account Contributor
Answer: AB
Explanation:
To ensure that the members of Group1 can upload files by using the Azure portal, they need to have both data access and management access to the storage
account. Data access refers to the ability to read, write, or delete blob data in the storage account. Management access refers to the ability to view the storage
account resources in the Azure portal, but not modify them. The Azure role-based access control (Azure RBAC) system provides built-in roles that encompass
common sets of permissions for data access and management access. The Storage Blob Data Contributor role grants read, write, and delete access to blob data
in the storage account. The Reader role grants view access to the storage account resources in the Azure portal. Therefore, by assigning both roles to Group1, the
members of the group can upload files by using the Azure portal. This solution also follows the principle of least privilege, as the group members are only granted
the minimum permissions required to perform the task. References:
? Assign an Azure role for access to blob data
? Data access from the Azure portal
NEW QUESTION 224
HOTSPOT - (Topic 5)
You have an Azure subscription named Subscription1. Subscription1 contains a virtual machine named VM1.
You install and configure a web server and a DNS server on VM1.
VM1 has the effective network security rules shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
A number between 100 and 4096. Rules are processed in priority order, with lower numbers processed before higher numbers, because lower numbers have
higher priority. Once traffic matches a rule, processing stops. As a result, any rules that exist with lower priorities (higher numbers) that have the same attributes as
rules with higher priorities are not processed. https://docs.microsoft.com/en-us/azure/virtual-network/network-security- groups-overview
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
NEW QUESTION 227
- (Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups.
Another administrator plans to create several network security groups (NSGs) in the subscription.
You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks.
Solution: You create a resource lock, and then you assign the lock to the subscription.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
No, this does not meet the goal. Creating a resource lock and assigning it to the subscription is not enough to ensure that when an NSG is created, it automatically
blocks TCP port 8080 between the virtual networks. This is because a resource lock does not affect the configuration or functionality of a resource, but only
prevents it from being deleted or modified1. A resource lock does not apply any security rules to an NSG or a virtual network.
To meet the goal, you need to create a custom policy definition that enforces a default security rule for NSGs. A policy definition is a set of rules and actions that
Azure performs when evaluating your resources2. You can use a policy definition to specify the required properties and values for NSGs, such as the direction,
protocol, source, destination, and port of the security rule. You can then assign the policy definition to the subscription scope, so that it applies to all the resource
groups and virtual networks in the subscription.
NEW QUESTION 231
- (Topic 5)
Your on-premises network contains a VPN gateway.
You have an Azure subscription that contains the resources shown in the following table.
You need to ensure that all the traffic from VM1 to storage! travels across the Microsoft backbone network.
What should you configure?
A. private endpoints
Azure Firewall
B.
C. Azure AD Application Proxy
D. Azure Peering Service
Answer: B
Explanation:
Per the MS documentation, private endpoint seems to be the proper choice: "You can use private endpoints for your Azure Storage accounts to allow clients on a
virtual network (VNet) to securely access data over a Private Link. The private endpoint uses a separate IP address from the VNet address space for each storage
account service. Network traffic between the clients on the VNet and the storage account traverses over the VNet and a private link on the Microsoft backbone
network, eliminating exposure from the public internet." Link: https://learn.microsoft.com/en-us/azure/storage/common/storage-private- endpoints
NEW QUESTION 235
HOTSPOT - (Topic 5)
You have an Azure subscription that contains the virtual networks shown in the following table.
You have the virtual machines shown in the following table.
You have the virtual network interfaces shown in the following table.
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
Server1 is a DNS server that contains the resources shown in the following table.
You have an Azure private DNS zone named contoso.com that has a virtual network link to VNET2 and the records shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 236
......
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Welcome to download the Newest 2passeasy AZ-104 dumps
https://www.2passeasy.com/dumps/AZ-104/ (232 New Questions)
THANKS FOR TRYING THE DEMO OF OUR PRODUCT
Visit Our Site to Purchase the Full Set of Actual AZ-104 Exam Questions With Answers.
We Also Provide Practice Exam Software That Simulates Real Exam Environment And Has Many Self-Assessment Features. Order the
AZ-104 Product From:
https://www.2passeasy.com/dumps/AZ-104/
Money Back Guarantee
AZ-104 Practice Exam Features:
* AZ-104 Questions and Answers Updated Frequently
* AZ-104 Practice Questions Verified by Expert Senior Certified Staff
* AZ-104 Most Realistic Questions that Guarantee you a Pass on Your FirstTry
* AZ-104 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year
Passing Certification Exams Made Easy visit - https://www.2PassEasy.com
Powered by TCPDF (www.tcpdf.org)
You might also like
- 8.AZ 104.prepaway - Premium.5130.exam.103q 2No ratings yet8.AZ 104.prepaway - Premium.5130.exam.103q 2102 pages
- AZ-104 Exam - Free Actual Q&As, Page 3-101-150No ratings yetAZ-104 Exam - Free Actual Q&As, Page 3-101-15043 pages
- Microsoft AZ-104 Premium PDF - 2025 Dumps, Practice Questions & Study Guide (ExamHeist Verified For AZ-104 & Azure Exams)No ratings yetMicrosoft AZ-104 Premium PDF - 2025 Dumps, Practice Questions & Study Guide (ExamHeist Verified For AZ-104 & Azure Exams)70 pages
- AZ-104 Exam - Free Actual Q&as, Page 2 - ExamTopics-An0% (1)AZ-104 Exam - Free Actual Q&as, Page 2 - ExamTopics-An8 pages
- Microsoft - Az 400.LAB .VMay 2024.by .Ancher.126qNo ratings yetMicrosoft - Az 400.LAB .VMay 2024.by .Ancher.126q116 pages
- AZ-104 Exam Dumps PDF & VCE - SurePassExamNo ratings yetAZ-104 Exam Dumps PDF & VCE - SurePassExam21 pages
- Microsoft - Az 104.VDec 2023.by .Jack .206q100% (1)Microsoft - Az 104.VDec 2023.by .Jack .206q212 pages
- Exam AZ 104 Microsoft Azure Administrator Mohamed Zohdy 1723551223No ratings yetExam AZ 104 Microsoft Azure Administrator Mohamed Zohdy 1723551223105 pages
- Examtopics Microsoft's AZ-104 Topic7-16 Use-Case100% (1)Examtopics Microsoft's AZ-104 Topic7-16 Use-Case33 pages
- AZ-104 Exam - Free Actual Q&As, Page 3 ExamTopicsNo ratings yetAZ-104 Exam - Free Actual Q&As, Page 3 ExamTopics7 pages
- Aindumps 2023-Jul-05 by Gabriel 107q VceNo ratings yetAindumps 2023-Jul-05 by Gabriel 107q Vce24 pages
- AZ-104 Exam - Free Actual Q&As, Page 2 - ExamTopicsNo ratings yetAZ-104 Exam - Free Actual Q&As, Page 2 - ExamTopics8 pages
- Aindump2go Az-140 PDF Exam 2023-May-19 by Fitzgerald 83q VceNo ratings yetAindump2go Az-140 PDF Exam 2023-May-19 by Fitzgerald 83q Vce30 pages
- AZ-104 Exam - Free Actual Q&As, Page 3 - ExamTopicsNo ratings yetAZ-104 Exam - Free Actual Q&As, Page 3 - ExamTopics6 pages
- Microsoft - Ucertify.az 104.exam - Prep.2024 Jan 06.by - Peter.209q.vceNo ratings yetMicrosoft - Ucertify.az 104.exam - Prep.2024 Jan 06.by - Peter.209q.vce13 pages
- AZ-104 Exam - Free Actual Q&as, Page 1 - 150 - ExamTopics100% (1)AZ-104 Exam - Free Actual Q&as, Page 1 - 150 - ExamTopics382 pages
- AZ 204 Exam Free Actual Q As Page 41 ExamTopics PDFNo ratings yetAZ 204 Exam Free Actual Q As Page 41 ExamTopics PDF20 pages
- Lesson 14-Making The Most of Community Resources and FieldtripsNo ratings yetLesson 14-Making The Most of Community Resources and Fieldtrips18 pages
- The National Interest of The Republic of Moldova in The Contextof European Integration Process' DeepeningNo ratings yetThe National Interest of The Republic of Moldova in The Contextof European Integration Process' Deepening10 pages
- Tofflon-Jiangsu Huihe Processing 241120 125301No ratings yetTofflon-Jiangsu Huihe Processing 241120 1253011 page
- The Teaching and The School Curriculum: College of Education 2020-2021No ratings yetThe Teaching and The School Curriculum: College of Education 2020-20216 pages
- (Ebook PDF) Behavioral Corporate Finance 2nd Edition Download100% (1)(Ebook PDF) Behavioral Corporate Finance 2nd Edition Download53 pages
- Grand Test - II (18.09.2022) Question Paper-1No ratings yetGrand Test - II (18.09.2022) Question Paper-121 pages
- Retribution: Justices A.S. Anand and N.P. Singh, Supreme Court of India, in The Case of Dhananjoy ChatterjeeNo ratings yetRetribution: Justices A.S. Anand and N.P. Singh, Supreme Court of India, in The Case of Dhananjoy Chatterjee4 pages
- Chapter 4 Stategovernment: STATE LEGISLATURE (Art. 168 - 212)No ratings yetChapter 4 Stategovernment: STATE LEGISLATURE (Art. 168 - 212)4 pages