Podcast
Questions and Answers
Match the actions needed to report costs for each department in order:
Match the actions needed to report costs for each department in order:
Assign a tag to each resource. = This action helps organize resources with metadata. From the Cost analysis blade, filter the view by tag. = This helps you analyze the costs associated with tagged resources. Download the usage report. = This action gives you a comprehensive overview in a downloadable format.
Where can you find the cost breakdown and burn rate in Azure?
Where can you find the cost breakdown and burn rate in Azure?
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result.
Establish if the solution satis¬es the requirements.Your company has an azure subscription that includes a storage account, a resource group, a blob container and a ¬le share.A colleague named Jon Ross makes use of a solitary Azure Resource Manager (ARM) template to deploy a virtual machine and an additional Azure Storage account. You want to review the ARM template that was used by Jon Ross.
Solution: You access the Virtual Machine blade.
Does the solution meet the goal?
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satis¬es the requirements.Your company has an azure subscription that includes a storage account, a resource group, a blob container and a ¬le share.A colleague named Jon Ross makes use of a solitary Azure Resource Manager (ARM) template to deploy a virtual machine and an additional Azure Storage account. You want to review the ARM template that was used by Jon Ross. Solution: You access the Virtual Machine blade. Does the solution meet the goal?
False
Does the solution meet the goal by accessing the Container blade?
Does the solution meet the goal by accessing the Container blade?
Signup and view all the answers
Which action should you take to resize a virtual machine in an availability set?
Which action should you take to resize a virtual machine in an availability set?
Signup and view all the answers
What should you do first to attach a data disk to another Azure VM?
What should you do first to attach a data disk to another Azure VM?
Signup and view all the answers
What should you do to associate each VM with its respective department?
What should you do to associate each VM with its respective department?
Signup and view all the answers
Accessing the multi-factor authentication page to alter user settings meets the goal to require Multi-Factor Authentication for the Global Administrators group.
Accessing the multi-factor authentication page to alter user settings meets the goal to require Multi-Factor Authentication for the Global Administrators group.
Signup and view all the answers
What value should you configure for the platformFaultDomainCount property to ensure maximum availability?
What value should you configure for the platformFaultDomainCount property to ensure maximum availability?
Signup and view all the answers
What value should you configure for the platformUpdateDomainCount property to ensure maximum VM accessibility?
What value should you configure for the platformUpdateDomainCount property to ensure maximum VM accessibility?
Signup and view all the answers
Altering the session control of the Azure AD conditional access policy meets the goal to require Multi-Factor Authentication and an Azure AD-joined device.
Altering the session control of the Azure AD conditional access policy meets the goal to require Multi-Factor Authentication and an Azure AD-joined device.
Signup and view all the answers
Altering the grant control of the Azure AD conditional access policy meets the goal to require Multi-Factor Authentication and an Azure AD-joined device.
Altering the grant control of the Azure AD conditional access policy meets the goal to require Multi-Factor Authentication and an Azure AD-joined device.
Signup and view all the answers
What is one method to achieve password protection in an ARM template?
What is one method to achieve password protection in an ARM template?
Signup and view all the answers
Which cmdlet should you use to create the virtual machine with a particular trusted root certification authority?
Which cmdlet should you use to create the virtual machine with a particular trusted root certification authority?
Signup and view all the answers
Which PowerShell cmdlet uploads a generalized VHD to Azure?
Which PowerShell cmdlet uploads a generalized VHD to Azure?
Signup and view all the answers
You can access VirtualNetworkB from a Windows 10 workstation after configuring virtual network peering?
You can access VirtualNetworkB from a Windows 10 workstation after configuring virtual network peering?
Signup and view all the answers
Reconfiguring the existing usage model via the Azure portal allows new employees to use Multi-Factor Authentication.
Reconfiguring the existing usage model via the Azure portal allows new employees to use Multi-Factor Authentication.
Signup and view all the answers
Reconfiguring the existing usage model via the Azure CLI allows new employees to use Multi-Factor Authentication.
Reconfiguring the existing usage model via the Azure CLI allows new employees to use Multi-Factor Authentication.
Signup and view all the answers
Does choosing the Allow gateway transit setting on VirtualNetworkA solve the connectivity issue?
Does choosing the Allow gateway transit setting on VirtualNetworkA solve the connectivity issue?
Signup and view all the answers
Creating a new Multi-Factor Authentication provider with backup from the existing provider data meets the goal.
Creating a new Multi-Factor Authentication provider with backup from the existing provider data meets the goal.
Signup and view all the answers
Match the following roles with their descriptions:
Match the following roles with their descriptions:
Signup and view all the answers
Using Active Directory Sites and Services to force replication of the Global Catalog on a domain controller meets the goal。
Using Active Directory Sites and Services to force replication of the Global Catalog on a domain controller meets the goal。
Signup and view all the answers
Restarting the NetLogon service on a domain controller can replicate user information to Azure AD immediately.
Restarting the NetLogon service on a domain controller can replicate user information to Azure AD immediately.
Signup and view all the answers
Which Azure storage redundancy option should you recommend for geo-clustered site resiliency?
Which Azure storage redundancy option should you recommend for geo-clustered site resiliency?
Signup and view all the answers
What should you do to ensure that 10 users can use all the Azure AD Premium features?
What should you do to ensure that 10 users can use all the Azure AD Premium features?
Signup and view all the answers
What should you do first to ensure an alert is set in Service Manager when the amount of available memory on VM1 is below 10 percent?
What should you do first to ensure an alert is set in Service Manager when the amount of available memory on VM1 is below 10 percent?
Signup and view all the answers
What should you configure in Azure AD to add a user named [email protected] as an administrator on all computers joined to the Azure AD domain?
What should you configure in Azure AD to add a user named [email protected] as an administrator on all computers joined to the Azure AD domain?
Signup and view all the answers
Running the Start-ADSyncSyncCycle -PolicyType Initial
cmdlet meets the goal of replicating user information immediately to Azure AD.
Running the Start-ADSyncSyncCycle -PolicyType Initial
cmdlet meets the goal of replicating user information immediately to Azure AD.
Signup and view all the answers
The DevTest Labs User role allows the Developers group to create Azure logic apps in the Dev resource group.
The DevTest Labs User role allows the Developers group to create Azure logic apps in the Dev resource group.
Signup and view all the answers
Assigning the Contributor role to the Developers group enables them to create Azure logic apps in the Dev resource group.
Assigning the Contributor role to the Developers group enables them to create Azure logic apps in the Dev resource group.
Signup and view all the answers
What type of DNS record should you create to ensure Azure can verify the domain name contoso.com?
What type of DNS record should you create to ensure Azure can verify the domain name contoso.com?
Signup and view all the answers
From Azure AD in the Azure portal, you use the Bulk create user operation to create a guest user account in contoso.com for each of the 500 external users. Does this meet the goal?
From Azure AD in the Azure portal, you use the Bulk create user operation to create a guest user account in contoso.com for each of the 500 external users. Does this meet the goal?
Signup and view all the answers
You create a PowerShell script that runs the New-AzureADMSInvitation cmdlet for each external user. Does this meet the goal?
You create a PowerShell script that runs the New-AzureADMSInvitation cmdlet for each external user. Does this meet the goal?
Signup and view all the answers
What should you do first to ensure access to AKS1 can be granted to the contoso.com users?
What should you do first to ensure access to AKS1 can be granted to the contoso.com users?
Signup and view all the answers
Which two groups should you create for granting access to a temporary Microsoft SharePoint document library named Library1 that will be deleted automatically after 180 days?
Which two groups should you create for granting access to a temporary Microsoft SharePoint document library named Library1 that will be deleted automatically after 180 days?
Signup and view all the answers
Which resources can you move to a new Azure subscription named AZPT2?
Which resources can you move to a new Azure subscription named AZPT2?
Signup and view all the answers
What should you do to ensure Admin1 can deploy a Marketplace resource successfully?
What should you do to ensure Admin1 can deploy a Marketplace resource successfully?
Signup and view all the answers
What should you do from the user account properties to assign the User administrator administrative role to AdminUser1?
What should you do from the user account properties to assign the User administrator administrative role to AdminUser1?
Signup and view all the answers
Does the solution of choosing the Allow gateway transit setting on VirtualNetworkB meet the goal of establishing a connection to VirtualNetworkB from the Windows 10 workstation?
Does the solution of choosing the Allow gateway transit setting on VirtualNetworkB meet the goal of establishing a connection to VirtualNetworkB from the Windows 10 workstation?
Signup and view all the answers
Does the solution of downloading and re-installing the VPN client configuration package on the Windows 10 workstation meet the goal?
Does the solution of downloading and re-installing the VPN client configuration package on the Windows 10 workstation meet the goal?
Signup and view all the answers
What should you configure to provide remote workers access to the VMs on VNet1?
What should you configure to provide remote workers access to the VMs on VNet1?
Signup and view all the answers
Does setting an HTTP health probe on port 1433 meet the goal of configuring an Azure internal load balancer as a listener for an availability group?
Does setting an HTTP health probe on port 1433 meet the goal of configuring an Azure internal load balancer as a listener for an availability group?
Signup and view all the answers
Does setting Session persistence to Client IP meet the goal of configuring an Azure internal load balancer as a listener for the availability group?
Does setting Session persistence to Client IP meet the goal of configuring an Azure internal load balancer as a listener for the availability group?
Signup and view all the answers
Does enabling Floating IP meet the goal of configuring an Azure internal load balancer as a listener for the availability group?
Does enabling Floating IP meet the goal of configuring an Azure internal load balancer as a listener for the availability group?
Signup and view all the answers
What should you do to configure two Azure VMs with static internal IP addresses?
What should you do to configure two Azure VMs with static internal IP addresses?
Signup and view all the answers
What is the least amount of network interfaces needed to deploy five VMs, each with both a public and private IP address?
What is the least amount of network interfaces needed to deploy five VMs, each with both a public and private IP address?
Signup and view all the answers
What is the least amount of security groups needed for five virtual machines if inbound and outbound security rules must be identical?
What is the least amount of security groups needed for five virtual machines if inbound and outbound security rules must be identical?
Signup and view all the answers
Which of the following statements is true regarding recovering files from a VM infected with ransomware?
Which of the following statements is true regarding recovering files from a VM infected with ransomware?
Signup and view all the answers
Which actions should you take when restoring a VM infected with data encrypting ransomware?
Which actions should you take when restoring a VM infected with data encrypting ransomware?
Signup and view all the answers
Which tool should you use to find the cause of performance issues on Azure infrastructure?
Which tool should you use to find the cause of performance issues on Azure infrastructure?
Signup and view all the answers
Which of the following VMs can you back up using Azure Backup? Choose all that apply.
Which of the following VMs can you back up using Azure Backup? Choose all that apply.
Signup and view all the answers
Does creating a PowerShell script that runs the New-AzureADUser cmdlet for each external user meet the goal of creating guest user accounts in Azure AD?
Does creating a PowerShell script that runs the New-AzureADUser cmdlet for each external user meet the goal of creating guest user accounts in Azure AD?
Signup and view all the answers
Study Notes
Azure Resource Management and Administration
- Tags can be used to associate Virtual Machines (VMs) with their respective departments within a resource group in Azure.
- Multi-Factor Authentication (MFA) is required for Global Administrators accessing Azure AD from untrusted locations; this can be enforced through Conditional Access policies.
Conditional Access Policies
- Modifying user settings on the MFA page does not meet the requirements for implementing Conditional Access.
- Altering the grant control in the Azure portal can satisfy the policy requirements for Global Administrators under certain configurations.
VM Deployment
- To deploy an Ubuntu Server VM with a custom trusted root CA, the
Create-AzVM
cmdlet is utilized along with a Cloud-Init file. - Using
az vm create
with the--custom-data
parameter allows for specialized VM setups.
Multi-Factor Authentication Usage Models
- Existing usage models in MFA cannot be changed directly; creating a new provider and reactivating previously existing servers is essential after acquiring new companies or staff.
- The "Per Enabled User" setting is required to accommodate new employees under the MFA requirement.
Azure AD Sync and User Replication
- The
Start-ADSyncSyncCycle -PolicyType Initial
cmdlet triggers immediate replication of user accounts from on-premises Active Directory to Azure AD. - Forced replication using Active Directory Sites and Services does not directly achieve Azure AD user synchronization.
Azure Storage Redundancy Options
- Read-only geo-redundant storage (RA-GRS) enables data access from secondary locations, offering increased availability for critical data during regional outages.
- Various storage options include locally redundant, zone-redundant, geo-redundant, and read-only geo-redundant, with RA-GRS being suitable for specific geographic resilience requirements.
Reviewing Azure Resource Manager (ARM) Templates
- To review an ARM template used for deployment, the Resource Group blade must be accessed rather than the Virtual Machine blade to gain insights about the deployment history.
- Successfully navigating through deployment history allows for reviewing the template utilized during the deployment process.### Azure Resource Manager (ARM) Templates and Deployment
- Deployment reviews require access to the Resource Group blade, not the Container blade, to examine used ARM templates.
- ARM templates standardize deployment and management of Azure resources, enhancing efficiency.
Virtual Machines and Availability Sets
- When resizing VMs in an availability set, all VMs must be stopped to avoid allocation failure due to dependency on the same physical hardware cluster.
- Each availability set can support various fault and update domains which help maintain VM accessibility during maintenance or failure.
Fault and Update Domains
- The platformFaultDomainCount property should be set to the maximum value permitted by the region to ensure high availability during fabric failures.
- The platformUpdateDomainCount property can be configured up to 20 update domains to manage concurrent reboots during updates.
Virtual Machine Data Disk Operations
- Detaching a data disk from one VM to attach it to another requires the original VM to be stopped first to minimize downtime.
Custom Scripts and Automation
- Implementing PowerShell scripts via SetupComplete.cmd can automate configuration tasks post-VM deployment.
- Custom Script Extensions can also be used to run scripts that modify VMs after deployment.
Uploading and Using VM Images
- The Add-AzVhd cmdlet is used to upload generalized on-premises VM images to Azure storage for future deployments.
Azure Virtual Network Peering
- Configuring VPN gateway transit settings is essential for ensuring connectivity across peered virtual networks; adjustments may be needed for point-to-site connections.
VPN Client Configuration
- To troubleshoot connectivity issues from a Windows workstation to an Azure virtual network, downloading and reinstalling the VPN client configuration package can resolve access problems.
Remote Access for Users
- Ensuring remote workers have access to VMs in an Azure virtual network requires correct configurations and potentially further adjustments to firewall settings and network gateways.### Remote Worker Access
- Configure a Point-to-Site (P2S) VPN gateway for secure connections to a virtual network from individual client computers.
- P2S VPN is suitable for remote workers needing secure access to organizational resources.
SQL Server Always On Availability Group
- Configuring an Azure internal load balancer as a listener requires correct health probes and session settings.
- An HTTP health probe on port 1433 does not meet the goal.
- Setting session persistence to Client IP also fails to satisfy the requirements.
- Enabling Floating IP is a correct solution for configuring the listener.
Static Internal IPs for VMs
- To set static internal IPs for Azure virtual machines, use the Set-AzureStaticVNetIP PowerShell cmdlet.
- Ensure that you remove any existing static IP before assigning a new one.
Network Interfaces and Security Groups Needed
- Deploying five virtual machines (VMs) with public and private IPs requires only one network interface.
- The same configuration can be achieved with just one security group for identical inbound and outbound rules across VMs.
Azure Backup and Ransomware Recovery
- Files from a VM infected with ransomware can only be recovered to the infected VM.
- For full VM restore operations, restoring to any VM within the subscription is allowed after addressing the ransomware infection.
Performance Monitoring in Azure
- Azure Monitor is the recommended tool for analyzing metrics related to performance issues within Azure infrastructure.
- Metrics stored in Azure Monitor are optimized for real-time alerting and performance detection.
Backup Compatibility with Azure Recovery Services
- Azure Backup can back up VMs running Windows 10, Windows Server 2012 or higher, and Debian 8.2+.
- Both shut down and actively running VMs can be backed up.
Azure Active Directory External User Management
- Creating guest user accounts for external users requires the New-AzureADMSInvitation cmdlet instead of New-AzureADUser cmdlet.
- Bulk creation through the Azure portal does not satisfy the requirement for inviting external users.
Role Assignment for Load Balancer Management
- Assign the Network Contributor role to administrators for managing internal and public load balancers while adhering to the principle of least privilege.
Granting Access to Azure Kubernetes Service
- To enable user access to an Azure Kubernetes Service (AKS) cluster, initial modifications must be made to the organizational relationships settings in Azure Active Directory.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
Prepare for the AZ-104 exam with this set of expert-verified practice questions. This quiz covers various topics including virtual machines and departmental management. Test your knowledge and boost your confidence before the exam!