Microsoft AZ-104: Azure Administrator 2st

Questions and Answers

What is an essential tool required to deploy a YAML file to an Azure Kubernetes Service (AKS) cluster?

• Azure Resource Manager
• kubectl client (correct)
• Azure CLI
• Azure PowerShell

Which command is used to deploy a YAML file to an AKS cluster after installing kubectl?

• kubectl create .yaml <filename>
• kubectl apply -f <filename> (correct)
• az aks kubectl apply <filename>
• az aks deploy --file <filename>

What is the role of Azure CLI in managing Kubernetes resources in AKS?

• It compiles YAML files into executable applications.
• It is used to manage Azure infrastructure rather than Kubernetes resources. (correct)
• It directly deploys YAML configurations.
• It provides a graphical interface for deploying resources.

Why is running 'az aks' alone insufficient for deploying a YAML file to AKS?

It does not support the application of configuration files. (C)

What concept is crucial to understand when operating AKS clusters?

The Kubernetes API server for resource management (D)

If you wanted to check the status of your deployments in AKS, which command would you use?

kubectl get deployments (D)

What is the main purpose of running 'azcopy' in this scenario?

To copy files to and from Azure storage (C)

What type of configuration file is commonly used to define a deployment in Kubernetes?

YAML file format (C)

Which command is more appropriate for deploying a YAML file to an Azure Kubernetes Service (AKS) cluster?

kubectl apply -f .yaml (D)

When creating an alert for error events on VM1, which component is NOT necessary?

Azure Logic Apps (D)

Which of the following statements about YAML files in the context of Kubernetes is true?

They specify the desired state of resources. (D)

How many error events must be logged within an hour to trigger the alert?

More than two (D)

What operating system is running on VM1?

Windows Server 2016 (A)

Which Azure service helps in managing alerts and monitoring resources?

Azure Monitor (B)

What is the expected result of running 'azcopy' instead of the correct deployment command?

An error message will occur indicating failure (A)

Which of these is a correct method to monitor the System event log for alerts?

Using Azure Log Analytics workspaces (B)

What criteria need to be used in the blob inventory rule to ensure only specific blobs are processed?

Blobs whose names start with the word 'finance' (A)

What file format is specified for the output of the blob inventory rule?

CSV file (B)

What is the primary purpose of a shared access signature (SAS) in Azure?

To provide time-limited access to resources (C)

Which component of Azure Storage accounts allows for the organization of blobs?

Containers (B)

In Azure, what action can you perform when generating a shared access signature?

Set permissions for users and groups (C)

What is the first step required before creating a blob inventory rule in Azure?

Create an ARM template (C)

What is a prerequisite for sharing access to an Azure Storage account?

A shared access signature must be configured (D)

Which scenario would require using a blob inventory rule in Azure Storage?

To track and report on specific blobs periodically (B)

Which virtual machines can be backed up to Vault1?

VM1, VM3, VMA, and VMC only (A)

To enable the cluster autoscaler in Azure Kubernetes Service (AKS), which command can be utilized?

az aks update (B)

What is the minimum number of instances that can be defined for autoscaling in the provided example?

3 instances (C)

In the context of backups, which condition must be met for using Vault1?

The vault must be in the same region as the virtual machines. (B)

Which command is used to automatically scale pods in an AKS deployment based on CPU utilization?

kubectl autoscale (A)

What is the maximum number of pods allowed in the AKS autoscale configuration example provided?

10 instances (A)

Which cmdlet is NOT relevant for configuring the cluster autoscaler in AKS?

Set-AzVm cmdlet (C)

When scaling pods, what percentage of CPU utilization triggers the autoscaler in the given example?

50% (C)

What happens if Rule2 is removed from the security configuration?

Internet users can reach the DNS server. (D)

Which port is blocked by Rule2 in the security configuration?

Port 53, the DNS port. (A)

What is the primary purpose of using Availability Zones in Azure deployments?

To protect against datacenter-level failures. (B)

How are rules processed in the security configuration?

Rules are processed based on their priority order. (A)

What is the result when traffic matches a rule in the Azure security model?

Processing stops and no further rules are evaluated. (B)

In an Azure Resource Manager template, where should you modify the location to successfully deploy a virtual machine to West US?

You should modify the location in the resources section to 'westus'.

What must you do first to create a staging slot for an Azure App Service plan if the option is initially unavailable?

You must scale up the App Service plan.

What role does the 'variables' section serve in an Azure Resource Manager template?

The 'variables' section allows for defining frequently used values that can be referenced throughout the template.

When deploying a resource using an Azure template, what is the importance of specifying the correct 'location'?

Specifying the correct location ensures that the resource is deployed in the desired Azure region for optimal performance and compliance.

What is the effect of modifying the location in the variables section of a template instead of the resources section?

Changing the location in the variables section does not affect the resource deployment unless explicitly referenced there.

What is a likely consequence of attempting to use 'azcopy' for deploying a YAML file to an AKS cluster?

'azcopy' does not support Kubernetes deployments, so the expected outcome will be a failure in deploying the configuration.

In deploying a YAML file, what is the role of the Azure Kubernetes Service (AKS)?

AKS provides a managed Kubernetes environment for deploying and managing containerized applications using configuration files like YAML.

What specific Azure service component would you utilize to monitor event logs on a Windows Server VM?

You would use Azure Monitor and specifically create a Log Analytics workspace to collect and analyze event logs.

How does the deployment of a YAML configuration file differ when done through Azure CLI versus other methods?

Deploying through Azure CLI typically involves using specific commands like kubectl, which directly interfaces with the AKS cluster to apply configurations.

Why might an organization choose to set up alerts based on error events logged within the System event log?

Setting up alerts for logged error events helps in proactively detecting issues that could affect system stability and performance.

What command is incorrectly assumed to fulfill the deployment of a YAML file to an AKS cluster?

The command 'azcopy' is incorrectly assumed, as it is not designed for managing Kubernetes resources.

What monitoring capabilities does Azure Monitor provide for Azure Virtual Machines such as VM1?

Azure Monitor enables tracking of performance metrics, event logs, and health status, which allows for comprehensive monitoring of VMs.

What piece of information must you specify when deploying VM2 from Template1?

The administrator username.

How many update domains and fault domains are used to manage the deployments in the given scenario?

There are 10 update domains and 2 fault domains.

In what scenario would you need to increase the processor performance of VM1?

When CPU usage peaks at the end of each month during the app's operation.

Which Azure component can be utilized to manage VM1's performance at specific times?

Scheduled runbook.

What will be the maximum number of virtual machines that can be offline simultaneously during an update?

A maximum of 2 VMs can be offline at a time.

Match the Azure subscription features with their corresponding descriptions:

Pay-as-you-go = Billing based on actual usage Budget alerts = Notifications when spending exceeds set thresholds Credit alerts = Warnings at 90% and 100% of your credit balance Action groups = Groups that receive notifications on specific events

Match the Azure virtual machine settings with their effects:

VM1 consumes 20 Euro/day = Projected to reach 50% budget in 25 days VM2 not included in alerts = Will not trigger budget notifications Monthly email notification = Sent upon reaching a budget threshold Consumption not stopped = VMs continue to run despite budget alerts

Match the terms related to Azure costs with their definitions:

Resource Group = A collection of related resources in Azure Consumption = Total usage of resources resulting in charges Budget = A financial plan for resource spending Alert = A notification based on defined conditions

Match the Azure monitoring components with their responsibilities:

Email notifications = Inform users about budget threshold breaches Credit balance alerts = Automated alerts based on spending capacity Cost alerts = Notifications reflecting changes in consumption Action group members = Users who receive alerts on resource changes

Match the terms related to Azure budgeting with their functions:

Thresholds = Specific levels that trigger alerts Notification = An alert sent to users regarding budget status Exceeding budget = Condition that activates alerts Alerting actions = Responses taken when thresholds are breached

Match the Azure services with their purposes:

Azure budget = Helps manage spending limits Resource Group RG1 = Contains VM1 and relevant resources Action group = Manages notifications for alerts VM consumption = Calculates daily resource expenses

Match the response actions in Azure to their corresponding events:

Sending email notifications = Triggered when a budget threshold is reached Cost analysis = Occurs when reviewing resource expenditures Resource halt = Not applicable in the case of budget alerts Credit balance monitoring = Automated oversight of spending limits

Match the Azure subscription types with their characteristics:

Pay-as-you-go = Flexible billing based on usage Prepaid = Fixed cost based on upfront payment Enterprise Agreement = Long-term commitment with discounts Trial subscription = Limited resources for evaluation

Match the Azure components with their primary purpose:

Azure Storage Account = Stores data and enables shared access signatures (SAS) Azure Monitor = Tracks resource health and performance Azure Log Analytics Workspace = Centralizes logs for analysis Microsoft Monitoring Agent = Collects telemetry data from VMs

Match the Azure networking concepts with their characteristics:

VNet = Provides a private network within Azure Subnet = Divides a VNet into smaller segments Network Security Group = Filters network traffic to resources VPN Gateway = Connects on-premises networks to Azure

Match the Azure VM operations with their descriptions:

Creating a VM = Provisioning a new virtual machine in Azure Deleting a VM = Removing a VM while retaining its disks Recreating a VM = Creating a VM in a different network Attaching a disk = Connecting an existing disk to a VM

Match the Azure services with their functionalities:

Azure Kubernetes Service = Manages containerized applications Azure Resource Manager = Deploys and manages Azure resources Azure Blob Storage = Stores large volumes of unstructured data Azure Functions = Runs serverless code in response to events

Match the types of Azure alerts with their use cases:

Metric alerts = Triggered based on threshold values of metrics Log alerts = Triggered based on specific queries against logs Activity log alerts = Notifies about changes to Azure resources Application insights alerts = Monitors application performance and availability

Match the Azure compliance statuses with their descriptions:

Compliant = Node meets all defined policies Non-compliant = Node fails to meet one or more policies Pending = Node status is currently being evaluated Unknown = Node status cannot be determined

Match the types of Azure backups with their purposes:

Disk backup = Protects virtual machine disks File backup = Secures specific files and folders Snapshot backup = Captures state of VM at a point in time Application backup = Ensures data consistency for applications

Match the Azure monitoring tools with their functions:

Azure Monitor = Overall resource monitoring Application Insights = Performance monitoring for applications Log Analytics = Analysis of logs and telemetry data Network Watcher = Monitoring of network resources and traffic

Match the Azure services with their primary functions:

Azure Key Vault = Securely store and access sensitive information like passwords Azure Storage account = Store and manage large amounts of unstructured data Recovery Services vault = Backup data and manage disaster recovery Azure Active Directory = Manage user identities and access permissions

Match the Azure components with their usage scenario:

App Service plans = Host web applications and services Virtual Machine Scale Sets = Deploy and manage identical VMs at scale Azure Kubernetes Service (AKS) = Manage containerized applications using orchestration Azure Resource Manager (ARM) templates = Define the infrastructure and configuration for your Azure solutions

Match the Azure features with their descriptions:

Access policies = Control access to Azure resources based on user roles Backup policies = Set criteria for data backup and retention Staging slots = Deploy and test applications in parallel to production Automation accounts = Manage automation tasks across Azure resources

Match the Azure deployment actions with their purposes:

Scaling = Adjust the number of VM instances based on demand Monitoring = Track performance and resource usage over time Querying = Interact with databases to retrieve or manipulate data Alerting = Send notifications based on predefined conditions or thresholds

Match the Azure security concepts with their definitions:

Availability Zones = Provide high availability by distributing resources across physical locations Network Security Groups = Define rules for inbound and outbound traffic to resources Role-Based Access Control (RBAC) = Manage access to resources based on user roles Encryption at Rest = Secure data stored in Azure services by encrypting it when not in use

Match the Azure management tools with their functions:

Azure CLI = Command-line interface for managing Azure resources Azure Portal = Web-based interface for managing Azure services Azure PowerShell = Automate management tasks with PowerShell cmdlets Azure Resource Manager = Template-based service for resource deployment and management

Match the Azure storage services with their specific use cases:

Blob Storage = Store and serve unstructured data like text and binary data File Storage = Manage shared access to files over the SMB protocol Queue Storage = Store messages for communication between services Table Storage = Store structured NoSQL data with key/value pairs

Match the Azure deployment models with their characteristics:

Public Cloud = Services delivered over the internet to multiple customers Private Cloud = Dedicated resources for a single organization Hybrid Cloud = Combines on-premises, private cloud, and public cloud services Multi-Cloud = Utilizes multiple cloud service providers for different services

Match the Azure services with their respective purposes:

Azure HDInsight = Big data processing and analytics Azure Analysis Services = Data modeling and analytics Linux Diagnostic Extension (LAD) 3.0 = Monitoring Linux VM metrics Azure Virtual Machine Scale Sets = Managing scale-out for VMs

Match the Azure networking components with their functions:

Network Security Group = Controls inbound and outbound traffic DNS server = Resolves domain names to IP addresses Load Balancer = Distributes network traffic across multiple servers VPN Gateway = Facilitates secure connectivity to Azure

Match the following Azure virtual machine configurations with their functionalities:

Standard_D2_v2 = General purpose VM B-series = Burstable VM for low traffic NV-series = GPU optimized VM for graphics-intensive applications A-series = Entry-level VM for dev/test purposes

Match the following Azure resource management concepts with their descriptions:

Resource Group = A container for related resources in Azure Azure CLI = Command-line tool for managing Azure resources ARM Template = JSON file that defines the resources to deploy Subscription = A payment plan for Azure resources

Match the Azure monitoring tools with their use cases:

Azure Monitor = Collects and analyzes telemetry data Azure Log Analytics = Queries and analyzes log data Azure Application Insights = Monitors application performance Azure Security Center = Gives security recommendations for resources

Match the following Azure services with their primary functions:

Azure Kubernetes Service (AKS) = Container orchestration service Azure Blob Storage = Object storage solution for unstructured data Azure Virtual Machine = On-demand scalable computing resources Azure Functions = Serverless compute service for event-driven tasks

Match the Azure roles with their responsibilities:

Owner = Has full access to all resources Contributor = Can create and manage resources but cannot assign roles Reader = Can view resources but cannot make changes User Access Administrator = Can manage user access to resources

Match the following concepts related to autoscaling in Azure Kubernetes Service:

Cluster Autoscaler = Automatically adjusts the size of the cluster Horizontal Pod Autoscaler = Scales the number of pods based on CPU utilization Vertical Pod Autoscaler = Adjusts the resource allocations of pods Pod Distribution = Ensures pods are evenly spread across nodes

Match the following Azure storage concepts with their characteristics:

Blob Storage = Stores unstructured data such as documents and media File Storage = Managed file shares accessible via SMB protocol Queue Storage = Used for message storage between application components Table Storage = Stores structured NoSQL data that can be queried

Match the Azure storage types with their characteristics:

Blob Storage = Optimized for unstructured data File Storage = Managed file shares for cloud or on-premises Queue Storage = Messaging store for reliable messaging Table Storage = NoSQL key-value store for semi-structured data

Match the Azure resource deployment models with their features:

ARM Templates = Infrastructure as code Resource Manager = Deploy resources as a group Classic Deployment = Individual resource management Bicep = Simplified syntax for ARM templates

Match the following Azure monitoring tools with their purposes:

Azure Monitor = Collects and analyzes telemetry data Azure Log Analytics = Provides advanced log query capabilities Azure Application Insights = Monitors application performance and usage Azure Security Center = Provides unified security management and threat protection

Match the Azure API Management features with their functions:

Rate limiting = Controls how often clients can call APIs Caching = Improves performance by storing API responses Transformation = Modifies requests and responses on the fly Monitoring = Tracks API usage and performance

Match the following Azure network components with their functions:

Virtual Network = Provides isolated network space in Azure Network Security Group = Controls inbound and outbound traffic to resources Load Balancer = Distributes traffic across multiple servers VPN Gateway = Facilitates secure connections between on-premises and Azure

Match the following Azure service tiers with their characteristics:

Free Tier = Limited access to resources with no cost Basic Tier = Entry-level resources with lower performance Standard Tier = Medium resources with balanced performance Premium Tier = High-performance resources with advanced features

Match the following Azure compliance standards with their descriptions:

ISO 27001 = Information security management standard GDPR = Regulation for data protection and privacy in the EU HIPAA = Regulates the handling of health information PCI DSS = Standards for secure payment card transactions

To install kubectl on a machine with Azure CLI, the command used is az aks install-cli.

True (A)

The first action in managing Azure Automation State Configuration is to compile a configuration into a node configuration.

False (B)

Checking the compliance status of a node requires the node to send a report back to the Automation DSC Pull Server.

True (A)

To ensure ongoing consistency of virtual machine configurations, you need to import the configuration into the Azure Automation account after uploading it.

True (A)

Downloading the DSC configuration as a MOF document is part of the final step in the setup for Azure Automation State Configuration.

False (B)

The final step in managing Azure Automation State Configuration is to check the node's compliance status.

True (A)

Assigning the node configuration occurs before compiling a configuration into a node configuration.

False (B)

One must use PowerShell to execute the az aks install-cli command.

False (B)

VMs cannot be moved from one virtual network to another after they have been created in Azure.

True (A)

To connect VM1 to VNET2, you simply need to add a second network interface to VM1.

False (B)

Virtual Machine Scale Sets use Azure Desired State Configuration (DSC) to configure the VMs as they come online.

True (A)

A new virtual machine scale set can be created directly in the Azure portal without any additional configurations.

False (B)

It is possible to change the subnet of a VM after it has been created.

True (A)

Modifying the extensionProfile section of an Azure Resource Manager template is unnecessary if web server components are to be installed automatically.

False (B)

A virtual network in Azure is mandatory for creating any virtual machine.

True (A)

An automation account is required to deploy a virtual machine scale set with specific configurations.

False (B)

Deleting VM1 and recreating it is an unnecessary step to change its virtual network.

False (B)

Creating an Azure policy is a necessary step to ensure compliance when deploying virtual machine scale sets.

False (B)

After recreating a VM, you can directly connect it to multiple virtual networks.

False (B)

Network interfaces can only be added during the initial creation of a virtual machine in Azure.

False (B)

When deploying to Azure Kubernetes Service (AKS), a YAML file is generally used to define the configuration of deployment.

True (A)

The Azure CLI can be utilized to deploy a configuration script for an existing AKS cluster.

True (A)

VM1 must be recreated in RG2 in order to connect to VNET2.

True (A)

Elastic scaling in virtual machine scale sets means that the VMs can only scale in but not out.

False (B)

One alert per minute will generate one email every minute.

True (A)

Rate limiting allows for unlimited SMS notifications regardless of frequency.

False (B)

In the alert configuration, no more than 12 SMS messages can be sent within an hour.

True (A)

You can send 100 emails in an hour without rate limiting applied.

True (A)

A rate limit of one voice call every 10 minutes applies under the alert configuration.

False (B)

Rate limiting only applies to SMS notifications in Azure alert configurations.

False (B)

If an alert triggers every minute, up to 60 alerts can be generated in an hour.

True (A)

There are no restrictions on sending other actions outside of SMS, voice, and email in an alert configuration.

True (A)

The Linux Diagnostic Extension (LAD) 3.0 is suitable for monitoring metrics and logs of a Linux virtual machine in Azure.

True (A)

Azure Analysis Services is the correct tool to use for monitoring the performance of a Linux virtual machine.

False (B)

The effect of network security rules on a virtual machine can be determined by examining the effective rules associated with that VM.

True (A)

The AzurePerformanceDiagnostics extension is used to manage system diagnostics for Linux servers.

False (B)

Monitoring VM1's performance requires no additional setup after the Linux Diagnostic Extension is installed.

False (B)

The Azure subscription named Subscription1 contains both a DNS server and a web server on VM1.

True (A)

All components of Azure require the same approach for managing alerts and monitoring resources.

False (B)

Using the Linux Diagnostic Extension does not require any agents to be installed on the Linux virtual machine.

False (B)

Study Notes

Azure Storage and Blob Inventory

• Azure Storage account can contain multiple containers, which store various types of data, such as image files.
• An ARM template allows for the automation of creating resources, such as blob inventory rules.
• Blob inventory rules can be configured to store specific data types based on naming conventions (e.g., only blobs starting with "finance") and can output data in formats like CSV.

Shared Access Signatures (SAS)

• Shared Access Signatures (SAS) allow defined permissions for accessing specific resources within a storage account.
• SAS can be generated for storage accounts and shared to allow temporary access without compromising the storage account's security.

Azure Kubernetes Service (AKS) Deployment

• Azure CLI is used to manage Azure resources, including Azure Kubernetes Service (AKS).
• To deploy configuration files (YAML), the kubectl command is appropriate; running az aks does not accomplish this.
• AKS provides capability for application deployment; multiple solutions can exist for deploying configurations.

Azure Virtual Machine Monitoring and Alerts

• Alerts can be set to monitor specific events in Azure Virtual Machines, such as logging error events in the System event log.
• Backup policies for virtual machines require the Recovery Services vault to be in the same region as the virtual machines.

AKS Cluster Configuration

• Autoscaling can be configured using the kubectl command to adjust the number of pods based on CPU utilization.
• The az aks command can also be used for enabling and configuring cluster autoscaler for existing clusters.

High Availability Solutions

• Deploying virtual machines across multiple Availability Zones ensures redundancy and availability in case a single datacenter fails.
• Utilizing Availability Sets is beneficial for maintaining service continuity during hardware failures, but it does not protect against datacenter outages as effectively as Availability Zones do.

Azure Kubernetes Service and Virtual Machines

• Azure Kubernetes Service (AKS) clusters can be deployed to manage containerized applications.
• Commands like azcopy are not suitable for deploying YAML files in AKS. Correct approach involves using kubectl apply -f <filename>.yaml.

Alerting in Azure

• Azure allows the creation of alerts when specific conditions are met, such as logging events in the System event log.
• If more than two errors are recorded within an hour, an alert can be triggered.

Virtual Machine Scale Sets Deployment

• Azure Virtual Machine Scale Sets (VMSS) enable deployment and management of multiple VMs that can scale based on demand.
• Desired State Configuration (DSC) is utilized to ensure VMs have required configurations upon provisioning.
• Actions needed for installing web server components include uploading configuration scripts and modifying the extensionProfile in the ARM template.

Resource Manager Templates

• ARM templates define the infrastructure and configuration for Azure solutions.
• Location of deployment can be specified in the resources section, overriding defined variables.
• To change deployment location from "westeurope" to "westus," modify the location in the resources section.

App Service Plans

• Staging slots are not available for all App Service plans; scaling up the App Service plan may be necessary to access this feature.

Availability and Fault Domains

• Update Domains and Fault Domains help manage availability and VM resilience.
• In a scenario with 14 VMs across 10 update domains, at most two VMs will be offline during updates.
• With 2 fault domains, a rack failure could lead to 7 VMs offline.

Accessing Applications in AKS

• To provide internet access to applications in an AKS cluster, a public IP address must be associated with the cluster.
• For DNS records, a public IP address (e.g., 131.107.2.1) is required for internet users to access AKS-hosted applications.

Configuring Templates for Virtual Machines

• When deploying a VM from a saved template, certain configurations can be set, including:
  • Resource Group name and location
  • Administrator username
• Virtual machine configurations like OS size may not be adjustable at deployment from a template.

Scheduled Tasks for Performance Management

• Scheduled runbooks can be created to manage VM settings based on usage patterns, such as increasing the processor performance of a VM during peak usage times at month-end.

Azure Configuration and Monitoring

• Creating an Azure storage account with shared access signatures (SASs) does not meet the goal for monitoring VM activity.
• Instead, set up an Azure Log Analytics workspace and configure data settings to enable effective monitoring.
• Install the Microsoft Monitoring Agent on the virtual machine (VM1) for data collection.
• Alerts in Azure Monitor should target the Log Analytics workspace rather than a storage account.

Virtual Machine Network Migration

• VM1, residing in RG1 and connected to VNet1, cannot be directly moved to VNet2.
• To transition the custom application to VNet2, delete VM1 while retaining its disk, then recreate VM1 in VNet2 and attach Disk1.
• This method minimizes administrative effort while ensuring the application is migrated.

Secure Password Storage in Azure

• Use Azure Key Vault to store administrative passwords securely instead of placing them in plain text in Azure Resource Manager templates.
• Access policies for the Key Vault must be configured to allow appropriate access to the stored credentials.

Monitoring Resource Creation Dates

• Viewing the creation date and time of resources in a resource group cannot be done via the Subscriptions blade.
• Correct method to access resource creation details does not involve selecting resource providers, thus does not meet the goal.

Budget Alerts and Resource Management

• Budget alerts for any resource group do not affect resource operations; they only trigger notifications.
• For RG1, VM1 remains operational despite budget threshold alerts being reached, ensuring continuous resource availability.
• Budget alerts are designed to provide notifications without stopping resource consumption.

Monitoring Linux Virtual Machines

• For monitoring metrics and logs of a Linux VM (VM1), the Linux Diagnostic Extension (LAD) 3.0 is the appropriate tool.
• Installing LAD ensures the collection of diagnostics and performance data from the Linux server, enabling effective monitoring.

Network Security for Web and DNS Server

• Effective network security rules applied to VM1 determine its connectivity and security posture.
• Understanding the effective network rules is crucial for maintaining security while running services like web and DNS servers on Azure.

Virtual Machine Scale Sets and Configuration

• Virtual Machine Scale Sets (VMSS) allow for the deployment and management of numerous VMs that can automatically scale based on load.
• Using the Azure Desired State Configuration (DSC) extension, VMs can be configured to install software, such as web server components, during provisioning.
• To ensure VMs in a scale set have necessary components, upload a configuration script and modify the extensionProfile section of the Azure Resource Manager template.

Azure Kubernetes Service (AKS)

• The command to install the kubectl client on a computer running Azure CLI is az aks install-cli.
• This command allows for local management of AKS clusters using kubectl for automation and deployment of Kubernetes applications.

Azure Automation State Configuration Workflow

• To manage and maintain virtual machine configurations through Azure Automation State Configuration, follow a specific sequence:
  • Upload a configuration to Azure Automation State Configuration, importing into the Automation account.
  • Compile the configuration into a node configuration, generating a Management Object Format (MOF) document.
  • Assign the node configuration to the respective virtual machines.
• Compliance status is checked regularly, and nodes report back to the pull server for status updates.

Azure Virtual Network Connection

• Moving a VM to a different Resource Group and adding a new network interface does not allow switching between Virtual Networks (VNets).
• To connect a VM (VM1) to a new VNet (VNET2), the VM must be deleted and recreated with the appropriate network interface.

Azure Alert Rule Configuration

• When configuring alert rules, note the following:
  • An alert triggered every minute results in one notification per minute for email.
  • SMS notifications are limited to one every five minutes, totaling a maximum of 12 in an hour, ensuring manageable alert volumes.

Monitoring Linux Virtual Machines

• To monitor metrics and logs on a Linux VM, the Linux Diagnostic Extension (LAD) 3.0 should be utilized.
• LAD downloads the Diagnostic Extension Agent on Linux servers for effective monitoring.

Network Security Rules and VM Configuration

• Understanding effective network security rules on VMs is crucial for managing access to services like web servers and DNS servers.
• Specific configurations may impact how the VM communicates with networks and external entities.

Description

Prepare for the Microsoft AZ-104 exam with this quiz designed to test your knowledge and skills as an Azure Administrator. It includes a variety of question types that cover essential topics and concepts to ensure you are ready for the certification. Challenge yourself and see how well you know the material!