Microsoft Azure Administrator AZ-104 Exam: Virtual Machines and Resource Management

Questions and Answers

What should you do to associate each VM with its respective department?

Assign tags to the virtual machines.

What is the requirement to implement an Azure AD conditional access policy for Global Administrators?

Use Multi-Factor Authentication and an Azure AD-joined device when connecting from trusted locations.

What is the purpose of creating Azure Management Groups for each department?

To segregate billing and usage information for each department.

How can you ensure that members of the Global Administrators group use Multi-Factor Authentication?

Configure conditional access policy to require Multi-Factor Authentication.

What is the benefit of creating a resource group for each department?

Simplifies billing and cost management for each department.

Study Notes

Associating VMs with Departments

• Associate each VM with its respective department by using Azure resource groups, which allow for organization and management of resources by department.

Implementing Azure AD Conditional Access Policy

• Implement an Azure AD conditional access policy for Global Administrators by requiring them to sign in from a trusted location or compliant device.

Creating Azure Management Groups

• Create Azure Management Groups for each department to delegate administrative tasks, organize resources, and implement Azure Policy and Access Control (IAM) at the department level.

Ensuring MFA for Global Administrators

• Ensure that members of the Global Administrators group use Multi-Factor Authentication (MFA) by configuring Azure AD conditional access policies to require MFA for the Global Administrators group.

Creating Resource Groups for Departments

• Create a resource group for each department to enable department-specific resource management, billing, and access control, which improves resource organization and simplifies departmental management.