Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AZ-104 > Udemy Tests > Flashcards

Udemy Tests Flashcards

1
Q

Your company has an Azure Storage account named TutorialsDojo1.

You have to copy your files hosted on your on-premises network to TutorialsDojo1 using AzCopy.

What Azure Storage services will you be able to copy your data into?

Blob? File? Table? Queue?

A

Blob and FIle

AzCopy is a command-line utility that you can use to copy blobs or files to or from a storage account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Your company has an Azure AD tenant named tutorialsdojo.onmicrosoft.com and a public DNS zone for tutorialsdojo.com.

You added the custom domain name tutorialsdojo.com to Azure AD. You need to verify that Azure can verify the domain name.

What DNS record type should you use?

SRV? NSEC? NSEC3? MX?

A

MX

You can verify your custom domain name by using TXT or MX record types.

Hence, the correct answer is: MX.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You need to perform the following actions in a Windows virtual machine:

  • Create a document on drive C.
  • Create a document on drive D.
  • Create a new folder on the desktop.
  • Create a local user account.

You plan to redeploy the virtual machine.

Which of the changes will be lost after you redeploy the virtual machine to a new Azure node?

A

The document on drive D.

Most VMs contain a temporary disk. On Azure Linux VMs, the temporary disk is typically /dev/sdb and on Windows VMs the temporary disk is D: by default.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
Your company has an Azure subscription named TDSubcription1. It contains the following resources:
Name, Region, Resource Group, Type
TDVNET1, SEAsia, TD1, vnet
TDVNET2, SEAsia, TD2, vnet
TDVNET3, East Asia, TD3, vnet
TDNSG1, East Asia, TD4, nsg

Which subnet/s can you associate TDNSG1 with?

A

TDVnet3

You can only associate a network security group to a subnet or network interface within the same region as the network security group.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Your company has a virtual network named TDVnet1 and a policy-based virtual network gateway named TD1 in your Azure subscription.

You have users that need to access TDVnet1 from a remote location.

Which two actions should you do so your users can establish a point-to-site connection to TDVnet1?

A

Delete TD1
Deploy a route-based VPN gateway

Point-to-Site (P2S) VPN connection allows you to create a secure connection to your virtual network from an individual client computer.

When you configure a point-to-site VPN connection, you must use a route-based VPN type for your gateway. Policy-based VPN type for point-to-site VPN connection is not supported by Azure.

If you create a policy-based VPN type as your gateway, you need to delete it and deploy a route-based VPN gateway instead.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

You have the following storage accounts in your Azure subscription.

mystorage1,general-purpose-v1,file
mystorage2,BlobStorage,blob
mystorage3,general-storage-v2,file/table
mystorage4,general-storage-v2,queue

There is a requirement to export the data from your subscription using the Azure Import/Export service.
Which account can be used to export the data?

A

mystorage2

Azure Import/Export jobs can be import or export jobs. An import job allows you to import data into Azure Blobs or Azure files whereas the export job allows data to be exported from Azure Blobs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You need to use an existing Azure Resource Manager (ARM) template to provision ten Azure virtual machines.

You should retrieve the password using the ARM template. The password must not be stored in plain text.

Which of the following options can help you accomplish this?

  • Create a key vault and configure an access policy
  • Configure label protection
  • Create a storage account and configure data protection
  • Configure Azure AD Password Protection
A

Create a key vault and configure an access policy.

In this scenario, you can use the ARM template to retrieve the password in Azure Key Vault. Instead of putting a secure value (like a password) directly in your template or parameter file, you can retrieve the value from an Azure Key Vault during deployment. You retrieve the value by referencing the key vault and secret in your parameter file. The value is never exposed because you only reference its key vault ID.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Your company has 12 peered virtual networks in your Azure subscription.

You plan to deploy a network security group for each virtual network.

There is a compliance requirement that port 80 should be automatically blocked between virtual networks whenever a new network security group is created.

Solution: You create a security rule that denies incoming port 80 traffic.

Does the solution meet the goal?

A

No.

It is stated in the scenario that blocking port 80 should be done automatically whenever a new network security group is created. By creating a rule manually, it becomes quite cumbersome to configure as you need to create a security rule for every network security group you create. It’s best practice to always automate your security processes to avoid administrative overhead. You should use a custom policy definition in order to automate the requirement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

You are planning to host several web applications in Azure App Service with the following runtime stack.

App1 - ASP.NET V4.8
App2 - Node 12 LTS
App3 - PHP 7.4
App4 - Python 3.8
App5 - Ruby 2.5

How many App Service plan should you create at the minimum to properly deploy all applications?

Zero, One, Two, Five

A

Two.

Only need to create one App Service plan for each runtime stack (i.e. Windows and Linux) not one per application. Some runtime stacks will only work on Windows such as ASP.NET while Ruby will only work with Linux.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

You created a new Azure web app with an F1 App Service plan.

You want to add a staging slot for your application but the option seems unavailable in the Azure Portal.

What must be done first to satisfy the above requirement?

Scale up the App Service plan.
Add a new deployment slot
Scale-out the App Service plan
Configure a custom domain

A

Scale up the App Service plan.

upgrade your App Service plan to a Standard or Premium tier. After you successfully upgraded your plan, you can now add a slot in the deployment slots.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You are managing 50 virtual machines.

You need to identify idle and underutilized resources to reduce the overall costs of your account. The service tier of your development virtual machines must also be changed to a less expensive offering.

What Azure service should you use?

Azure Advisor
Azure Event Hubs
Azure Monitor
Azure Compliance Manager

A

Azure Advisor.

Azure Cost Management works with Azure Advisor to provide cost optimization recommendations. The list of recommendations identifies usage inefficiencies or shows purchase recommendations that can help you save costs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

You plan to host a web application in three Azure virtual machines.

You need to make sure that there are at least two virtual machines running if an Azure data center becomes inaccessible.

What should you do?

Deploy all the virtual machines in a single Availability Zone
Deploy one virtual machine in each Availability Zone
Deploy all the virtual machines in a single Availability Set
Deploy one virtual machine in each Availability slot

A

Deploy one virtual machine in each Availability Zone.

Based on the given requirements, you can protect your web application from data center outages if you will deploy the three virtual machines in a separate Availability Zone. The physical separation of Availability Zones within a region protects applications and data from datacenter failures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Your company has an Azure subscription that has the following resources deployed:

TDBackup1, Recovery Services Vault, SEAsia
TDAccount2, Storage Account, SEAsia
TDAnalytics1, Log Analytics Workspace, East Asia
TDAlanytics2, Log Analytics Workspace, SEAsia
TDAnalytics3, Log Analytics Workspace, Australia Central

There is a requirement that requires you to configure Azure Backup reports using TDBackup1 to determine which backup items consume the most storage.

Which Log Analytics workspace can you use to store the backup reporting data?

TDAnalytics1
TDAnalytics2
TDAnalytics3
TDAnalytics1, TDAnalytics2 and TDAnalytics3

A

TDAnalytics1, TDAnalytics2 and TDAnalytics3

When you create a Log Analytics workspace, it does not matter if the vault is located in a different region or subscription.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You have deployed two Azure virtual machines to host a web application.

You plan to set up an Availability Set for your application.

You need to make sure that the application is available during planned maintenance.

Which of the following options will allow you to accomplish this?

Assign one update domain in the Availability Set
Assign two update domains in the Availability Set
Assign one fault domain in the Availability Set
Assign two fault domains in the Availability Set

A

Assign two update domains in the Availability Set.

To ensure that the application is available during planned maintenance, you must assign two update domains in the Availability Set. An update domain will make sure that the VMs in the Availability Set are not updated at the same time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You are managing an Azure subscription that contains a resource group named TD-RG1 which has a virtual machine named TD-VM1.

TD-VM1 has services that will deploy new resources on TD-RG1.

You need to make sure that the services running on TD-VM1 should be able to manage the resources in TD-RG1 using its identity.

Which of the following actions should you do first?

Configure the access control of TD-VM1
Configure the access control of TD-RG1
Configure the security settings of TD-RG1
Configure the managed identity of TD-VM1

A

Configure the managed identity of TD-VM1.

some Azure services allow you to enable a managed identity directly on a service instance. When you enable a system-assigned managed identity, an identity is created in Azure AD that is tied to the lifecycle of that service instance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Your company has a virtual network that contains a MySQL database hosted on a virtual machine.

You created a web app named tutorialsdojo-webapp using the Azure App service.

You need to make sure that tutorialsdojo-webapp can fetch the data from the MySQL database.

What should you implement?

Create and internal load balancer
Enable VNet Integration and connect the web app to the virtual network
Peer the virtual network to another virtual network
Create an Azure Application Gateway

A

Enable VNet Integration and connect the web app to the virtual network.

With Azure Virtual Network (VNets), you can place many of your Azure resources in a non-internet-routable network. The VNet Integration feature enables your apps to access resources in or through a VNet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

You have a server in your on-premises datacenter that contains a DNS server named TD1 with a primary DNS zone for the tutorialsdojo.com domain.

You have an Azure subscription named TD-Subscription1.

You plan to migrate the tutorialsdojo.com zone to an Azure DNS zone in TD-Subscription1. You must ensure that you minimize administrative effort.

Which tool should you use?

Azure PowerShell
Azure CLI
Azure Portal
Azure CloudShell

A

Azure CLI

Azure DNS supports importing and exporting zone files by using the Azure command-line interface (CLI). Zone file import is NOT supported via Azure PowerShell, Azure Cloud Shell, and Azure portal.

18
Q

Your company has an Azure AD tenant named TD-Azure-AD that contains 3 User Administrators and 2 Global Administrators.

You recently purchased 5 Premium P1 licenses.

You need to make sure that the users in your tenant have access to all the Premium P1 features.

What should you do to satisfy the above requirement?

Select the user in your tenant and assign a new role in the Directory role blade of each user.
Select the user in your tenant and assign it to an administrative unit.
Select the user in your tenant and add the user to an Active Directory Group.
In the Licenses blade of AuzreAD, select the user in your tenant and assign the license.

A

In the Licenses blade of Azure AD, select the user in your tenant and assign the license.

To ensure that the users in your tenant have access to Premium P1 license features, you must manually add the license to each user or add the license to a group. Remember that only the users with active licenses can access and use the licensed Azure AD services. Also, licenses are applied per tenant, and you can’t transfer them to other tenants.

19
Q

You have the following resources deployed in Azure:

In Tenant1 under subscription TD1: VNet named TDVnet1 with address range 10.1.0.0/16 containing a virtual machine named VM1
In Tenant2 under subscription TD2: VNet named TDVnet2 with address range 10.10.0.0/18 containing a virtual machine named VM2

There is a requirement to connect TDVnet1 and TDVnet2.

What should you do first?

Create two virtual network gateways
Change the address space of TDVnet2
Transfer TDVnet1 to TD2
Transfer VM1 to VM2

A

Create two virtual network gateways

You can use a VPN gateway to send traffic between VNets. Each VNet can have only one VPN gateway.

20
Q

You plan to provision ten virtual machines using the Azure VM scale sets.

The virtual machines must be optimized for large-scale stateless workloads.

Which of the following options allows you to deploy VMs as quickly as possible?

Create 10 VMs in the Azure Portal
Create a VM scale set and set the orchestration mode to flexible
Create 10 VMs in Azure CLI
Create a VM scale set and set the orchestration mode to uniform

A

Create a VM scale set and set the orchestration mode to Uniform.

Azure Virtual Machine Scale Sets provide a logical grouping of platform-managed virtual machines. While in Uniform orchestration mode, you just need to define a VM model and Azure will automatically create identical instances based on that model.

21
Q

Your company has an Azure subscription that contains:

A recovery services vault named TDBackup1 in Southeast Asia.
Two resource groups TDGroup1 in Australia Central, TDGroup2 in Southeast Asia

VM: named TD1 in RG TDGroup1 @ Southeast Asia
VM: named TD2 in RG TDGroup1 @ East Asia
VM: named TD3 in RG TDGroup2 @ Australia Central
VM: named TD4 in RG TDGroup2 @ Southeast Asia
VM: named TD5 in RG TDGroup1 @ East Asia
VM: named TD6 in RG TDGroup2 @ Australia Central

Which VMs can be backed up to TDBackup1

A

TD1 and TD4 only.

Take note that you can only backup data sources or virtual machines that are in the same region as the Recovery Services vault. You can backup virtual machines that have different resource groups or operating systems as long as they are in the same region as the vault.

22
Q

You have a web app named tutorialsdojo-portal that is hosted in Azure App Services. The provisioned deployment slots for tutorialsdojo-portal are shown in the table below:

tutorialsdojo-dev, development
tutorialsdojo-staging,staging
tutorialsdojo,production

You configured several settings in the tutorialsdojo-dev and tutorialsdojo-staging.

You performed a swap operation between the production and staging slots. Upon testing the tutorialsdojo-portal app, it was discovered that the new features are not working properly.

Which of the following helps you revert the tutorialsdojo-portal app to its previous state?

Swap the slops of tutorialsdojo-dev and tutorialsdojo

Swap the slots of tutorialsdojo-staging and tutorialsdojo-dev

Restore the previous version of tutorialsdojo using app backup

A

Swap the slops of tutorialsdojo-dev and tutorialsdojo

23
Q

You created a new Azure subscription. The subscription has a resource group named TD-RG. The resources in TD-RG is created using ARM templates.

You need to get the exact date and time when the resources in TD-RG was deployed.

Potential Solutions:

In the resource group settings, select Policies.

In the resource group settings, select Properties.

In the resource group settings, select Deployments.

A

In the resource group settings, select Deployments

24
Q

Your company has an existing subscription in Azure.

You provisioned an Azure Storage account named TutorialsDojoAccount and then created a file share named TDShare.

You need to create a script that will allow you to connect to your file share.

What is the UNC path of the file share?

\TutorialsDojoAccount.file.core.windows.net\TDShare

\TutorialsDojoAccount.TDShare\file.core.windows.net

\TDShare.file.core.windows.net\TutorialsDojoAccount

\.file.core.windows.net.TutorialsDojoAccount\TDShare

A

\TutorialsDojoAccount.file.core.windows.net\TDShare

The Azure File Share UNC path format is:

\{storageAccountName}.file.core.windows.net{fileShareName}

25
Q

You have a file share in your Azure subscription named Manila-Subscription-01.

You plan to synchronize files from your on-premises file server named TDFileServer1 to Azure.

You created an Azure file share and a storage sync service.

Which four actions should you perform in sequence to synchronize files from TDFileServer1 to Azure?

1-Register TDFileServer1 with Storage Sync Service
2-Deploy Azure File Sync Agent to to TDFileServer1
3-Create a sync group and cloud endpoint
4-Create a server endpoint

OR

1-Deploy Azure File Sync Agent to to TDFileServer1
2-Register TDFileServer1 with Storage Sync Service
3-Create a server endpoint
4-Create a sync group and cloud endpoint

OR

1-Deploy Azure File Sync Agent to to TDFileServer1
2-Register TDFileServer1 with Storage Sync Service
3-Create a sync group and cloud endpoint
4-Create a server endpoint

A

1-Deploy Azure File Sync Agent to to TDFileServer1
2-Register TDFileServer1 with Storage Sync Service
3-Create a sync group and cloud endpoint
4-Create a server endpoint

26
Q

Your company has an Azure Subscription that contains an Azure Container named TDContainer.

There is a requirement to launch a new Azure container instance that uses a docker image named TDImage. The container image contains a Microsoft SQL Server instance that requires persistent storage.

You need to create a storage service that will meet the requirements for TDContainer.

What should you use?

Azure Table Storage
Azure Blob Storage
Azure File Storage
Azure Queue Storage

A

Azure Files

Azure Files offers fully managed file shares hosted in Azure Storage that are accessible via the industry standard Server Message Block (SMB) protocol. Using an Azure file share with Azure Container Instances provides file-sharing features similar to using an Azure file share with Azure virtual machines.

Azure Disks or Files are commonly used to provide persistent volumes for Azure Container Instances and Azure VMs.

27
Q

Your company has an Azure subscription named ManilaSubscription that contains multiple virtual machines.

The subscription has a user named ManilaUser01 which has the following roles:

  • Backup Reader
  • Storage Blob Data Contributor
  • DevTest Labs User

You need to ensure that ManilaUser01 can assign a Reader role to all the users in the subscription.

What role should you assign?

User Access Administrator role
Security Reader role
Virtual Machine Contributor role
Security Admin role

A

User Access Administrator role.

To assign a Reader role to all the users in the Azure subscription, you must grant the user a User Access Administrator role. This role allows you to manage user access to the Azure resources.

28
Q

You have an Azure subscription that contains an Azure virtual network named TDVnet1 with an address space of 10.1.0.0/18 and a subnet named TDSub1 with an address space of 10.1.0.0/22.

You need to connect your on-premises network to Azure by using a site-to-site VPN.

Which four actions should you perform in sequence?

Instructions: To answer, drag the appropriate item from the column on the left to its description on the right. Each correct match is worth one point.

1-Deploy a VPN Gateway
2-Deploy a gateway subnet
3-Deploy a VPN connection
4-Deploy a local network gateway

1-Deploy a local network gateway
2-Deploy a VPN Gateway
3-Deploy a gateway subnet
4-Deploy a VPN connection

1-Deploy a gateway subnet
2-Deploy a local network gateway
3-Deploy a VPN Gateway
4-Deploy a VPN connection

1-Deploy a gateway subnet
2-Deploy a VPN Gateway
3-Deploy a local network gateway
4-Deploy a VPN connection

A

1-Deploy a gateway subnet
2-Deploy a VPN Gateway
3-Deploy a local network gateway
4-Deploy a VPN connection

29
Q

You plan to automate the deployment of Windows Servers using a virtual machine scale set.

You need to make sure that the web components are installed in the virtual machines.

Which two actions should you perform?

Create a configuration script
Create an automation account
Create a ploicy
Create a new scale set
Configure the extensionProfile section of the ARM template
A

Create a configuration script.
Configure the extensionProfile section of the ARM template.

The Custom Script Extension downloads and executes scripts on Azure virtual machines. This extension is useful for post-deployment configuration, software installation, or any other configuration or management tasks.

30
Q

Your company has an Azure subscription that contains a virtual machine named TD1.

You need to connect to TD1 from a computer connected to the Internet named Workstation1. TD1 has a network security group with the following inbound security rules:

300,RDP,3889,Any,Any,Allow

You try to connect to TD1 using Workstation1 but you are unable to.

What should you do first to establish a Remote Desktop connection to TD1?

Remove the RDP rule
Modify the priority of the RDP rule
Start
Redeploy

A

Start

31
Q

Your company has two Azure virtual networks named TDVNet1 and TDVNet2 in Central US region. A virtual machine named TD-VM1 is running in TDVNet1 while the other virtual network has a virtual machine named TD-VM2.

A web application is hosted on TD-VM1 and the data is retrieved and processed by TD-VM2.

Several users reported that the web application has a sluggish performance.

You are instructed to track the average round-trip time (RTT) of the packets from TD-VM1 to TD-VM2.

Which of the following options can satisfy the given requirement?

IP flow verify
Connection Troubleshoot
Connection Monitor
NSG Flow logs

A

Connection Monitor

Connection Monitor provides unified end-to-end connection monitoring. The Connection Monitor feature also supports hybrid and Azure cloud deployments.

32
Q

You plan to use an Azure Resource Manager (ARM) template to deploy 5 web apps in the same region.

You are required to launch the application in the most cost-effective way.

Which of the following options fulfills this requirement?

Create an Application Gateway
Create one App Service Plan
Create a CDN endpoint
Create five App Service Plans

A

Create one App Service plan.

The main requirement in this scenario is to deploy web apps in the most cost-effective way. you can configure one or more apps to run on the same computing resources (or in the same App Service plan).

33
Q

You plan to migrate your business-critical application to Azure virtual machines.

You need to make sure that at least two VMs are available during planned Azure maintenance.

What should you do?

Create an Availability Set that has three update domains and one fault domain

Create an Availability Set that has three update domains and two fault domains

Create an Availability Set that has two update domains and three fault domains

Create an Availability Set that has one update domain and three fault domains

A

Create an Availability Set that has three update domains and two fault domains

Since it’s a requirement in the scenario that at least two virtual machines must be available during planned maintenance, you should add three update domains in the Availability Set.

34
Q

Your company has an Azure Subscription that contains an Azure Kubernetes Service (AKS) cluster and an Azure AD tenant named tutorialsdojo.com.

You received a report that the system administrator is unable to grant access to Azure AD users who need to use the cluster.

You need to grant the users in tutorialsdojo.com access to the cluster.

What should you implement?

Configure external collaboration settings

Create an OAuth 2.0 authorization endpoint

Create a new AKS cluster

Add a namespace

A

Create an OAuth 2.0 authorization endpoint

The OAuth 2.0 authorization code grant can be used in apps that are installed on a device to gain access to protected resources.

35
Q

Your company has an Azure Kubernetes Service (AKS) cluster and a Windows 10 workstation with Azure CLI installed.

You plan to use the kubectl client on Windows 10.

Which of the following commands should you run?

az aks install-cli

az aks nodepool

az aks create

az aks browse

A

az aks install-cli.

To connect to the Kubernetes cluster from your local computer, you need to use kubectl (Kubernetes command-line client). But before you can use kubectl, you should first run the command az aks install-cli in the command-line interface.

36
Q

Your company has an Azure subscription named TDSubscription1 that contains the following resources:

TDVnet1: 10.1.0.0/16, Subnets: 10.1.0.0/24 and 10.1.1.0/24, peered to TDVnet2

TDVnet2: 10.10.0.0/16, Subnet: 10.10.0.0/24, peered to TDVNet1

There is a requirement to add the address space 10.30.0.0/16 to TDVnet1.

You need to ensure that the solution will still allow virtual machines on TDVnet1 and TDVnet2 to communicate with each other.

Which three actions should you perform? Each correct answer presents part of the solution.

Delete the peering between TDVnet1 and TDVnet2.
Delete TDVnet2
Re-create the peering between TDVnet1 and TDVnet2
Enable the gateway transit on TDVnet1
Add the address space 10.30.0.0/16 to TDVnet1
Allow gateway transit TDVnet2.

A

Delete the peering between TDVnet1 and TDVnet2.
Re-create the peering between TDVnet1 and TDVnet2
Add the address space 10.30.0.0/16 to TDVnet1

you can’t add address ranges to, or delete address ranges from a virtual network’s address space once a virtual network is peered with another virtual network.

37
Q

Your company has an Azure subscription that contains a storage account named tdstorageaccount1 and a virtual network named TDVNET1 with an address space of 192.168.0.0/16.

You have a user that needs to connect to the storage account from her workstation which has a public IP address of 131.107.1.23.

You need to ensure that the user is the only one who can access tdstorageaccount1.

Which two actions should you perform? Each correct answer presents part of the solution.

Set the Allow access from field to Selected networks under the Firewalls and virtual networks blade of tdstorageaccount1

From the networking settings, enable the TDVnet1 under Firewalls and virtual networks

From the networking settings, select the service endpoint under Firewalls and virtual networks

From the network settings, select “Allow trusted Microsoft services to access this storage account” under Firewalls and virtual networks.

Add the 131.107.1.23 IP address under Firewalls and virtual networks blade of tdstorageaccount1

A

Set the Allow access from field to Selected networks under the Firewalls and virtual networks blade of tdstorageaccount1

Add the 131.107.1.23 IP address under Firewalls and virtual networks blade of tdstorageaccount1

To whitelist a public IP address, you must:

  1. Go to the storage account you want to secure.
  2. Select on the settings menu called Networking.
  3. Under Firewalls and virtual networks, select Selected networks.
  4. Under firewall, add the public IP address then save.
38
Q

You deployed four Azure virtual machines in the following regions.

VM1, North Central US
VM2, North Central US
VM3, West Central US
VM4, West Central US

You have created a Recovery Services vault to hold backup data for VirtualMachine1 and VirtualMachine2.

You need to ensure that VirtualMachine3 and VirtualMachine4 are protected by a storage entity in Azure that houses data.

What should you do?

Create another Recovery Services Vault

Deploy a Storage Sync Service

Create a BlockBlobStorage account

Use the az backup policy set command in the Azure CLI

A

Create another Recovery Services Vault

a Recovery Services vault must be in the same region as the virtual machines to create a recovery point.

39
Q

You are managing an Azure AD tenant that has 500 user accounts.
You created a new user account named AppAdmin.
You must assign the role of Application Administrator to the AppAdmin user account.
What should you do in the Azure Active Directory settings to accomplish this requirement?

Select the user profile and add the role assignments
Select the user profile and add the user to the admin group
Select the user profile and assign it to an administrative unit
Select the user profile and enable the My Staff feature

A

Select the user profile and add the role assignments

If you want to grant a user permission to manage Azure AD resources, you must assign them to a role that provides the permissions they need.

40
Q

You created a new Recovery Services vault in your Azure account as part of your company’s Disaster Recovery Plan. Your account subscription has the following virtual machines, each with its respective auto-shutdown configuration:

VM1, Ubuntu Server, 17;00
VM2, Window Server, No shutdown
VM3, CentOS-based 8.2, 23:00 shutdown
VM4, Windows 10 Pro, Off

The scheduled backup will run every day at 23:59.

Which of the following virtual machines allows you to create a backup using the Azure Backup service?

All VMs
VM1 and VM3
VM2 and VM4
VM1, VM2, VM4

A

All VMs

Take note that Azure Backup only takes snapshots of the VM disks. This means that even if the VM status is running or stopped, you can still create a backup as long as the disk is attached to the VM.

AZ-104 (23 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions