Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

AZ104 > Whiz Labs Practice Test 3 > Flashcards

Whiz Labs Practice Test 3 Flashcards

1
Q

A team member has created a point to site VPN connection between a computer named WorkstationA and an Azure virtual network.
Another point to site VPN connection needs to be made between the same Azure Virtual network and a computer named WorkstationB
The VPN client package was generated and install on WorkstationB

You need to ensure that you can create a successful point to site VPN connection

You decide to export the Workstation A client certificate and install it on Workstation B

Would this solution fulfill the requirement?

A. Yes
B. No

A

A. Yes

Explanation:
Yes this is one of the requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You have a storage account named whizlabstore. You have created a file shae named demo using the file service. You need to ensure that users can connect to the file share from their home computers. Which of the following ports should be open to provide the connectivity?

A. 80
B. 443
C. 445
D. 3389

A

C. 445

Explanation:
To access files from home computers, users have to use SMB protocol that expects port 445 to be open

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A company have created a storage account in their Azure subscription. The name of the storage account is whizlabstore. They also have created a file sharee named demo. They need to access the files in the file share via a UNC path

You need to fill in the following blocks to ensure that the right UNC path is provided.

Which of the following goes into slot 1?

A. blob
B. blob.conre.windows.net
C. portal.azure.com
D. file
E. file.core.windows.net
F. whizlabstore
G. demo

A

F. whizlabstore

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A company has created a storage account in their Azure subscription. The name of the storage account is whizlabstore. They have also created a file share named demo. They need toa ccess the files in the file share via a UNC path.

You need to fill in the following blocks to ensure that the right UNC path is provided.

Which of the following would need to go into Slot 2?

A. blob
B. blob.conre.windows.net
C. portal.azure.com
D. file
E. file.core.windows.net
F. whizlabstore
G. demo

A

E. file.core.windows.net

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A company has created a storage account in their Azure subscription. The name of the storage account is whizlabstore. They have also created a file share named demo. They need toa ccess the files in the file share via a UNC path.

You need to fill in the following blocks to ensure that the right UNC path is provided.

Which of the following would need to go into Slot 3?

A. blob
B. blob.conre.windows.net
C. portal.azure.com
D. file
E. file.core.windows.net
F. whizlabstore
G. demo

A

G. demo

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Would virtual machines launched in the whizlab-client virtual network automatically get registered in the private domain of private.whizlabs.com if auto registration is enabled?

A. Yes
B. No

A

A. Yes

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A company has set up virtual machine in Azure. A web server listening on port 80 and a DNS server has been installed on the vm. A network security group is attached to the network interface for the virtual machine. The rules for the NSG are given below

If RuleB is deleted/omitted, please select the service through which Internet users connect to the virtual machine.

A. Through the web server
B. Through the DNS server
C. Both web and DNS servers
D. Through RDP
E. Through RDP, Web and DNS Servers

A

D. Through RDP

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Your company has set up a storage account in Azure, as shown below

The company needs to allow only connection to the storage account from an IP address range of 51.107.2.0 to 51.107.2..255. From which of the following section of the storage account would you modify to fulfill this requirement?

A. Network
B. Advanced Security
C. Soft Delete
D. Lifecycle Management

A

A. Network

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Your company has set up a storage account in Azure, as shown below

There is a requirement to retain any blob data that might accidentally be deleted. The deleted data needs to be retained for 14 days. From which of the following options of the storage account would you modify to fulfill this requirement?

A. Firewall and virtual networks
B. Advanced security
C. Data protection (soft delete)
D. Lifecycle management

A

C. Data protection (soft delete)

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A company wants to deploy a virtual machine using a Resource Manager template. The template needs to be submitted via Azure CLI commans. The template is stored in a file named storage.json

You need to complete the below CLI

Which of the following would go into SLOT1?

A. template
B. Deployment
C. Resource
D. vm

A

B. Deployment

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A company wants to deploy a virtual machine using a Resource Manager template. The template needs to be submitted via Azure CLI Commands. The template is stored in a file named storage.json

You need to complete the below CLI command

Which of the following would go into SLOT 2?

A. –template
B. –template-uri
C. –template-file
D. –template-resource

A

C. –template-file

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A company has set up an Azure subscription and a tenant. They want to ensure that only virtual machines of a particular SKU size can be launched in their Azure account.

They decide to implement RBAC

Does this fulfill the requirement?

A. Yes
B. No

A

B. No

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A company has set up an Azure subscription and a tenant. They want to ensure that only virtual machines of a particular SKU size can be launched in their Azure account. They decide to implement Azure locks

Does this fulfill the requirement?

A. Yes
B. No

A

B. No

Explanation:
Azure locks are used to prevent users from accidentally deleting or modifying critical resources. If you need to limit the resource creation, like provision VM only of a particular SKU, you need to implement Azure policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A company has set up an Azure subscription and a tenant. They want to ensure that only virtual machines of a particular SKU size can be launched in their Azure account. They decide to implement Azure Policies

Does this fulfill the requirement?

A. Yes
B. No

A

A. Yes

Explanation:
Yes this can be done with Azure policies. There is also already an in built policy which can implement this policy as shown below

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A. IP Flow Verify
B. Next Hop
C. Packet Capture
D. Traffic Analysis

A

A. IP Flow Verify

Explanation:
This can be done with the IP Flow Verify Feature.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A. IP Flow Verify
B. Next Hop
C. Connection Monitor
D. Traffic Analytics

A

C. Connection Monitor

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A company is planning to deploy an application to a set of virtual machines in an Azure network. The company needs to have an SLA of 99.99% for the application hosted on the virtual machines. Which of the following should be implemented to guarantee an SLA of 99.99% on the infrastructure level?

A. Make the virtual machines part of an availability set
B. Deploy the virtual machines across availability zones
C. Assign a standard public IP address to the virtual machines
D. Deploy single virtual machines across multiple regions

A

B. Deploy the virtual machines across availability zones

Explanation:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

You company wants to provision an Azure storage account. The storage acocunt needs to meet the following requirements

  • Should be able to support hot, cool and archive blob tiers
  • SHould be able to provide fault tolerance if a disaster hits the Azure region, which has the storage account
  • Should minimize on costs

You need to complete the below commoand to create the storage account

Which of the following would go into Slot1?

A. FileStorage
B. Storage
C. StorageV2
D. Table
E. BlockBlobStorage

A

C. StorageV2

Explanation:
The task requires to support the hot, cool and archive tiers. There is only one option from our list of options that can provide this: StorageV2 or General Purpose v2 Storage account. With this storage account type, we will have the complete functionality of the BLOB service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

You company wants to provision an Azure storage account. The storage acocunt needs to meet the following requirements

  • Should be able to support hot, cool and archive blob tiers
  • SHould be able to provide fault tolerance if a disaster hits the Azure region, which has the storage account
  • Should minimize on costs

You need to complete the below commoand to create the storage account

Which of the following would go into Slot2?

A. Standard_GRS
B. Standard_LRS
C. Standard_RAGRS
D. Premium_LRS

A

A. Standard_GRS

Explanation:
Standard_GRS which is geo redundant storage would ensure that data is available in a secondary region if the primary region goes down.

The Microsoft Documentation mentions the following:

20
Q

Currently, in your production environment, containerized applications are running on the Azure Kubernetes Service cluster (AKS cluster). Managed disks, for persistent storage are being used. Currently, managed disk backup is being done via automation scripts. The scripts are hard to maintain. Youre working as an Azure admin and are expected to suggest a backup solution for managing disk, with the following requirements:

  1. It should support snapshot backup lifecycle which is policy drive and provide fast backup and recovery
  2. It should have a very light admin overhead
  3. The cost of the overall solution is low

Which of the following solutions will you select?

A. Azure recovery service vault
B. Azure Backup vault
C. Azure site recovery
D. Azure backup center

A

B. Azure Backup vault
D. Azure backup center

Explanation:
Option B is correct because a backup vault can be used for managing Azure disk snapshot life cycle management, as explained later

Option D is correct because the backup center is the best option for creating the backup vault

Option A is incrrect because the recovery service vault does not support disk snapshot life cycle management

Option C is incorrect because Azure site recovery is used for creating disaster recovery sites

Azure backup vaults support manage disk snapshot backup lifecycle, which is policy driven and provides fast backup and recovery from the snapshots of managed disk

The backup process of the backup vault does not cause any performance issues on the virtual machine. It has virtually no administrative overhead and low cost. We can easily create a backup vault from the backup Center

Backup Center provides a single unified management experience in Azure for enterprises to govern, monitor, operate and analyze backups at scale

21
Q

A team has set up Log Analytics for a virtual machine named demovm. They are running the following query in the Log Analytics Workspace

In which of the below format will the data be displayed?

A. table that has 2 columns
B. table that has 3 columns
C. graph that has the computer values on the Y axis
D. graph that has the avg(CounterValue) values on the Y axis

A

D. graph that has the avg(CounterValue) values on the Y axis

Explanation:
If you try to run the query in Log Analytics, you will see the below output. It consists of a graph that has the average of the counter value on the Y axis

22
Q

A company has set up an Azure Virtual Machine. A team member is trying to connect to the virtual machine but is not able to do so. Below is the snippet of the networking section of the virtual machine

Which of the following needs to be done to ensure that the team member cann connect to the virtual machine?

A. Delete the Rule Port_3389
B. Add a rule to the outbound port rules to allow traffic on port 3389
C. Delete the rule DenyAllInbound
D. Start the virtual machine

A

D. Start the virtual machine

Explanation:
Here is the issue that no public IP address has been assigned to the virtual machine. This is because the virtual machine is in a stopped state. So you would need to start the virtual machine, You will get a public IP address and then connect to the virtual machine

23
Q

Your company currently has a site to site connection with an Azure virtual private network. The VPN device allocated on the on premise side will udnergo a change in its public IP address. You have to ensure the site to site VPN connection continues to work after the change. Which of the following step would you need to carry out after the change in the public IP address on the on premise VPN device, ensuring minimum connection downtime?

A. Start the VPN connection
B. Stop the VPN connection
C. Modify the local gateway IP address
D. Modify the VPN gateway address

A

C. Modify the local gateway IP address

Explanation:
If the VPN device that you want to connect to has changed its public IP address, you need to modify the local network gateway to reflect that change

24
Q

A company has an application deployed across a set of virtual machines. Users connect to the application either using point to site VPN or site to site VPN connections. You need to ensure that connections to the application are spread across all of the virtual machines. Which of the following could you set up for this requirement? Choose 2 answers from the options given below.

A. Public Load Balancer
B. An Internal Load Balancer
C. A Traffic Manager Profile
D. An Azure Content Delivery Network
E. An Azure Application Gateway

A

B. An Internal Load Balancer
E. An Azure Application Gateway

Explanation:
Since we need to distribute traffic across the virtual machines, we can use either the load balancer or application gateway service

25
A company has set up an Azure subscription. They have provisioned a storage account and are currently using the BLOB service. They want to assign permissions to 3 user groups GroupA - This group should have the ability to manage the storage account GroupB - This group should be able to manage containers within a storage account GroupC - This group should be given full access to Azure Storage blob containers and data, including assigning POSIX access control You need to assign the relevant Role Based Access Control, ensuring the privilege of least access Which of the following would you assign to GroupA? A. Owner B. Contributor C. Storage Account Contributor D. Storage Blob Data Contributor E. Storage Blob Data Owner
C. Storage Account Contributor Explanation: This can be accomplished by the storage account contributor
26
A company has set up an Azure subscription. They have provisioned a storage account and are currently using the BLOB service. They want to assign permissions to 3 user groups GroupA - This group should have the ability to manage the storage account GroupB - This group should be able to manage containers within a storage account GroupC - This group should be given full access to Azure Storage blob containers and data, including assigning POSIX access control You need to assign the relevant Role Based Access Control, ensuring the privilege of least access Which of the following would you assign to GroupB? A. Owner B. Contributor C. Storage Account Contributor D. Storage Blob Data Contributor E. Storage Blob Data Owner
D. Storage Blob Data Contributor Explanation: This can be accomplished with the Storage Blob Data Contributor
27
A company has set up an Azure subscription. They have provisioned a storage account and are currently using the BLOB service. They want to assign permissions to 3 user groups GroupA - This group should have the ability to manage the storage account GroupB - This group should be able to manage containers within a storage account GroupC - This group should be given full access to Azure Storage blob containers and data, including assigning POSIX access control You need to assign the relevant Role Based Access Control, ensuring the privilege of least access Which of the following would you assign to GroupC? A. Owner B. Contributor C. Storage Account Contributor D. Storage Blob Data Contributor E. Storage Blob Data Owner
E. Storage Blob Data Owner Explanation: This can be accomplished with Storage Blob Data Owner. The Microsoft documentation men`tions the following:
28
A company is planning to use the Azure Import/Export service to move data out of its Azure Storage Account. Which of the following service could be used when defining the Azure Export job? A. BLOB Storage B. File Storage C. Queue Storage D. Table Storage
A. BLOB Storage Explanation:
29
As an IT admin, you have to develop scripts that need to add data disks to an existing virtual machine. Below is the incomplete script. Which of the following would go into Slot1? A. New-AzDisk B. New-AzDiskConfig C. Add-AzVMDataDisk D. Set-AzDisk
B. New-AzDiskConfig Explanation:
30
As an IT admin, you have to develop scripts that need to add data disks to an existing virtual machine. Below is the incomplete script Which of the following would go into Slot2? A. New-AzDisk B. New-AzDiskConfig C. Add-AzVMDataDisk D. Set-AzDisk
A. New-AzDisk Explanation:
31
As an IT admin, you have to develop scripts that need to add data disks to an existing virtual machine. Below is the incomplete script Which of the following would go into Slot3? A. Set-AzVM B. UpdateAzVM C. Get-AzVM D. New-AzVm
32
As an IT admin, you have to develop scripts that need to add data disks to an existing virtual machine. Below is the incomplete script Which of the following would go into Slot4? A. New-AzDisk B. New-AzDiskConfig C. Add-AzVMDataDisk D. Set-AzDisk
C. Add-AzVMDataDisk Explanation:
33
As an IT admin, you have to develop scripts that need to be used to add data disks to an existing virtual machine. Below is the incomplete script Which of the following would go into Slot4? A. New-AzDisk B. New-AzDiskConfig C. Add-AzVMDataDisk D. Set-AzDisk
C. Add-AzVMDataDisk Explanation:
34
fuck
35
You have an Azure virtual machine based on the Windows Server 2016 image. You implement Azure backup for the virtual machine. You want to restore the virtual machine by using the replace existing option You need to go ahead and replace the virtual machine using the Azure Backup option. You have started the backup operation but it failed and is showing an error message: VM is not in a state to allow backups Which of the following should be done to solve this problem? A. Create a custom image B. Stop the virtual machine C. Allocate a new disk D. Enable encryption on the disk
B. Stop the virtual machine Explanation: The backup operation failed because the VM is in a Failed State. For a successful backup, the VM state should be Running, Stopped or Stopped (deallocated)
36
You have an Azure subscription named whizlabstaging. Under the subscription, you create a resource group named whizlabs-rg Then you create an Azure policy based on the Not allowed resources types definition. Here you define the parameters as Microsoft.Network.virtual networks as the not allowed resource type. You assign this policy to the Tenant Root Group and a virtual network does not already exist in this subscription. Would you be able to create a virtual machine in the whizlabs-rg resource group? A. Yes B. No
B. No Explanation: Azure policy is applied to the Tenant Root Group. It means that it would be applied to all subscriptions and all resource groups within the subscription A VM can be created only inside a network If you need to create a virtual machine, you must have permission to create virtual network resources, required for VM provisioning This policy not allowed resource type includes Microsoft.Network in its parameter list. So the policy will not allow the creation of any network resources
37
A company currently has the following networks defined in Azure A. Set the virtual network deployment model as Classic B. Set the virtual network access settings as Disabled C. Set the forwarded traffic settings as Enabled D. Enable Allow gateway transit
C. Set the forwarded traffic settings as Enabled Explanation: To ensure that traffic can be forwarded across networks, you need to enable forwarded traffic settings. This is like the Hub and spoke model given in the Microsoft documentation wherein you need to enable forwarded traffic Option A is incorrect since this is used when you have a classic deployment of a virtual network Option B is incorrect since the traffic should be enabled Option D is incorrect since this is when you want traffic to flow to an on premise setup
38
A company currently has the following networks defined in Azure All virtual networks are hosting virtual machines with varying workloads. A virtual machine named whizlab-detect hosted in whizlab-vnet2. This virtual machine will have an intrusion detection software installed on it. All traffic on all virtual networks must be routed via this virtual machine (intrusion based device) You need to complete the required steps for implementing this requirement Which of the following would you need to create additional to ensure that traffic is sent via the virtual machine hosting the intrusion software? A. A new route table B. Add an address space C. Add DNS servers D. Add a service endpoint
A. A new route table Explanation: In order to ensure that traffic is routed via the intrusion based device, you need to set up a route table and add the route table to the subnets in the other virtual machines The diagram of the hub and spoke model also includes the use of a User defined route (UDR), which is nothing but a custom route table
39
A company currently has the following networks defined in Azure All virtual networks are hosting virtual machines with varying workloads. A virtual machine named whizlab-detect hosted in whizlab-vnet2. This virtual machine will have an intrusion detection osftware installed on it. All traffic on all virtual networks must be routed via this virtual machine (intrusion based device) You need tom complete the required steps for implementing this requirement Which of the following would you need to create additional to ensure traffic is sent via the virtual machine hosting the intrusion software? A. A new route table B. Add an address space C. Add DNS Servers D. Add a Service Endpoint
40
A company currently has the following networks defined in Azure All virtual networks are hosting virtual machines with varying workloads. A virtual machine named whizlab-detect is hosted in whizlab-vnet2. This virtual machine will have an intrusion detection software installed on it. All traffic on all virtual networks must be routed via this virtual machine (intrusion based device) You need to complete the required steps for implementing this requirement Which of the following needs to be enabled on the virtual machine whizlab-detect? A. Enable IP forwarding B. Enable the identity for the virtual machine C. Add an extension to the virtual machine D. Change the size of the virtual machine
A. Enable IP forwarding Explanation:
41
A company is planning to use Azure for the various services they offer. They want to ensure that they can bill each department for the resources they consume. They decide to use Azure policies to separate the bills department wise. Would this fulfill the requirement? A. Yes B. No
B. No Explanation: Azure policies are used from a government perspective and cant be used to create bills department wise
42
A company is planning to use Azure for the various services they offer. They want to ensure that they can bill each department for the resources they consume. They decide to use Azure resource tags to separate the bills department wise Would this fulfill the requirement? A. yes B. No
A. Yes Explanation: Yes, you can use resource tags to organize your Azure resources and also apply billing techniques department wise
43
A company is planning to use Azure for the various services they offer. They want to ensure that they can bill each department for the resources they consume. They decide to use Azure RBAC to separate the bills department wise. Would this fulfill the requirement? A. Yes B. No
B. No Explanation: This is used to control access to resources and cant be used for billing purposes
44
A. Yes B. No
A. Yes Explanation: The Not Allowed resource types policy is only applied to the resource group whizlabs-rg. You can move the virtual machine to another resource group
45
A. Yes B. No
B. No Explanation: Azure policies would only highlight the compliance of existing reousrces and enforce the policy restrictions on new resources. Here, the virtual machine whizlabvm is currently in a running state and the company assigns the Not allowed resource types Azure policy Not allowed resource types (Deny): prevents a list of resource types from being deployed. Hence the state of the virtual machine would remain as it is
45

AZ104 (28 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions