Microsoft AZ-104 All Answers Correct

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subsc ...

You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted in separate resource groups. Another administrator plans to create several network security groups (NSGs) in the subscription. You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between the virtual networks. Solution: From the Resource providers blade, you unregister the Microsoft.ClassicNetwork provider. Does this meet the goal? No You have a Microsoft 365 tenant and an Azure Active Directory (Azure AD) tenant named contoso.com. You plan to grant three users named User1, User2, and User3 access to a temporary Microsoft SharePoint document library named Library1. You need to create groups for the users. The solution must ensure that the groups are deleted automatically after 180 days. Which two groups should you create? Each correct answer presents a complete solution. Multiple answers 1) An office 365 group that uses the Assigned membership type. 2) An office 365 group that uses the Dynamic User membership type. 00:0201:47 You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table. Name Type Member of User1 Member Group1 User2 Guest Group1 User3 Member None UserA Member Group2 UserB Guest Group2 User3 is the owner of Group1. Group2 is a member of Group1. You configure an access review named Review1 as shown in the following exhibit: Statements: Yes or No answer User3 can perform an access review of User1: Yes User3 can perform an access review of UserA: Yes User3 can perform an access review of UserB: Yes You have an on-premises server that contains a folder named D:\Folder1. You need to copy the contents of D:\Folder1 to the public container in an Azure Storage account named contosodata. Which command should you run? azcopy copy D:\folder1 https://contosodata.blob.core.windows.net/public --recursive DRAG DROP You have an Azure subscription named Subscription1. You create an Azure Storage account named contosostorage, and then you create a file share named data. Which UNC path should you include in a script that references files from the data file share? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once or not at all. You may need to drag the split bar between panes or scroll to view content. Note: Each correct selection is worth one point. \\Contosostorage.file.core.windows.net\data HOTSPOT You have the Azure management groups shown in the following table: Name In management group Tenant Root Group Not applicable Management Group11 Tenant Root Group Management Group12 Tenant Root Group Management Group21 ManagementGroup11 You add Azure subscription to the management group as shown in the following table: Name Management group Subscription1 ManagementGroup21 Subscription2 ManagementGroup12 Name Parameter Not allowed resource types. VirtualNetworks Allowed resource types VirtualNetworks Statements: Answers yes or no You can create a virtual network in Subscription1: No You can create a virtual machine in Subscription2: Yes You can add Subscription1 to ManagementGroup11:Yes HOTSPOT You have an Azure subscription named Subscription1. Subscription1 contains a virtual machine named VM 1. You install and configure a web server and a DNS server on VM1. VM1 has an effective network security rules shown in the following exhibit: Network Interface: vm 1900. Effective security rules Topology Virtual network/subnet: VMRG-vnet/default. Public IP: 104.40.215.211 Private IP: 10.0.0.5 Accelerated. networking: Disabled Inbound Port Rules: Network security group VM1-nsg (attached to network interface: vm1900) Impacts 0 subnets, 1 network interfaces Priority. Name PORT Protocol 900. Rule2 50-60 Any 1000. Default-allow-rdp. 3389 TCP 1010 Rule1 50-500 TCP 65000 AllowVnetldBound. Any Any 65001 AllowAzureLoadBalan.. Any Any 65500. DenyAllnBound Any. Any Answer Area: Scroll down answer Internet Users [answer choice]-Can connect to only the web server on VM1. If you delete Rule2, Internet users [answer choice]- can connect to the web server and the DNS server on VM1. You have an Azure web app named App1. App1 has the deployment slots shown in the following table: Name Function Webapp1-prod Production Webapp1-test Staging In webapp1-test, you test several changes to App1. You back up App1. You swap webapp1-test for webapp1-prod and discover that App1 is experiencing performance issues. You need to revert to the previous version of App1 as quickly as possible. What should you do? Swap the slots HOTSPOT You have an Azure subscription named Subscription1. Subscription1 contains the virtual machines in the following table: Name IP address VM1 10.0.1.4 VM2 10.0.2.4 VM3 10.0.3.4 Subscription1 contains a virtual network named VNet1 that has the subnets in the following table: Name Address space Connected virtual machine Subnet1 10.0.1.0/24 VM1 Subnet2 10.0.2.0/24 VM2 Subnet3 10.0.3.0/24 VM3 VM3 has multiple network adapters, including a network adapter named NIC3. IP forwarding is enabled on NIC3. Routing is enabled on VM3. You create a route table RT1 that contains the routes in the following table: Address prefix Next hop type Next hop address 10.0.1.0/24 Virtual appliance 10.0.3.4 10.0.2.0/24 Virtual appliance 10.0.3.4 You apply RT1 to Subnet1 and Subnet2. For each of the following statements, select Yes if the statement is true. Otherwise, select no. Note: Each correct selection is worth one point. Answer Area: Yes or no answers 1) VM3 can establish a network connection to VM1: Yes 2) If VM3 is turned off, VM2 can establish a network connection to VM1: No 3) VM1 can establish a network connection to VM2: Yes HOTSPOT You have an Azure subscription that contains the resources in the following table: Name Type VMRG. Resource group VNet1 Virtual network VNet2 Virtual network VM5 Virtual machine connected to VNet1 VM6 Virtual machine connected to VNet2 In Azure, you create a private DNS zone named adatum.com. You set the registration virtual network to VNet2. The adatum.com zone is configured as shown in the following exhibit: Resource group (change). Answer Area: Yes or no 1) The A record for VM5 will be registered automatically in the adatum.com zone: NO 2) VM5 can resolve VM9.adatum.com: NO 3) VM6 can resolve VM9.adatum.com: YES HOTSPOT You have an Azure subscription named Subscription1 that contains a resource group named RG1. In RG1, you create an internal load balancer named LB1 and a public load balancer named BL2. You need to ensure that an administrator named Admin1 can manage LB1 and LB2. The solution must follow the principle of least privilege. Which role should you assign to Admin1 for each task? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Multiple Answer Area 1) To add a backend pool to LB1: Network Contributor on LB1 (answer) 2) To add a health probe to LB2: Network Contributor on LB2 (Answer) You have an Azure subscription that contains an Azure Active Directory (Azure AD) tenant named contoso.com and an Azure Kubernetes Service (AKS) cluster named AKS1. An administrator reports that she is unable to grant access to AKS1 to the users in contoso.com. You need to ensure that access to AKS1 can be granted to the contoso.com users. What should you do first? From contoso.com, create an OAuth 2.0 authorization endpoint. You have an Azure subscription that contains an Azure Storage account. You plan to create an Azure container instance named container1 that will use a Docker image named Image1. Image1 contains a Microsoft SQL Server instance that requires persistent storage. You need to configure a storage service for Container1. What should you use? Azure Table storage You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates. Solution: From the Subscriptions blade, you select the subscription and then click Programmatic deployment. Does this meet the goal? No DRAG DROP You have an on-premises file server named Server1 that runs Windows Server 2016. You have an Azure subscription that contains an Azure file share. You deploy an Azure File Sync Storage Sync Service, and you create a sync group. You need to synchronize files from Server1 to Azure. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Actions 1) Install the Azure File Sync agent on Server1 2) Create an Azure on-premises data gateway 3) Create a Recovery Services vault 4) Register Server1 5) Add a server endpoint 6) Install the DFS Replication server role on Server1 Answer Area: 1) Install the Azure File Sync agent on Server