Exam AZ-104: Microsoft Azure Administrator

Exam AZ-104: Microsoft Azure Administrator What Steps are involved in shipping data to Azure 1 - Prepare Hard drives 2 - Create import Job 3 - Ship drives to Az Dc 4 - Update Tracking 5 - Verify the data upload. ...

Exam AZ-104: Microsoft Azure Administrator What Steps are involved in shipping data to Azure 1 - Prepare Hard drives 2 - Create import Job 3 - Ship drives to Az Dc 4 - Update Tracking 5 - Verify the data upload. Is IPV6 to IPV6 communication is supported without load balancer? True or False True, to have ipv6 communitication between vnets you need and internal load balancer What effect is evaluated first in Azure Policy A- Append B- Disabled C- Deny D - Audit B - Disabled How do you enable auto scale on basic web app Change to standard Enable autscale create Scale rule When using az ad user create, what parameters are needed UPN, DisplayName and Password What is the restore period of an Azure AD user? A- 30 B- 60 c - 90 d - Can't restore A - 30 days What are actions and not actions actions = allowable permissions on Role definition Not acctions = Denied permissions How are NotActions used in a role definition? A - NotActions are subtracted from the Actions to define the list of permissible operations. B- NotActions are consulted after Actions to deny access to a specific operation. C - NotActions allow you to specify a single operation that is not allowed. A - NotActions are subtracted from the Actions to define the list of permissible operations. What tool would you use to monitor Subnets? Network security group (NSG) flow logging What Role is needed to manage access to Azure Resources? A - Co-administrator B - Owner C - User Access Administrator D - Contributor User Access Administrator Pubilc IP assigned to the Nic will take precedence over one on the Load balancer? True or False True How many SNAT ports allocated to a Load public IP address 1024 How is outbound Public traffic used on basic load balancers? All IPs took into consideration but one used. Standard all are used at the same time What steps are involved in creating an Azure Bastion? 1) Create Subnet named Azure bastion subnet /27? 2)Create Bastion 3) Connect to VM1 using azure portal In Kubernetes can a POD share Managed Disks? Yes or No Yes Azure Files Main steps involved in Registering DNS with Azure Purchase from Registrar Configure Forward Lookup zone Point NS records to Azure DNS 5 steps to create Azure File Share in powershell New-StorageAccount - Create storage account Get-StorageAccountKeys - grab keys New-AzureStorageContext - login keys etc New-AzureStorageShare - create share CMDKEY - stores access keys New-PSDrive - maps drive When creating an Azure Bastion, What are the 3 main requirements? Subnet must be called AzureBastionSubnet and created first CIDR min /27 or larger Standard SKU static IP What are the minimum permissions for an Azure Bastion? Reader role on the VM Reader role on the NIC with private IP of the VM Reader role on Azure Bastion resource What can Azure AD role, User Administrator do? Manage all aspects of users and groups, including support tickets Monitoring service tickers resetting passwords What can Azure AD role, Billing Administrator do? make purchases manage subscriptions support ticket monitor service health. What command would you use to list permissions of a role? az role definition list --name Get-AzRoleDefinition A Basic IP SKU can support availability zones True or False False Name several services that don't work over Global vent peering VM behind Load balancers VMSS behind basic load balancers Redis cache Application gateway Logic Apps What security features does Azure DNS provide? RBAC Activity logs Resource locking We need to set up and DNS record to point to an Azure load-balancer which record will need to be created. A) Record Set B) A Record C) CNAME D) AAA A) Record Set Commands to create DNS record in AZ and PowerShell az network dns record-set New-AzDnsRecordSet -Name www -RecordType A -ZoneName contoso.xyz -ResourceGroupName MyResourceGroup -Ttl 3600 -DnsRecords (New-AzDnsRecordConfig -IPv4Address "10.10.10.10") What are the main Services tags (7) v a i a s s a Virtual Network AzureLoadBalancer Internet Azure Traffic Manager Storage SQL AppService How would you troubleshoot VPN connectivity? - enabled network watcher - Start VPN Logging - Check Security associations - Check on premise VPN External Devices What cmdlets are used to test network connectivity? Ge-AzEffectiveNetworksecgroup Test-AzNetworkWatcherIPFlow What cmdlet should you run if you are having issues with validation on purchases in the Azure portal? Set-AzMarketplaceTerms cmdlet With AZ Copy what access methods can you use to copy data into File Storage? SAS Keys only With AZ Copy what access methods can you use to copy data into Blob Storage? Azure AD and SAS keys What needs to be installed on a Virtual machine to be able to capture all network traffic? Network Watcher Agent VM Extension When using Network Performance Monitor (NPM) why is the OMS agent needed? Service Connection reliability Performance monitor Express Route Monitor What is IP Flow used for and the power shell command to run? Check if packets are allowed or denied on a NSG Test-AzNetworkWatcherIPFlow What is Connection Monitor used for and what PowerShell command is used? Check two VMs can communicate Latency Can probe at regular intervals Can monitor IP or FQDN New-AzNetworkWatcherConnectionMonitor How many email messages can an action group send in 1 Hour? 60 1 per minute How many SMS messages can an action group send in 1 Hour? 12 1 per 5 minutes How often can a voice call be used in an action group? 1 voice every 5 mins What files is used to customise Linux on first boot? A- Answer.ini B- cloudinit.txt C - unattended.conf D- unattended.xml Cloudinit.txt What tool can be used to import Azure DNS and the command? AZ CLI az network DNS zone import How many minutes can a basic web app run for? 240 minutes How many minutes can a shared web app run for? 60 minutes What are the 5 steps needed to create Azure File Sync? - Allow port 4443 outbound - Create file sync service - Install agen on server and register - Create Sync Group and cloud endpoint - Register server and share What is the max quota for vCPU on a subscription and if I have a VM is deallocated, does this count towards my quota? 20 both allocated and deallocated machines count Do free space policies for azure file sync apply to each server individually? No Most restrictive applied How do you configure a report to be sent to individuals for resources consuming more than expected? Configure report in the Cost Management portal JSON or CSV When would you use WaImportV2 over WaImportV1 when using the Azure Import/Export Service? If you need to import into Azure Files v2 is needed. What happens with duplicate files on Azure File sync -servername is appended onto the filename Azure Export Job Steps Create Export Job specify containers Check the number of Drive with WAImportExport Ship empty drives to MS with tracking Update Tracking Receive and unlock with BitLocker keys What App Service Plan supports webjobs? Basic App Plan Which mode in JSON templates for Azure Policy checked the features are supported? Indexed What is the minimum App Service Plan needed to use deployment slots? Standard App Service Plan I have a web app that needs to run for 240 per day what is the best Dev Test plan for me? D1 App Service Plan I have a basic app service plan, can I do cloning? if not what plan is needed? Standard App Service Plan What is the SLA for 2x VMs across 2x Av Zones in same region? 99.99% What is the SLA for 2x VMs across 1 x Av Set? 99.95% What is the SLA for 1x VM across SSD for OS and Data? 99.9% What is the maximum amount of fault domains? 3 What is the maximum update domains? 20 azure Private DNS be linked to multiple VNETS True or False True What command is used to update VPN Gateway with Subnet? A) Set-AzLocalNetworkGateway B) Set-AzNetworkInterface c) Add-AzVirtualNetworkSubnetConfig Set-AzLocalNetworkGateway Which two features are not supported on Azure File Sync Service? Deduplication Scale-out File server (has to be General) What are the 4 steps involved in troubleshooting VPN Issues? Enable Network Watcher Start VPN Logging Check sec assoications Check onpremise VPN external interfaces What DNS