당신은 온라인 연습 문제를 통해 Microsoft AZ-104 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 AZ-104 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 188개의 시험 문제와 답을 포함하십시오.
/ 13
Question No : 1
You have the Azure virtual machines shown in the following table.
A DNS service is installed on VM1.
You configure the DNS server’s settings for each virtual network as shown in the following exhibit
You need to ensure that all the virtual machines can resolve DNS names by using the DNS service on VM 1.
What should you do?
정답:
Question No : 2
You have two subscriptions named Subscription1 and Subscription2. Each subscription is associated to a different Azure AD tenant.
Subscription1 contains a virtual network named VNet1. VNet1 contains an Azure virtual machine named VM1 and has an IP address space of 10.0.0.0/16.
Subscription2 contains a virtual network named VNet2. VNet2 contains an Azure virtual machine named VM2 and has an IP address space of 10.10.0.0/24. You need to connect VNet1 to VNet2.
What should you do first?
HOTSPOT
You have an Azure subscription that contains the storage accounts shown in the following table.
You need to identify which storage accounts support lifecycle management, and which storage accounts support moving data to the Archive access tier.
What should you identify for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct answer is worth one point.
정답:
Explanation:
1) storage1, storage2, storage3
"Lifecycle management policies are supported for block blobs and append blobs in general-purpose v2, premium block blob, and Blob Storage accounts." https://learn.microsoft.com/en-us/azure/storage/blobs/lifecycle-management-overview
2) storage2
"The archive tier isn't supported for ZRS, GZRS, or RA-GZRS accounts." https://learn.microsoft.com/en-us/azure/storage/blobs/access-tiers-overview#archive-access-tier
Question No : 4
HOTSPOT
You have an Azure Storage account named storage1 that stores images.
You need to create a new storage account and replicate the images in storage1 to the new account by using object replication.
How should you configure the new account? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
정답:
Question No : 5
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an app named App1 that is installed on two Azure virtual machines named VM1 and VM2.
Connections to Appl are managed by using an Azure Load Balancer.
The effective network security configurations for VM2 are shown in the following exhibit.
You discover that connections 10 Appl from 131.107.100.50 over TCP port 443 fail.
You verity that the Load Balancer rules are configured correctly.
You need to ensure that connections to Appl can be established successfully from 131.107.100.50 over TCP port 443.
Solution: You create an inbound security rule that allows any traffic from the Azureload Balancer
source and has a priority of 150.
Does this meet the goal?
정답:
Question No : 6
You have a Recovery Services vault named RSV1. RSV1 has a backup policy that retains instant snapshots for five days and daily backup for 14 days.
RSV1 performs daily backups of VM1. VM1 hosts a static website that was updated eight days ago.
You need to recover VM1 to a point eight days ago. The solution must minimize downtime.
What should you do first?
정답: Explanation:
https://learn.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms#restore-options
To recover VM1 to a point eight days ago, you need to use the Azure Backup service to restore the VM from a recovery point. A recovery point is a snapshot of the VM data at a specific point in time. Azure Backup creates recovery points according to the backup policy that you configure for the Recovery Services vault1.
In this case, the Recovery Services vault named RSV1 has a backup policy that retains instant snapshots for five days and daily backup for 14 days. This means that you can restore the VM from any point in the last 14 days, as long as there is a recovery point available. Since you need to recover VM1 to a point eight days ago, you can use the daily backup recovery point that was created on that day2.
To restore the VM from a recovery point, you have two options: Replace existing or Create new. The Replace existing option overwrites the existing VM with the restored data, while the Create new option creates a new VM with the restored data. The Replace existing option requires you to deallocate or delete the existing VM before restoring it, which can cause downtime and data loss. The Create new option allows you to restore the VM without affecting the existing VM, which minimizes downtime and data loss3.
Therefore, the best option is to restore VM1 by using the Create new restore configuration option. This will create a new VM with the same name as VM1 and append a suffix to it, such as -Restored. You can then verify that the new VM has the correct data and configuration, and switch over to it when you are ready. You can also delete the original VM if you don’t need it anymore3.
Question No : 7
You have an Azure Storage account named storage1.
You need to enable a user named User1 to list and regenerate storage account keys for storage1.
Solution: You assign the Storage Account Key Operator Service Role to User1.
Does this meet the goal?
정답:
Question No : 8
You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARMIjson.
You receive a notification that VM1 will be affected by maintenance.
You need to move VM1 to a different host immediately.
Solution: From the VM1 Redeploy + reapply blade, you select Redeploy.
Does this meet the goal?
정답:
Question No : 9
You have an Azure App Services web app named App1.
You plan to deploy App1 by using Web Deploy.
You need to ensure that the developers of App1 can use their Azure Active Directory (Azure AD) credentials to deploy content to App1. The solution must use the principle of least privilege.
What should you do?
정답: Explanation:
"To secure app deployment from a local computer, Azure App Service supports two types of credentials for local Git deployment and FTP/S deployment. These credentials are not the same as your Azure subscription credentials." https://learn.microsoft.com/en-us/azure/app-service/deploy-configure-credentials?tabs=cli
Question No : 10
You have an Azure virtual machine named VM1.
You use Azure Backup to create a backup of VM1 named Backup 1.
After creating Backup1, you perform the following changes to VM1:
Modify the size of VM 1.
- Copy a file named Budget.xls to a folder named Data.
- Reset the password for the built-in administrator account.
- Add a data disk to VM 1.
An administrator uses the Replace existing option to restore VM1 from Backup 1.
You need to ensure that all the changes to VM1 are restored.
Which change should you perform again?
정답: Explanation:
The scenario mentioned in the question, we are using the replace option. So in this case we would lose the existing data written to the disk after the backup was taken. The file was copied to the disk after the backup was taken. Hence, we would need to copy the file once again.
Reference: https://docs.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms#replace-existing-disks
Question No : 11
You have an Azure subscription that contains eight virtual machines and the resources shown in the following table.
You need to configure access for VNEI1.
The solution must meet the following requirements:
• The virtual machines connected to VNET1 must be able to communicate with the virtual machines connected to VNET2 by using the Microsoft backbone.
• The virtual machines connected to VNETl must be able to access storage1. Storage2, and Microsoft Entra ID by using the Microsoft backbone.
What is the minimum number of service endpoints you should add to VNET1?
정답:
Question No : 12
HOTSPOT
You have an Azure subscription that contains a virtual machine named VM1.
To VM1, you plan to add a 1-TB data disk that meets the following requirements:
• Provides data resiliency in the event of a datacenter outage.
• Provides the lowest latency and the highest performance.
• Ensures that no data loss occurs if a host fails.
You need to recommend which type of storage and host caching to configure for the new data disk.
정답:
Explanation:
Storage Type: Premium SSD that uses zone-redundant storage (ZRS)
Host Caching: Read-only
The reasons for this recommendation are:
Premium SSD disks provide the lowest latency and the highest performance among the available disk types12.
Zone-redundant storage (ZRS) provides data resiliency in the event of a datacenter outage by replicating the data across three availability zones in the same region12.
Read-only host caching can improve the read performance of the disk by using the VM’s RAM and local SSD as a cache13. This can also reduce the impact of a host failure on the disk data, as the cached data is not lost4.
Read/write host caching is not recommended for Premium SSD disks, as it can introduce additional latency and reduce the durability guarantees of the disk13.
Question No : 13
You have an Azure subscription that has a Recovery Services vault named Vault 1.
The subscription contains the virtual machines shown in the following table.
You plan to schedule backups to occur every night at 23:00.
Which virtual machines can you back up by using Azure Backup?
정답:
Question No : 14
You have an Azure subscription.
You need to receive an email alert when a resource lock is removed from any resource in the subscription What should you use to create an activity log alert in Azure Monitor?
정답:
Question No : 15
HOTSPOT
You have an Azure subscription that contains the hierarchy shown in the following exhibit.
You create an Azure Policy definition named Policy1.
To which Azure resources can you assign Policy and which Azure resources can you specify as exclusions from Policy1? To answer, select the appropriate options in the answer NOTE Each correct selection is worth one point.
