Exam Logo

Microsoft (AZ-104) Exam Questions And Answers page 78

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an app named App1 that is installed on two Azure virtual machines named VM1 and VM2. Connections to App1 are managed by using an Azure Load Balancer.

The effective network security configurations for VM2 are shown in the following exhibit.


You discover that connections to App1 from 131.107.100.50 over TCP port 443 fail.

You verify that the Load Balancer rules are configured correctly.

You need to ensure that connections to App1 can be established successfully from 131.107.100.50 over TCP port 443.

Solution: You delete the BlockAllOther443 inbound security rule.

Does this meet the goal?
Configure and manage virtual networks in Azure
You have an Azure subscription that contains an Azure Storage account named storage1 and the users shown in the following table.


You plan to monitor storage1 and to configure email notifications for the signals shown in the following table.


You need to identify the minimum number of alert rules and action groups required for the planned monitoring.

How many alert rules and action groups should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Implement and manage storage in Azure Monitor and back up Azure resources
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table:


User3 is the owner of Group1.

Group2 is a member of Group1.

You configure an access review named Review1 as shown in the following exhibit:


For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Monitor and back up Azure resources Manage identities and governance in Azure
You have a sync group named Sync1 that has a cloud endpoint. The cloud endpoint includes a file named File1.txt.

Your on-premises network contains servers that run Windows Server 2016. The servers are configured as shown in the following table.


You add Share1 as an endpoint for Sync1. One hour later, you add Share2 as an endpoint for Sync1.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Implement and manage storage Implement and manage storage in Azure
You have an Azure subscription named Sub1.

You plan to deploy a multi-tiered application that will contain the tiers shown in the following table.


You need to recommend a networking solution to meet the following requirements:

• Ensure that communication between the web servers and the business logic tier spreads equally across the virtual machines.
• Protect the web servers from SQL injection attacks.

Which Azure resource should you recommend for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Manage identities and governance in Azure Configure and manage virtual networks in Azure
You have an on-premises network that you plan to connect to Azure by using a site-so-site VPN.

In Azure, you have an Azure virtual network named VNet1 that uses an address space of 10.0.0.0/16 VNet1 contains a subnet named Subnet1 that uses an address space of 10.0.0.0/24.

You need to create a site-to-site VPN to Azure.

Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

NOTE: More than one order of answer choice is correct. You will receive credit for any of the correct orders you select.

Manage identities and governance in Azure Configure and manage virtual networks in Azure
You have an Azure subscription that contains the resources shown in the following table.


VMSS1 is set to VM (virtual machines) orchestration mode.

You need to deploy a new Azure virtual machine named VM1, and then add VM1 to VMSS1.

Which resource group and location should you use to deploy VM1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Deploy and manage virtual machines (VMs) in Azure Configure and manage virtual networks in Azure
You sign up for Azure Active Directory (Azure AD) Premium P2.

You need to add a user named [email protected] as an administrator on all the computers that will be joined to the Azure AD domain.

What should you configure in Azure AD?
Manage identities and governance in Azure
You have the App Service plan shown in the following exhibit.


The scale-in settings for the App Service plan are configured as shown in the following exhibit.


The scale out rule is configured with the same duration and cool down tile as the scale in rule.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a computer named Computer1 that has a point-to-site VPN connection to an Azure virtual network named VNet1. The point-to-site connection uses a self-signed certificate.

From Azure, you download and install the VPN client configuration package on a computer named Computer2.

You need to ensure that you can establish a point-to-site VPN connection to VNet1 from Computer2.

Solution: You export the client certificate from Computer1 and install the certificate on Computer2.

Does this meet the goal?
Configure and manage virtual networks in Azure