AZ-104 Dumps

AZ-104 Free Practice Test

Microsoft AZ-104: Microsoft Azure Administrator (beta)

QUESTION 31

- (Exam Topic 6)
You have an Azure subscription.
You deploy a virtual machine scale set that is configured as shown in the following exhibit.
AZ-104 dumps exhibit
Use the drop-down menus to select the answer choice that answers each question based on the information presented in the graphic
NOTE: Each correct selection is worth one point.
AZ-104 dumps exhibit
Solution:
Graphical user interface, text, application, email Description automatically generated
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-autoscale-portal

Does this meet the goal?

Correct Answer: A

QUESTION 32

- (Exam Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure Active Directory (Azure AD) tenant named Adatum and an Azure Subscription named Subscription1. Adatum contains a group named Developers. Subscription1 contains a resource group named Dev.
You need to provide the Developers group with the ability to create Azure logic apps in the Dev resource group.
Solution: On Subscription1, you assign the Logic App Operator role to the Developers group. Does this meet the goal?

Correct Answer: B
The Logic App Operator role only lets you read, enable and disable logic app. With it you can view the logic app and run history, and enable/disable. Cannot edit or update the definition.
You would need the Logic App Contributor role. References:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app

QUESTION 33

- (Exam Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription named Subscription1. Subscription1 contains a resource group named RG1. RG1 contains resources that were deployed by using templates.
You need to view the date and time when the resources were created in RG1. Solution: From the RG1 blade, you click Automation script.
Does this meet the goal?

Correct Answer: B
From the RG1 blade, click Deployments. You see a history of deployment for the resource group. Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-tutorial-create-first-template Through activity logs, you can determine:
§ what operations were taken on the resources in your subscription
§ who started the operation
§ when the operation occurred
§ the status of the operation
§ the values of other properties that might help you research the operation
* 1. On the Azure portal menu, select Monitor, or search for and select Monitor from any page
* 2. Select Activity Log.
* 3. You see a summary of recent operations. A default set of filters is applied to the operations. Notice the
information on the summary includes who started the action and when it happened. Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/view-activity-logs

QUESTION 34

- (Exam Topic 4)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a computer named Computer1 that has a point-to-site VPN connection to an Azure virtual network named VNet1. The point-to-site connection uses a self-signed certificate.
From Azure, you download and install the VPN client configuration package on a computer named Computer2.
You need to ensure that you can establish a point-to-site VPN connection to VNet1 from Computer2. Solution: You modify the Azure Active Directory (Azure AD) authentication policies.
Does this meet this goal?

Correct Answer: B
Instead export the client certificate from Computer1 and install the certificate on Computer2. Note:
Each client computer that connects to a VNet using Point-to-Site must have a client certificate installed. You generate a client certificate from the self-signed root certificate, and then export and install the client certificate. If the client certificate is not installed, authentication fails.
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site

QUESTION 35

- (Exam Topic 5)
You have an Azure subscription named Subscription1 that contains an Azure virtual network named VNet1. VNet1 connects to your on-premises network by using Azure ExpressRoute.
You need to connect VNet1 to the on-premises network by using a site-to-site VPN. The solution must minimize cost.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

Correct Answer: ABE
Create a Connection: You need to link the ExpressRoute gateway to the ExpressRoute circuit. After this step has been completed, the connection between your on-premises network and Azure through ExpressRoute will be established. Hence this is correct option.
Create a local site VPN gateway : This will allow you to provide the local gateway settings, for example public IP and the on-premises address space, so that the Azure VPN gateway can connect to it. Hence this is correct option.
Create a VPN gateway that uses the VpnGw1 SKU : The GatewaySku is only supported foVr pnGw1,
VpnGw2, VpnGw3, Standard, and HighPerformance
VPN gateways. ExpressRoute-VPN Gateway coexist
configurations are not supported on the Basic SKU. The VpnType must be RouteBased. Hence this is correct option.
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-coexist-resource-manager https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-linkvnet-arm