AZ-104 Practice test with complete solutions 100% Correct Answers 2023 (A+ Guarantee)

You need to determine the impact of using this storage class when configuring persistent volumes. For each of the following statements, select Yes if the statement is true. Otherwise, select No Statement: 1- Managed disks use Azure Premium storage. 2- When the pod claiming a disk is deleted, the underlying Azure Disk is maintained. 3-A configured Managed Disk can be shared by multiple pods. - ANSWER Answer: 1- No. 2-Yes. 3-No. Explanation: 1- No. Managed disks configured using this storage group use Standard storage rather than Premium storage. This is specified by the storageaccounttype parameter. For Premium storage, this line would read: storageaccounttype: Premium LRS 2- Yes. When the pod claiming a disk is deleted, the underlying Azure Disk is maintained, retaining its data, and it can be reused. This is because the reclaimPolicy is specified as Retain. 3- No. A configured Managed Disk cannot be shared by multiple pods. Azure Disk storage cannot be shared between multiple pods or nodes. You must use Azure Files to support shared data access instead. Q9. You administer an Azure environment at Company1. You are requested to restrict access for the administrator Admin1 to a portion of Azure Active Directory (Azure AD). You create the administrative unit AdminUnit1 and configure it as shown in the exhibits Administrative unit users, Administrative unit groups, and Administrative unit admin. The configuration of the security group Group1 is shown in the exhibit Security group. You need to identify the Azure AD objects that can be administered by Admin1. Which Azure AD objects should you identify? Exhibit: User Administrator "Admin1" is assigned to be responsible for the scope Administrative unit "AdminUnit1". Security Group "Group1" has 3 direct members: User1, User2, User3 Administrative unit "AdminUnit1" has user User1, User2 added directly. Administrative unit "AdminUnit1" has group Group1 added directly. A-User 1, and User2 only B-User 1, User2, and Group1 only C-Group1 only D-User 1, User2, and User3 only - ANSWER Answer: B Explanation: Admin1 can administer User1, User2, and Group1 only. With Azure administrative units, you can restrict access to any portion of Azure AD. In this way, it is possible to restrict Admin1's administrative access to the user and group objects that Admin1 is responsible for. Administrative units can only contain users and groups. Adding a security group to an administrative unit does not allow the administrative unit administrator to manage properties for individual members of that group. To allow the administrative unit administrator to manage individual members of the group, each group member must be added directly as a user to the administrative unit. In this scenario, Group1 and its members User1 and User2 are added directly to AdminUnit1. Therefore, only these Azure AD objects can be administered by Admin1. Admin1 cannot administer User1, User2, and User3 only. Although Admin1 can modify properties of User1 and User2, User3 is out of the administrative scope of AdminUnit1 and, as such, out of the administrative scope of Admin1. To allow Admin1 to modify User3, this user must be added directly as a user of the AdminUnit1. Admin1 cannot administer Group1 only. Although properties of Group1 can be modified by Admin1, it is not the only Azure AD object that can be modified by Admin1 in this scenario. Admin1 cannot administer User1 and User2 only. Although the properties of User1 and User2 can be modified by Admin1, they are not the only Azure AD objects that can be modified by Admin1 in this scenario. Q10. You need to create an Azure Availability Set in Central US named AS1. You are planning to deploy eight virtual machines (VMs) to AS1 to run an IIS web application. You need to configure AS1. You have the following requirements: • During planned maintenance of the VM hosts, at least six VMs must be available at all time. The VMs must be restarted in groups of two. • The VMS must be physically separated from each other as much as possible. How should you configure the Availability Set? To answer, select the appropriate options from the drop-down menus. Fault domains: ? Update domains: ? - ANSWER Answer: Fault domains: 3, Update domains: 4 Explanation: You should set fault domains to 3. This is the maximum number of fault domains in the Central US region. VMs in the same fault domain share hardware like power sources and physical network switches. VMs in a different fault domain are physically separated. By setting the fault domains to the maximum value, the VMS are physically separated as much as possible. You should set update domains to 4. The VMs will be divided among these four update domains, so each update domain will contain two VMs. Azure performs planned maintenance of the hypervisors for one update domain at a time. In this case, two VMs will be restarted at the same time. Q11. Your company plans to release a new web application. This application is deployed by using an App Service in Azure and will be available to users of the domain. You have already purchased the domain name. You configure the Azure DNS zone and delegate it to Azure DNS. You need to ensure that web application can be accessed by using the domain name. You decide to use PowerShell to accomplish this task. How should you complete the command? To answer, select the appropriate options from the drop-down menus. New-AzDnsRecordSet -Name (1) -RecordType (2) ` -ZoneName "" -ResourceGroupName "APP-RG" -Ttl 600 ` -DnsRecords (New-AzDnsRecordConfig -IPv4Address "<IP address>") New-AzDnsRecordSet -ZoneName -ResourceGroupName APP-RG ` -Name (3) -RecordType (4) -Ttl 600 ` -DnsRecords (New-AzDnsRecordConfig -Value "") Choose the correct options: (1) A-"", B-"", C-"@" (2) A-"A", B-"AAAA", C-"CNAME", D-"TXT" (3) A-"", B-"", C-"@" (4) A-"A", B-"AAAA", C-"CNAME", D-"TXT" - ANSWER Answer: (1) C-"@" (2) A-"A" (3) C-"@" (4) D-"TXT" Explanation: You need to create an A record that points to the IP address of the App Service that hosts the web application. Because you need your application to be accessed by using the domain name, you need to use the special name that represents the root of the domain. You need to use an A record type because the public IP address of the App Service is an IPv4 address. You need to create an additional TXT record that points to . This record is needed by the App Service to verify the custom domain name for the App Service. Because you want your application to be accessed by the domain name, you need to use the special name that represents the root of the domain. You should not use "", "" or "" values for the Name parameter. You need to configure a DNS record for the root of the domain. If you use any of these values, you will get a DNS record similar to . You should not use an AAAA record type. This record type is used for IPv6 addresses. You need to create a record for an IPv4 address. You should not use a CNAME record type. In the first step, you used an IPv4 address. CNAME cannot contain an IPv4 address as the value for the DNS record. This record type only allows fully qualified domain names. Also, you need to create a DNS record to verify the App Service custom domain. You are required to use a TXT record for this verification, not a CNAME. Q12. Your company has an Azure subscription with one virtual network (VNet) named VNet1. Vnet1 includes the subnets and virtual machines (VMS) shown in the Subnets exhibit. You create and associate the network security groups (NSGs) shown in the Security Groups exhibit. You need to determine how the security rules in the NSGs are processed. For each of the following statements, select Yes if the statement is true. Otherwise, select No. Exhibit: Subnet - Connected virtual machines: Subnet1 - VM1, VM2, VM3