Microsoft Azure Administrator (AZ-104)
Questions and Accurate Detailed
Answers
Container Instances - Answer: Easily run containers on Azure without managing servers. Containers
must be deployed in Container Groups.
Azure Spot VMs - Answer: Allows customers to take advantage of unused Azure capacity at a
significant discount. At any point in time when Azure needs the capacity back, the Azure
infrastructure will evict the VM.
Azure Cloud Shell - Answer: - A browser-based scripting environment for command-line
administration of Azure resources. It provides support for two shell environments and flexibility by
allowing you to choose your preferred shell experience. Linux users can opt for a Bash experience,
while Windows users can use PowerShell.
- Is temporary and requires a new or existing Azure Files share to be mounted.
- Offers an integrated graphical text editor based on the open-source Monaco Editor.
- Authenticates automatically for instant access to your resources. Runs on a temporary host
provided on a per-session, per-user basis. Is assigned to one machine per user account. Times out
after 20 minutes without interactive activity. Permissions are set as a regular Linux user in Bash.
- Requires a resource group, storage account, and Azure File share. Uses the same Azure file share
for both Bash and PowerShell. Persists $HOME using a 5-GB image held in your file share.
Has a suite of:
- Developer Tools (.NET Core, Python, Java, Node.js, Go)
- Editors (code (Cloud Shell Editor), vim, nano, emacs)
- Other tools (git, maven, make, npm, etc.)
Azure PowerShell - Answer: a module that you add to Windows PowerShell or PowerShell Core that
enables you to connect to your Azure subscription and manage resources.
Requires Windows PowerShell to function. PowerShell provides services such as the shell window
and command parsing while also adding the Azure-specific commands. For example, the New-
AzureRmVM command creates a virtual machine for you inside your Azure subscription.
,-Az module - Answer: A newer replacement for -AzureRM module, this is the formal name for the
Azure PowerShell module containing cmdlets to work with Azure features. It contains hundreds of
cmdlets that let you control nearly every aspect of every Azure resource. You can work with the
following features, and more:
- Resource groups
- Storage
- VMs
- Azure AD
- Containers
- Machine learning
This module is an open-source component available on GitHub.
Azure CLI - Answer: A cross platform command-line program to connect to Azure and execute
administrative commands on Azure resources. It runs on Linux, macOS, and Windows, and allows
administrators and developers to execute their commands through a terminal, command-line
prompt, or script instead of a web browser. Can be used interactively or through scripts
Interactive - Answer: First, for Windows operating systems, launch a shell such as cmd.exe, or for
Linux or macOS, use Bash. Then issue the command at the shell prompt.
Scripted - Answer: Assemble the Azure CLI commands into a shell script using the script syntax of
your chosen shell. Then execute the script.
az find - Answer: will help you locate the commands that you need in order to execute a task
The --help argument - Answer: will get you more detailed information on the command, and for a
command group, with a list of the available subcommands.
CLI groups and subgroups - Answer: Each group represents a service provided by Azure, and the
subgroups divide commands for these services into logical groupings. For example, the storage
group contains subgroups including account, blob, share, and queue
Your company is building a video-editing application that will offer online storage for user-generated
video content. The videos will be stored in Azure Blobs. An Azure storage account will contain the
blobs. It is unlikely the storage account would ever need to be removed and recreated because this
would delete all the user videos. Which tool is likely to offer the quickest and easiest way to create
,the storage account? - Answer: Azure portal. The portal is a good choice for one-off operations like
creating a long-lived storage account
Another Administrator is managing Azure locally using PowerShell. They have launched PowerShell
as an Administrator. Which of the following commands should be executed first? - Answer:
Connect-AzAccount. The first thing to do is to connect to Azure and provide the user credentials to
log in.
Azure PowerShell and Azure Command-Line Interface (CLI) - Answer: for command line and
automation-based interactions with Azure
Azure Marketplace - Answer: A service on Azure that helps connect end users with Microsoft
partners, independent software vendors (ISVs), and start-ups that are offering their solutions and
services, which are optimized to run on Azure. Allows customers—mostly IT professionals and cloud
developers—to find, try, purchase, and provision applications and services from hundreds of leading
service providers, all certified to run on Azure.
Bell icon - Answer: displays the Notifications pane
Help + Support option - Answer: Opens the main help and support area for the Azure portal and
includes documentation options for a variety of common questions. One of the hidden areas here is
the "new support request" link, which is on this page. This link is how you can open a support ticket
with the Azure team. If a company needs the list of planned maintenance events that can affect the
availability of an Azure subscription, then they can navigate to this page as well.
Azure Advisor - Answer: A free service built into Azure that provides recommendations on high
availability, security, performance, operational excellence, and cost. It analyzes your deployed
services and looks for ways to improve your environment across those areas. You can view
recommendations in the portal or download them in PDF or CSV format.
With this feature, you can:
- Get proactive, actionable, and personalized best practices recommendations.
- Improve the performance, security, and high availability of your resources as you identify
opportunities to reduce your overall Azure costs.
- Get recommendations with proposed actions inline
, Dashboards - Answer: A customizable collection of UI tiles displayed in the Azure portal. You add,
remove, and position tiles to create the exact view you want, and then save that view. Multiple
views are supported, and you can switch between them as needed. You can even share your
configurations with other team members. For example, you can create dashboards for specific roles
within the organization, and then use role-based access control (RBAC) to control who can access
that dashboard. Hence, your database administrator would have a dashboard that contains views of
the SQL database service, whereas your Azure Active Directory administrator would have views of
the users and groups within Azure AD. You can even customize the portal between your production
and development environments within the portal - creating a specific dashboard for each
environment you are managing
Stored as JavaScript Object Notation (JSON) files. This format means they can be uploaded and
downloaded to other computers or shared with members of the Azure directory. Azure stores
dashboards within resource groups, just like virtual machines or storage accounts that you can
manage within the portal. You can also customize them programmatically, making them compelling
administrative tools. Some tile types can be query-based, so they update automatically when the
source data changes. - Answer: Dashboards
Azure Active Directory (Azure AD) - Answer: A cloud-based suite of identity management capabilities
that enables you to securely manage access to Azure services and resources for your users. Provides
application management, authentication, built-in federations, device management and hybrid
identity management. User authorization is always done here.
Speaks "cloud" in the following ways:
- SAML
- WS-Fed
- OAUTH2
- OpenID Connect (OIDC)
- System for Cross-Domain Identity Management (SCIM)
- NOT Kerberos, NTLM or LDAP
Identity (Azure AD) - Answer: An object that can be authenticated
Azure AD Account - Answer: An identity created through Azure AD or another Microsoft cloud
services and has data associated with it
Questions and Accurate Detailed
Answers
Container Instances - Answer: Easily run containers on Azure without managing servers. Containers
must be deployed in Container Groups.
Azure Spot VMs - Answer: Allows customers to take advantage of unused Azure capacity at a
significant discount. At any point in time when Azure needs the capacity back, the Azure
infrastructure will evict the VM.
Azure Cloud Shell - Answer: - A browser-based scripting environment for command-line
administration of Azure resources. It provides support for two shell environments and flexibility by
allowing you to choose your preferred shell experience. Linux users can opt for a Bash experience,
while Windows users can use PowerShell.
- Is temporary and requires a new or existing Azure Files share to be mounted.
- Offers an integrated graphical text editor based on the open-source Monaco Editor.
- Authenticates automatically for instant access to your resources. Runs on a temporary host
provided on a per-session, per-user basis. Is assigned to one machine per user account. Times out
after 20 minutes without interactive activity. Permissions are set as a regular Linux user in Bash.
- Requires a resource group, storage account, and Azure File share. Uses the same Azure file share
for both Bash and PowerShell. Persists $HOME using a 5-GB image held in your file share.
Has a suite of:
- Developer Tools (.NET Core, Python, Java, Node.js, Go)
- Editors (code (Cloud Shell Editor), vim, nano, emacs)
- Other tools (git, maven, make, npm, etc.)
Azure PowerShell - Answer: a module that you add to Windows PowerShell or PowerShell Core that
enables you to connect to your Azure subscription and manage resources.
Requires Windows PowerShell to function. PowerShell provides services such as the shell window
and command parsing while also adding the Azure-specific commands. For example, the New-
AzureRmVM command creates a virtual machine for you inside your Azure subscription.
,-Az module - Answer: A newer replacement for -AzureRM module, this is the formal name for the
Azure PowerShell module containing cmdlets to work with Azure features. It contains hundreds of
cmdlets that let you control nearly every aspect of every Azure resource. You can work with the
following features, and more:
- Resource groups
- Storage
- VMs
- Azure AD
- Containers
- Machine learning
This module is an open-source component available on GitHub.
Azure CLI - Answer: A cross platform command-line program to connect to Azure and execute
administrative commands on Azure resources. It runs on Linux, macOS, and Windows, and allows
administrators and developers to execute their commands through a terminal, command-line
prompt, or script instead of a web browser. Can be used interactively or through scripts
Interactive - Answer: First, for Windows operating systems, launch a shell such as cmd.exe, or for
Linux or macOS, use Bash. Then issue the command at the shell prompt.
Scripted - Answer: Assemble the Azure CLI commands into a shell script using the script syntax of
your chosen shell. Then execute the script.
az find - Answer: will help you locate the commands that you need in order to execute a task
The --help argument - Answer: will get you more detailed information on the command, and for a
command group, with a list of the available subcommands.
CLI groups and subgroups - Answer: Each group represents a service provided by Azure, and the
subgroups divide commands for these services into logical groupings. For example, the storage
group contains subgroups including account, blob, share, and queue
Your company is building a video-editing application that will offer online storage for user-generated
video content. The videos will be stored in Azure Blobs. An Azure storage account will contain the
blobs. It is unlikely the storage account would ever need to be removed and recreated because this
would delete all the user videos. Which tool is likely to offer the quickest and easiest way to create
,the storage account? - Answer: Azure portal. The portal is a good choice for one-off operations like
creating a long-lived storage account
Another Administrator is managing Azure locally using PowerShell. They have launched PowerShell
as an Administrator. Which of the following commands should be executed first? - Answer:
Connect-AzAccount. The first thing to do is to connect to Azure and provide the user credentials to
log in.
Azure PowerShell and Azure Command-Line Interface (CLI) - Answer: for command line and
automation-based interactions with Azure
Azure Marketplace - Answer: A service on Azure that helps connect end users with Microsoft
partners, independent software vendors (ISVs), and start-ups that are offering their solutions and
services, which are optimized to run on Azure. Allows customers—mostly IT professionals and cloud
developers—to find, try, purchase, and provision applications and services from hundreds of leading
service providers, all certified to run on Azure.
Bell icon - Answer: displays the Notifications pane
Help + Support option - Answer: Opens the main help and support area for the Azure portal and
includes documentation options for a variety of common questions. One of the hidden areas here is
the "new support request" link, which is on this page. This link is how you can open a support ticket
with the Azure team. If a company needs the list of planned maintenance events that can affect the
availability of an Azure subscription, then they can navigate to this page as well.
Azure Advisor - Answer: A free service built into Azure that provides recommendations on high
availability, security, performance, operational excellence, and cost. It analyzes your deployed
services and looks for ways to improve your environment across those areas. You can view
recommendations in the portal or download them in PDF or CSV format.
With this feature, you can:
- Get proactive, actionable, and personalized best practices recommendations.
- Improve the performance, security, and high availability of your resources as you identify
opportunities to reduce your overall Azure costs.
- Get recommendations with proposed actions inline
, Dashboards - Answer: A customizable collection of UI tiles displayed in the Azure portal. You add,
remove, and position tiles to create the exact view you want, and then save that view. Multiple
views are supported, and you can switch between them as needed. You can even share your
configurations with other team members. For example, you can create dashboards for specific roles
within the organization, and then use role-based access control (RBAC) to control who can access
that dashboard. Hence, your database administrator would have a dashboard that contains views of
the SQL database service, whereas your Azure Active Directory administrator would have views of
the users and groups within Azure AD. You can even customize the portal between your production
and development environments within the portal - creating a specific dashboard for each
environment you are managing
Stored as JavaScript Object Notation (JSON) files. This format means they can be uploaded and
downloaded to other computers or shared with members of the Azure directory. Azure stores
dashboards within resource groups, just like virtual machines or storage accounts that you can
manage within the portal. You can also customize them programmatically, making them compelling
administrative tools. Some tile types can be query-based, so they update automatically when the
source data changes. - Answer: Dashboards
Azure Active Directory (Azure AD) - Answer: A cloud-based suite of identity management capabilities
that enables you to securely manage access to Azure services and resources for your users. Provides
application management, authentication, built-in federations, device management and hybrid
identity management. User authorization is always done here.
Speaks "cloud" in the following ways:
- SAML
- WS-Fed
- OAUTH2
- OpenID Connect (OIDC)
- System for Cross-Domain Identity Management (SCIM)
- NOT Kerberos, NTLM or LDAP
Identity (Azure AD) - Answer: An object that can be authenticated
Azure AD Account - Answer: An identity created through Azure AD or another Microsoft cloud
services and has data associated with it
