Welcome to the AZ-104 Official Practice Test – Part 7.
In this part, I have given my detailed explanations of the 10 official questions from Microsoft. Unlike on the Microsoft website, the explanations include screenshots to help you prepare for the AZ-104 exam.
That said, these tests are very simple, and they should only be used to brush up on the basics. The real exam would rarely be this easy. To get more rigorous practice and even in-depth knowledge, check out my AZ-104 practice tests.
Once done, check out the AZ-104 questions Part 8 and an accompanying YouTube video to be published soon.
Q61] You need to create an Azure Storage account that meets the following requirements:
1] Stores data in multiple Azure regions
2] Supports reading the data from primary and secondary regions
Which type of storage redundancy should you use?
a. Geo-redundant storage (GRS)
b. Locally-redundant storage (LRS)
c. Read-access geo-redundant storage (RA-GRS)
d. Zone-redundant storage (ZRS)
LRS replicates data within a single data center only in the primary region. Option B is incorrect.
Reference Link: https://learn.microsoft.com/en-us/azure/storage/common/storage-redundancy#locally-redundant-storage
ZRS replicates your storage account across three availability zones within the primary region only. Option D is incorrect.
Reference Link: https://learn.microsoft.com/en-us/azure/storage/common/storage-redundancy#zone-redundant-storage
Although GRS replicates your data to a secondary region, it doesn’t support reading the data from the secondary region. Option A is incorrect.
Reference Link: https://learn.microsoft.com/en-us/azure/storage/common/storage-redundancy#geo-redundant-storage
If you need to read data from the secondary region too, use the RA-GRS or the RA-GZRS configuration.
Option C is the correct answer.
Reference Link: https://learn.microsoft.com/en-us/azure/storage/common/storage-redundancy#read-access-to-data-in-the-secondary-region
Q62] You have an Azure Storage account named corpimages and an on-premises shared folder named \\server1\images
.
You need to migrate all the contents from \\server1\images
to corpimages
.
Which two commands can you use? Each correct answer presents a complete solution.
a. Azcopy copy \\server1\images https://corpimages.blob.core.windows.net/public -recursive
b. Azcopy sync \\server1\images https://corpimages.blob.core.windows.net/public -recursive
c. Get-ChildItem -Path \\server1\images -Recurse | Set-AzStorageBlobContent -Container " corpimages"
d. Set-AzStorageBlobContent -Container "ContosoUpload" -File "\\server1\images" -Blob " corporateimages "
With the azcopy copy
command, you can copy files from the source to the destination. The recursive
parameter traverses the subdirectories recursively while uploading from the shared folder.
Reference Link: https://learn.microsoft.com/en-us/azure/storage/common/storage-ref-azcopy-copy#advanced
Option A is one of the correct answers.
The Get-ChildItem
PowerShell command gets the items and child items from the on-premises shared folder. Similarly, the Recurse
parameter gets items in all child containers.
Reference Link: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-childitem#description
The pipeline operator passes the output of the Get-ChildItem
command to the Set-AzStorageBlobContent
command, which uploads the files to the Azure Storage blob.
Reference Link: https://learn.microsoft.com/en-us/powershell/module/az.storage/set-azstorageblobcontent#example-2-upload-all-files-under-the-current-folder
Option C is the other correct answer.
You can argue that using the azcopy sync
command is correct too as it replicates the source to the destination.
By default, the azcopy sync
works based on the last modified time. For example, sync skips a file if the last modified time in the destination is more recent. In the given scenario, we just need to migrate the content from source to destination, so a simple azcopy copy
command is sufficient.
Although I wouldn’t say it is completely incorrect, per Microsoft, option B is incorrect.
Reference Link:https://learn.microsoft.com/en-us/azure/storage/common/storage-ref-azcopy-sync#advanced
Q63] You have two premium block blob Azure Storage accounts named storage1 and storage2.
You need to configure object replication from storage1 to storage2. Which three features should be enabled before configuring object replication? Each correct answer presents part of the solution.
a. Blob versioning for storage1
b. Blob versioning for storage2
c. Change feed for storage1
d. Change feed for storage2
e. Point-in-time restore for the containers on storage1
f. Point-in-time restore for the containers on storage2
Object replication requires that blob versioning is enabled for both the source and the destination storage accounts, and blob change feed is enabled for the source storage account. When you create a replication rule, these features are automatically enabled.
Reference Link: https://learn.microsoft.com/en-us/azure/storage/blobs/object-replication-configure?tabs=portal#prerequisites
Q64] You have an Azure Storage account that contains a file share.
Several users work from a secure location that limits outbound traffic to the internet.
You need to ensure that the users at the secure location can access the file share in Azure by using the SMB protocol. Which outbound port should you allow from the secure location?
a. 80
b. 443
c. 445
d. 5671
To access Azure file share using the SMB protocol, allow port 445.
Q65] You have an Azure subscription.
You plan to create a storage account named storage1.
You need to ensure that storage1 provides POSIX-compliant access control lists (ACLs).
Which option should you configure when creating storage1?
a. Access tier
b. Hierarchical namespace
c. SFTP
d. Version-level immutable support
POSIX-like access control lists (ACLs) are enabled for a storage account if the hierarchical namespace feature is enabled. Option B is the correct answer.
Reference Link: https://learn.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-access-control#do-i-have-to-enable-support-for-acls
The remaining options are valid for a storage account but do not provide the POSIX-compliant feature.
Q66] Your company has a set of resources deployed to an Azure subscription. The resources are deployed to a resource group named app-grp1 by using Azure Resource Manager (ARM) templates.
You need to verify the date and the time that the resources in app-grp1 were created. Which blade should you review for app-grp1 in the Azure portal?
a. Deployments
b. Diagnostics setting
c. Metrics
d. Policy
On the Deployments blade for the resource group, all details related to a deployment, such as the name, status, date last modified, are displayed.
Option A is the correct answer.
The Diagnostics settings blade provides the ability to configure streaming export of platform logs and metrics to destinations like log analytics workspace, storage account, etc.,
Option B is incorrect.
The Metrics blade provides metrics information like latency and traffic to users.
Option C is incorrect.
The Policies blade provides information related to the policies enforced on the resource group and their compliance details.
Option D is incorrect.
Q67] Your company plans to host an application on four Azure virtual machines.
You need to ensure that at least two virtual machines are available if a single Azure datacenter fails.
Which availability option should you select for the virtual machine?
a. An availability set
b. An availability zone
c. Scale sets
An availability zone can contain one or more data centers in an Azure region.
If you use availability zones, you can place the VMs in a round-robin way by deploying the first VM in availability zone 1, the second VM in zone 2, the third VM in zone 3, and the fourth VM in zone 4. In this scenario, even if the data center that has 2 VMs fails, the other two VMs in the other availability zones/data centers will be up and running.
Reference Link: https://learn.microsoft.com/en-us/azure/reliability/availability-zones-overview
Option B is the correct answer.
In an availability set, you place the VMs in different fault domains and update domains in the same data center. So, availability sets cannot protect you if the data center fails.
Reference Link: https://learn.microsoft.com/en-us/azure/virtual-machines/availability-set-overview#what-is-an-availability-set
Option A is incorrect.
Virtual machine scale sets can also use availability zones to automatically distribute VM instances in a scale set across zones to protect them from data center failures.
Reference Link: https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-use-availability-zones
Option C is correct too. However, the correct answer given by Microsoft is only option B.
Q68] You have an Azure virtual machine.
You receive a notification that the virtual machine is going to be affected by an underlying maintenance activity on the physical infrastructure.
You need to move the virtual machine to a different host to avoid a service interruption.
What should you do?
a. Apply an Azure policy.
b. Apply an Azure tag.
c. Move the virtual machine to another Azure subscription.
d. Redeploy the virtual machine.
When you redeploy a VM, Azure will shut down the VM, move the VM to a different node and then power it back on retaining all your configurations and associated resources. This is the best way to move the existing VM to a different node to avoid a service interruption.
Reference Link: https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/windows/redeploy-to-new-node-windows
Option D is the correct answer.
Well, moving the VM to a different Azure subscription is a drastic change as the VM may need other resources in the current subscription. When you can just redeploy and move the VM to another node, moving the VM to another subscription is the least preferred option.
Option C is incorrect.
Applying an Azure policy and Azure tags cannot prevent the maintenance activity. Options A and B are incorrect.
Q69] You plan to deploy an Azure virtual machine.
You are evaluating whether to use an Azure Spot instance.
Which two factors can cause an Azure Spot instance to be evicted? Each correct answer presents a complete solution.
a. The average CPU usage of the instance
b. The Azure capacity needs
c. The current price of the instance
d. The time of day
Azure spot instance help take advantage of the unused capacity, enabling you to save costs significantly. The catch is that whenever Azure needs the capacity back, Azure will evict your spot VMs. The eviction type can be based on capacity or price or capacity.
If you choose only capacity, the VMs will be evicted when Azure needs the capacity back. When you choose price or capacity, the VMs will be evicted either when Azure needs the capacity back or when the costs exceed the maximum price that you pay for the spot instance.
So, options B and C are the correct answer choices.
Reference Link: https://learn.microsoft.com/en-us/azure/virtual-machines/spot-vms#eviction-policy
Q70] You have an Azure subscription that contains an Azure container app named cont1.
You plan to add scaling rules to cont1.
You need to ensure that cont1 replicas are created based on received messages in Azure Service Bus. Which scale trigger should you use?
a. CPU usage
b. Event-driven
c. HTTP traffic
d. Memory usage
Scaling for Azure Container Apps is driven by three categories of triggers.
- HTTP
- TCP
- Even-driven sources such as messages received in Azure Service Bus.
Option B is the correct answer.
Reference Link: https://learn.microsoft.com/en-us/azure/container-apps/scale-app?pivots=azure-portal#scale-rules
Check out my AZ-104 practice tests (with discount code).
Follow Me to Receive Updates on the AZ-104 Exam
Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.