Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Microsoft AZ-104

Microsoft AZ-104 Exam Practice Questions (P. 1)

  • Full Access (1153 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #1
Your company has serval departments. Each department has a number of virtual machines (VMs).
The company has an Azure subscription that contains a resource group named RG1.
All VMs are located in RG1.
You want to associate each VM with its respective department.
What should you do?
  1. A
    Create Azure Management Groups for each department.
  2. B
    Create a resource group for each department.
  3. C
    Assign tags to the virtual machines.
  4. D
    Modify the settings of the virtual machines.

Correct Answer:
C
Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-using-tags

Question #2
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) subscription.
You want to implement an Azure AD conditional access policy.
The policy must be configured to require members of the Global Administrators group to use Multi-Factor Authentication and an Azure AD-joined device when they connect to Azure AD from untrusted locations.
Solution: You access the multi-factor authentication page to alter the user settings.
Does the solution meet the goal?
  1. A
    Yes
  2. B
    No

Correct Answer:
B
chatbot-img GPT-4o - Answer
The correct approach for ensuring that members of the Global Administrators group use Multi-Factor Authentication and an Azure AD-joined device from untrusted locations is through a Conditional Access policy. Adjusting the multi-factor authentication settings alone, as the proposed solution suggests, does not address the requirement for the device state or the specific user group conditions. Conditional Access policies enable granular control to enforce MFA and check if the device is Azure AD-joined, crucially meeting all the conditions set in the scenario. Hence, altering the conditional access policy within Azure AD is the right method.

Question #3
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) subscription.
You want to implement an Azure AD conditional access policy.
The policy must be configured to require members of the Global Administrators group to use Multi-Factor Authentication and an Azure AD-joined device when they connect to Azure AD from untrusted locations.
Solution: You access the Azure portal to alter the session control of the Azure AD conditional access policy.
Does the solution meet the goal?
  1. A
    Yes
  2. B
    No

Correct Answer:
B
chatbot-img GPT-4o - Answer
The provided solution does not meet the requirement because it incorrectly focuses on altering session control rather than grant control. To correctly configure the Azure AD conditional access policy as required, one must adjust the grant control settings. This involves ensuring that the policy mandates Multi-Factor Authentication and the use of an Azure AD-joined device for Global Administrators accessing Azure AD from untrusted locations. Hence, changing the grant control is necessary to enforce these specific conditions effectively.

Question #4
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) subscription.
You want to implement an Azure AD conditional access policy.
The policy must be configured to require members of the Global Administrators group to use Multi-Factor Authentication and an Azure AD-joined device when they connect to Azure AD from untrusted locations.
Solution: You access the Azure portal to alter the grant control of the Azure AD conditional access policy.
Does the solution meet the goal?
  1. A
    Yes
  2. B
    No

Correct Answer:
A
chatbot-img GPT-4o - Answer
Yes, the solution provided is indeed suitable for meeting the specified goal. When configuring Azure AD conditional access policies, altering the grant control settings through the Azure portal is the correct approach. This method allows administrators to enforce requirements for Multi-Factor Authentication and the use of Azure AD-joined devices for members of the Global Administrators group when accessing from untrusted locations. This ensures that both authentication factors are in place, enhancing security protocols effectively.

Question #5
You are planning to deploy an Ubuntu Server virtual machine to your company's Azure subscription.
You are required to implement a custom deployment that includes adding a particular trusted root certification authority (CA).
Which of the following should you use to create the virtual machine?
  1. A
    The New-AzureRmVm cmdlet.
  2. B
    The New-AzVM cmdlet.
  3. C
    The Create-AzVM cmdlet.
  4. D
    The az vm create command.

Correct Answer:
C
Once Cloud-init.txt has been created, you can deploy the VM with az vm create cmdlet, using the --custom-data parameter to provide the full path to the cloud- init.txt file.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-automate-vm-deployment

Question #6
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company makes use of Multi-Factor Authentication for when users are not in the office. The Per Authentication option has been configured as the usage model.
After the acquisition of a smaller business and the addition of the new staff to Azure Active Directory (Azure AD) obtains a different company and adding the new employees to Azure Active Directory (Azure AD), you are informed that these employees should also make use of Multi-Factor Authentication.
To achieve this, the Per Enabled User setting must be set for the usage model.
Solution: You reconfigure the existing usage model via the Azure portal.
Does the solution meet the goal?
  1. A
    Yes
  2. B
    No

Correct Answer:
B
Since it is not possible to change the usage model of an existing provider as it is right now, you have to create a new one and reactivate your existing server with activation credentials from the new provider.
Reference:
https://365lab.net/2015/04/11/switch-usage-model-in-azure-multi-factor-authentication-server/

Question #7
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company's Azure solution makes use of Multi-Factor Authentication for when users are not in the office. The Per Authentication option has been configured as the usage model.
After the acquisition of a smaller business and the addition of the new staff to Azure Active Directory (Azure AD) obtains a different company and adding the new employees to Azure Active Directory (Azure AD), you are informed that these employees should also make use of Multi-Factor Authentication.
To achieve this, the Per Enabled User setting must be set for the usage model.
Solution: You reconfigure the existing usage model via the Azure CLI.
Does the solution meet the goal?
  1. A
    Yes
  2. B
    No

Correct Answer:
B
Since it is not possible to change the usage model of an existing provider as it is right now, you have to create a new one and reactivate your existing server with activation credentials from the new provider.
Reference:
https://365lab.net/2015/04/11/switch-usage-model-in-azure-multi-factor-authentication-server/

Question #8
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company's Azure solution makes use of Multi-Factor Authentication for when users are not in the office. The Per Authentication option has been configured as the usage model.
After the acquisition of a smaller business and the addition of the new staff to Azure Active Directory (Azure AD) obtains a different company and adding the new employees to Azure Active Directory (Azure AD), you are informed that these employees should also make use of Multi-Factor Authentication.
To achieve this, the Per Enabled User setting must be set for the usage model.
Solution: You create a new Multi-Factor Authentication provider with a backup from the existing Multi-Factor Authentication provider data.
Does the solution meet the goal?
  1. A
    Yes
  2. B
    No

Correct Answer:
A
Since it is not possible to change the usage model of an existing provider as it is right now, you have to create a new one and reactivate your existing server with activation credentials from the new provider.
Reference:
https://365lab.net/2015/04/11/switch-usage-model-in-azure-multi-factor-authentication-server/

Question #9
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) tenant named weyland.com that is configured for hybrid coexistence with the on-premises Active
Directory domain.
You have a server named DirSync1 that is configured as a DirSync server.
You create a new user account in the on-premise Active Directory. You now need to replicate the user information to Azure AD immediately.
Solution: You run the Start-ADSyncSyncCycle -PolicyType Initial PowerShell cmdlet.
Does the solution meet the goal?
  1. A
    Yes
  2. B
    No

Correct Answer:
A
Reference:
https://blog.kloud.com.au/2016/03/08/azure-ad-connect-manual-sync-cycle-with-powershell-start-adsyncsynccycle/

Question #10
Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Azure Active Directory (Azure AD) tenant named weyland.com that is configured for hybrid coexistence with the on-premises Active
Directory domain.
You have a server named DirSync1 that is configured as a DirSync server.
You create a new user account in the on-premise Active Directory. You now need to replicate the user information to Azure AD immediately.
Solution: You use Active Directory Sites and Services to force replication of the Global Catalog on a domain controller.
Does the solution meet the goal?
  1. A
    Yes
  2. B
    No

Correct Answer:
B
chatbot-img GPT-4o - Answer
To immediately replicate a new user from on-premises Active Directory to Azure AD, you should utilize the Azure AD Connect tool. The appropriate method involves executing a delta synchronization, specifically by using the `Start-ADSyncSyncCycle -PolicyType Delta` command. This command specifically targets and syncs recent changes, rather than forcing replication via Active Directory Sites and Services, which does not directly interact with Azure AD synchronization processes.

Next Questions

All Pages