최신 AZ-104 무료덤프 - Microsoft Azure Administrator
You need to implement the planned changes for DCR1. Which type of query should you use?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
You have an Azure subscription that contains a virtual machine named VM1.
You plan to deploy an Azure Monitor alert rule that will trigger an alert when CPU usage on VM1 exceeds 80 percent.
You need to ensure that the alert rule sends an email message to two users named User1 and User2.
What should you create for Azure Monitor?
You plan to deploy an Azure Monitor alert rule that will trigger an alert when CPU usage on VM1 exceeds 80 percent.
You need to ensure that the alert rule sends an email message to two users named User1 and User2.
What should you create for Azure Monitor?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
You have an Azure subscription that contains the storage accounts shown in the following exhibit.
정답:
Explanation:
You need to generate a shared access signature (SAS). The solution must meet the following requirements:
* Ensure that the SAS can only be used to enumerate and download blobs stored in container1.
* Use the principle of least privilege,
Which three settings should you enable? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
* Ensure that the SAS can only be used to enumerate and download blobs stored in container1.
* Use the principle of least privilege,
Which three settings should you enable? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
To generate a shared access signature (SAS) that meets the requirements, you should enable the following three settings:
Service: Blob
Allowed resource types: Container
Allowed permissions: Read and List
These settings will ensure that the SAS can only be used to enumerate and download blobs stored in container1, and not to perform any other operations on the storage account or the blobs. This follows the principle of least privilege, which means granting the minimum permissions necessary for a task.
You can use the Azure portal or Azure Storage Explorer to create a SAS token with these settings. For more information, see Create shared access signature (SAS) tokens for storage containers and blobs - Azure AI services | Microsoft Learn.
You have an Azure subscription that contains a storage account named contoso?02 3. The Contoso 2023 storage account contains the resources shown in the following table.
The Contoso 2023 storage account is configured as shown in the following exhibit.
You have a Microsoft Entra tenant that contains the users shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
The Contoso 2023 storage account is configured as shown in the following exhibit.
You have a Microsoft Entra tenant that contains the users shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
You have an Azure subscription and a Microsoft Entra ID P1 license.
You need to perform the following actions:
* Enable self-service password reset (SSPR) for all users.
* Require the users to answer four questions when registering for SSPR.
Which two settings should you use? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
You need to perform the following actions:
* Enable self-service password reset (SSPR) for all users.
* Require the users to answer four questions when registering for SSPR.
Which two settings should you use? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure container registry named Registry1 that contains an image named image1.
You receive an error message when you attempt to deploy a container instance by using image1.
You need to be able to deploy a container instance by using image1.
Solution: You create a private endpoint connection for Registry1.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure container registry named Registry1 that contains an image named image1.
You receive an error message when you attempt to deploy a container instance by using image1.
You need to be able to deploy a container instance by using image1.
Solution: You create a private endpoint connection for Registry1.
Does this meet the goal?
정답: A
You have an Azure Kubernetes Service (AKS) cluster named AKS1.
You need to configure cluster autoscaler for AKS1.
Which two tools should you use? Each correct answer presents a complete solution, NOTE: Each correct selection is worth one point
You need to configure cluster autoscaler for AKS1.
Which two tools should you use? Each correct answer presents a complete solution, NOTE: Each correct selection is worth one point
정답: A,C
설명: (DumpTOP 회원만 볼 수 있음)
You plan to use Azure Network Watcher to perform the following tasks:
Task1: Identify a security rule that prevents a network packet from reaching an Azure virtual machine Task2: Validate outbound connectivity from an Azure virtual machine to an external host Which feature should you use for each task? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Task1: Identify a security rule that prevents a network packet from reaching an Azure virtual machine Task2: Validate outbound connectivity from an Azure virtual machine to an external host Which feature should you use for each task? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Task 1: IP flow verify
The IP flow verify capability enables you to specify a source and destination IPv4 address, port, protocol (TCP or UDP), and traffic direction (inbound or outbound). IP flow verify then tests the communication and informs you if the connection succeeds or fails. If the connection fails, IP flow verify tells you which security rule allowed or denied the communication, so that you can resolve the problem.
Task 2: Connection troubleshoot
The connection troubleshoot capability enables you to test a connection between a VM and another VM, an FQDN, a URI, or an IPv4 address. The test returns similar information returned when using the connection monitor capability, but tests the connection at a point in time, rather than monitoring it over time.
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-connectivity-overview
You have an Azure subscription that contains a storage account named storage.
You have the devices shown in the following table.
From which devices can you use AzCopy to copy data to storage1?
You have the devices shown in the following table.
From which devices can you use AzCopy to copy data to storage1?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
You have a virtual network named VNet1 as shown in the exhibit. (Click the Exhibit tab.)
No devices are connected to VNet1.
You plan to peer VNet1 to another virtual network named VNet2. VNet2 has an address space of 10.2.0.0/16.
You need to create the peering.
What should you do first?
No devices are connected to VNet1.
You plan to peer VNet1 to another virtual network named VNet2. VNet2 has an address space of 10.2.0.0/16.
You need to create the peering.
What should you do first?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
You have two Azure virtual machines as shown in the following table.
You create the Azure DNS zones shown in the following table.
You perform the following actions:
To fabrikam.com, you add a virtual network link to vnet1 and enable auto registration.
For contoso.com, you assign vm1 and vm2 the Owner role.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worm one point.
You create the Azure DNS zones shown in the following table.
You perform the following actions:
To fabrikam.com, you add a virtual network link to vnet1 and enable auto registration.
For contoso.com, you assign vm1 and vm2 the Owner role.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worm one point.
정답:
Explanation:
You have an app named App1 that runs on two Azure virtual machines named VM1 and VM2.
You plan to implement an Azure Availability Set for Appl. The solution must ensure that App1 is available during planned maintenance of the hardware hosting VM1 and VM2.
What should you include in the Availability Set?
You plan to implement an Azure Availability Set for Appl. The solution must ensure that App1 is available during planned maintenance of the hardware hosting VM1 and VM2.
What should you include in the Availability Set?
정답: C
You have a hybrid deployment of Azure AD that contains the users shown in the following table.
You need to modify the JobTitle and UsageLocation attributes for the users.
For which users can you modify the attributes from Azure AD? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to modify the JobTitle and UsageLocation attributes for the users.
For which users can you modify the attributes from Azure AD? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Box 1:User1 and User3 only
You must use Windows Server Active Directory to update the identity, contact info, or job info for users whose source of authority is Windows Server Active Directory.
Box 2: User1, User2, and User3
Usage location is an Azure property that can only be modified from Azure AD (for all users including Windows Server AD users synced via Azure AD Connect).
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-users-profile-azure- portal
You have an Azure subscription.
You need to deploy a virtual machine by using an Azure Resource Manager (ARM) template.
How should you complete the template? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to deploy a virtual machine by using an Azure Resource Manager (ARM) template.
How should you complete the template? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
- dependsON: resoureceID
- storageProfile: ImageReference
Reference :
https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/resource-dependency#dependson
https://learn.microsoft.com/en-us/javascript/api/@azure/arm-compute/storageprofile?view=azure-node-latest
You have an Azure subscription that contains the resources shown in the following table.
You need to assign User1 the Storage File Data SMB Share Contributor role for share1.
What should you do first?
You need to assign User1 the Storage File Data SMB Share Contributor role for share1.
What should you do first?
정답: D
You need to resolve the Active Directory issue.
What should you do?
What should you do?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
You need to create storage5. The solution must support the planned changes.
Which type of storage account should you use, and which account should you configure as the destination storage account? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Which type of storage account should you use, and which account should you configure as the destination storage account? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/object-replication-configure?tabs=portal
You are configuring Azure AD authentication for an Azure Storage account named storage1.
You need to ensure that the members of a group named Group1 can upload files by using the Azure portal.
The solution must use the principle of least privilege.
Which two roles should you assign to Group1? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You need to ensure that the members of a group named Group1 can upload files by using the Azure portal.
The solution must use the principle of least privilege.
Which two roles should you assign to Group1? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
정답: A,E
설명: (DumpTOP 회원만 볼 수 있음)