AZ-104 Microsoft Azure Administrator

Question 1

Azure’s cloud-based identity and access management service that provides authentication and authorization for users, groups, and applications.

Answer 1

Azure Active Directory

Question 2

A dedicated instance of Azure AD that represents an organization or a single directory.

Answer 2

Azure AD Tenants

Question 3

Custom domains that can be added to Azure AD to allow users to sign in using their organization’s domain name.

Answer 3

Azure Custom Domains

Question 4

User accounts created in Azure AD for authentication and access control.

Answer 4

Azure AD Users

Question 5

Groups created in Azure AD to manage and organize users for easier administration and access control.

Answer 5

Azure AD Groups

Question 6

Subscriptions or licenses assigned to Azure AD users to grant access to specific features and services.

Answer 6

Azure AD Licenses

Question 7

A logical grouping mechanism in Azure AD that allows for more granular administrative control over resources.

Answer 7

Azure Administrative Units

Question 8

A feature in Azure AD that enables users to reset their passwords without the need for assistance from IT administrators.

Answer 8

Azure Self-Service Password Reset

Question 9

A security model in Azure that assigns permissions to users based on their roles and responsibilities.

Answer 9

Role-based access control (RBAC)

Question 10

Predefined roles in Azure that grant specific administrative permissions to users or groups.

Answer 10

Azure Administrative Roles

Question 11

Custom-defined roles in Azure that allow for more fine-grained control over permissions by specifying specific actions and resources.

Answer 11

Custom RBAC Roles

Question 12

The scope at which resource groups are defined and used to organize and manage Azure resources.

Answer 12

Resource Group Scope

Question 13

Containers used to organize and manage Azure resources based on a common lifecycle or application.

Answer 13

Resource Groups

Question 14

The main interface in the Azure portal where users can view and manage their Azure subscriptions and resources.

Answer 14

Subscription Dashboard

Question 15

A service in Azure that helps users monitor and control their Azure spending and optimize resource usage.

Answer 15

Cost Management

Question 16

A feature in Azure that allows users to lock resources to prevent accidental deletion or modification.

Answer 16

Resource Locks

Question 17

A service in Azure that enables users to define and enforce rules and policies for resource compliance and governance.

Answer 17

Azure Policy

Question 18

A secure and scalable Azure service that provides storage for various types of data.

Answer 18

Storage Account

Question 19

The networking configuration of a storage account that allows public access to the storage resources.

Answer 19

Storage Account: Public Networking

Question 20

The networking configuration of a storage account that restricts access to the storage resources within a virtual network.

Answer 20

Storage Account: Private Networking

Question 21

Advanced Options: Additional configuration settings for a storage account, such as data lake storage, hierarchical namespace, etc.

Answer 21

Storage Account: Advanced Options

Question 22

Mechanisms and features provided by Azure for ensuring the integrity and durability of data stored in a storage account.

Answer 22

Storage Account: Data Protection

Question 23

The process of encrypting data stored in a storage account to protect it from unauthorized access.

Answer 23

Storage Account: Encryption

Question 24

The completion and activation of a storage account after all the necessary settings and configurations have been defined.

Answer 24

Storage Account: Final Creation

Question 25

Binary Large Objects (Blobs) are a type of storage object in Azure used for storing unstructured data.

Answer 25

Storage Account: Blobs

Question 26

Azure Files is a storage service that provides fully managed file shares in the cloud.

Answer 26

Storage Account: Files

Question 27

Azure Queue storage is a messaging service that enables reliable and asynchronous communication between components of distributed applications.

Answer 27

Storage Account: Queues

Question 28

Azure Table storage is a NoSQL key-value store that provides schema-less storage of structured data.

Answer 28

Storage Account: Tables

Question 29

Authentication keys associated with a storage account that can be used to access and manage the storage resources.

Answer 29

Access Keys

Question 30

A secure way to provide limited access to storage resources in a storage account without sharing the account keys.

Answer 30

SAS (Shared Access Signature)

Question 31

A feature in Azure storage that allows users to define fine-grained access permissions for shared access signatures.

Answer 31

Stored Access Policies

Question 32

Storage redundancy options in Azure that provide data replication and fault tolerance for high availability and durability.

Answer 32

Redundant Storage

Question 33

Different storage performance and cost options available in Azure, such as hot, cool, and archive tiers.

Answer 33

Access Tiers

Question 34

A service in Azure that collects and analyzes log and performance data from various resources for monitoring and troubleshooting.

Answer 34

Log Analytics

Question 35

Azure AD integration with Azure storage that enables granular access control based on user identities and groups.

Answer 35

Azure AD Access Control for Storage

Question 36

A feature in Azure storage that automates the movement and deletion of data based on specified rules and policies.

Answer 36

Lifecycle Management

Question 37

A virtual hard disk attached to an Azure virtual machine for storing data.

Answer 37

Azure Data Disk

Question 38

A command-line utility used for copying data to and from Azure storage.

Answer 38

AzCopy

Question 39

A web-based tool in the Azure portal for managing and interacting with storage accounts and their contents.

Answer 39

Storage Browser

Question 40

A feature in Azure storage that enables automatic replication of data between storage accounts in different regions for redundancy.

Answer 40

Object Replication

Question 41

A fully managed file share in Azure that can be accessed and shared across multiple virtual machines.

Answer 41

Azure file share

Question 42

A service that enables synchronization of on-premises file servers with Azure file shares for seamless access and backup.

Answer 42

Azure File Sync

Question 43

A high-performance storage offering in Azure for storing and accessing large amounts of unstructured data.

Answer 43

Premium Storage: Blobs

Question 44

A high-performance storage offering in Azure for hosting file shares with low latency and high throughput.

Answer 44

Premium Storage: Files

Question 45

A virtualized computing instance in Azure that runs an operating system and applications.

Answer 45

Virtual Machine

Question 46

Different disk options available for Azure virtual machines, such as managed disks, unmanaged disks, and premium disks.

Answer 46

Azure VM Disk Options

Question 47

Networking configurations and options available for Azure virtual machines, such as virtual networks, subnets, and network security groups.

Answer 47

Azure VM Networking Options

Question 48

The process of provisioning, configuring, monitoring, and maintaining Azure virtual machines.

Answer 48

Azure VM Management

Question 49

The level of availability and resilience provided by Azure for virtual machines through features like availability sets and availability zones.

Answer 49

VM Availability

Question 50

Additional storage disks attached to an Azure virtual machine for data storage.

Answer 50

VM Additional Disks

Question 51

A fully managed service in Azure that provides secure and seamless RDP and SSH access to virtual machines.

Answer 51

Azure Bastion Service

Question 52

A feature in Azure that allows for the deployment and management of a set of identical virtual machines.

Answer 52

Virtual Machine Scale Sets (VMSS)

Question 53

The process of manually adjusting the number of virtual machines in a virtual machine scale set based on workload requirements.

Answer 53

VMSS Manual Scaling

Question 54

A repository of pre-built virtual machine images and templates available in Azure for easy deployment.

Answer 54

Azure Compute Gallery

Question 55

Azure Resource Manager (ARM) templates are JSON files used to define and deploy Azure resources and configurations.

Answer 55

ARM Template

Question 56

A domain-specific language (DSL) for defining Azure resources that provides a cleaner and more concise syntax compared to ARM templates.

Answer 56

Azure Bicep

Question 57

An open-source infrastructure as code (IaC) tool that can be used to define and provision infrastructure resources in Azure.

Answer 57

Terraform

Question 58

A feature in Azure that allows running custom scripts on virtual machines during deployment or after provisioning.

Answer 58

ARM Custom Script Extensions

Question 59

A file format used for representing virtual machine disks in Azure.

Answer 59

VHD (Virtual Hard Disk)

Question 60

Encryption of virtual machine disks at the server level for enhanced security.

Answer 60

VM Server-Side Encryption (SSE)

Question 61

A feature in Azure that enables encryption of virtual machine disks at the OS level.

Answer 61

Azure Disk Encryption (ADE)

Question 62

Scheduled or manual processes in Azure for backing up virtual machines and their data.

Answer 62

VM Backup Jobs

Question 63

The process of recovering and restoring a virtual machine from a backup to its previous state.

Answer 63

VM Restores

Question 64

A service in Azure that allows for hosting and managing web applications.

Answer 64

Web App

Question 65

A fully managed platform in Azure for building, deploying, and scaling web, mobile, and API applications.

Answer 65

App Service

Question 66

An integration between Azure and GitHub that allows for automating workflows and CI/CD pipelines.

Answer 66

GitHub Actions

Question 67

A managed container orchestration service in Azure that simplifies the deployment, management, and scaling of Kubernetes clusters.

Answer 67

Azure Kubernetes Services (AKS)

Question 68

Lightweight, isolated units of software packaging that encapsulate applications and their dependencies.

Answer 68

Containers

Question 69

A Kubernetes cluster managed by Azure Kubernetes Service (AKS).

Answer 69

AKS Cluster

Question 70

A command-line tool used to interact with and manage Kubernetes clusters.

Answer 70

Kubectl

Question 71

Different storage options available for persistent data storage in AKS, such as Azure Disks, Azure Files, and Azure Blob storage.

Answer 71

AKS Storage Options

Question 72

A tool that allows for running and managing Docker containers on a local machine for development and testing.

Answer 72

Docker Desktop

Question 73

A serverless container offering in Azure that allows for running containers without managing underlying infrastructure.

Answer 73

ACI (Azure Container Instances)

Question 74

A collection of containers managed and deployed together as a group in Azure Container Instances.

Answer 74

ACI Container Groups

Question 75

A service in Azure that simplifies the deployment and management of containerized applications using Azure Container Registry and Azure Container Instances.

Answer 75

Azure Container Apps

Question 76

A logically isolated network in Azure that allows for secure communication between Azure resources.

Answer 76

VNet (Virtual Network)

Question 77

A smaller address space within a virtual network where resources can be deployed.

Answer 77

Virtual Network Subnet

Question 78

A virtual or physical network interface attached to a virtual machine or other Azure resources for network connectivity.

Answer 78

Network Interface Card

Question 79

Remote Desktop Protocol (RDP) is a protocol used to access and control Windows-based virtual machines.

Answer 79

RDP Access

Question 80

Secure connections established over the internet that allow users to access private networks remotely.

Answer 80

VPNs (Virtual Private Networks)

Question 81

A dedicated and private network connection between on-premises infrastructure and Azure data centers for secure and reliable communication.

Answer 81

ExpressRoute

Question 82

The process of connecting two virtual networks in Azure to enable resources in one virtual network to communicate with resources in another.

Answer 82

VNet Peering

Question 83

A feature in Azure that allows virtual networks in different Azure regions to be connected for global-scale deployments.

Answer 83

Global Peering

Question 84

A service in Azure that enables secure and encrypted communication between virtual networks in Azure.

Answer 84

Azure-to-Azure Virtual Network Gateway

Question 85

A connection established between an on-premises network and an Azure virtual network using a VPN or ExpressRoute.

Answer 85

Network Gateway Connection

Question 86

Services in Azure that provide domain name system (DNS) management for translating domain names to IP addresses.

Answer 86

Azure DNS Services

Question 87

A DNS zone in Azure that resolves names to private IP addresses within a virtual network.

Answer 87

Private DNS Zone

Question 88

A DNS zone in Azure that resolves names to public IP addresses accessible over the internet.

Answer 88

Public DNS Zone

Question 89

Security groups in Azure that act as a virtual firewall for controlling inbound and outbound traffic to Azure resources.

Answer 89

NSGs (Network Security Groups)

Question 90

Rules defined within a network security group that allow or deny specific types of network traffic.

Answer 90

NSG Rules

Question 91

The process of distributing incoming network traffic across multiple resources or servers for improved performance and availability.

Answer 91

Load Balancing

Question 92

A load balancer service in Azure that provides application-level load balancing and other advanced traffic management capabilities.

Answer 92

Application Gateway

Question 93

A monitoring and diagnostic service in Azure that provides insights into network traffic and helps troubleshoot network issues.

Answer 93

Network Watcher

Question 94

A feature in Azure Network Watcher that enables monitoring and troubleshooting of network connectivity between resources.

Answer 94

Connection Monitor

Question 95

A feature in Azure Network Watcher that helps verify network traffic flow between resources.

Answer 95

IP Flow Verify

Question 96

Logs generated by Network Security Groups (NSGs) that capture information about inbound and outbound network traffic.

Answer 96

NSG Flow Logs

Question 97

Logs generated by Azure resources that provide diagnostic information about network-related activities.

Answer 97

Network Diagnostic Logs

Question 98

A network architecture in Azure where a central “hub” virtual network is connected to multiple “spoke” virtual networks.

Answer 98

Hub and Spoke Network Design

Question 99

A service in Azure that provides monitoring and analytics capabilities for applications, infrastructure, and networks.

Answer 99

Azure Monitor

Question 100

Diagnostic information collected from the guest operating system of virtual machines for troubleshooting purposes.

Answer 100

Guest OS Host Diagnostics

Question 101

Queries written in the Kusto Query Language (KQL) used to analyze and retrieve data from Azure Monitor logs.

Answer 101

Kusto Queries on Logs

Question 102

A disaster recovery solution in Azure that provides replication and recovery services for on-premises and Azure virtual machines.

Answer 102

Azure Site Recovery

Question 103

Site-to-Site replication using Azure Site Recovery (ASR) to replicate data between on-premises sites for disaster recovery.

Answer 103

ASR to Site-to-Site Replication

Question 104

A feature in Azure Site Recovery that allows for testing the failover process without impacting production environments.

Answer 104

ASR Test Failover