Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AZURE > Az-104 - Question set 3 > Flashcards

Az-104 - Question set 3 Flashcards

1
Q

Question 1: Part 2 in Notion

A

D. storage4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Question 2: Part 2 in Notion

A
  • Storage account 1 & 2
  • All storage accounts.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Question 3: Part 2 in Notion

A

B. container1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Question 4: Part 2 in Notion

A

Box 1: Access Control (IAM)
Since the App1 uses Managed Identity, App1 can access the Storage Account via IAM. As per requirement, we need to minimize the number of secrets used, so Access keys is not ideal.

Box 2: Shared access signatures (SAS)
We need temp access for App2, so we need to use SAS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Question 5: Part 2 in Notion

A

Box 1: StorageV2

Box 2: Standard_GRS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Question 6: Part 2 in Notion

A

Step 1: Install the Azure File Sync agent on Server1. The Azure File Sync agent is a downloadable package that enables Windows Server to be synced with an Azure file share.

Step 2: Register Server1. Register Windows Server with Storage Sync Service. Registering your Windows Server with a Storage Sync Service establishes a trust relationship between your server and the Storage Sync Service.

Step 3: Create a sync group and a cloud endpoint. A sync group defines the sync topology for a set of files. Endpoints within a sync group are kept in sync with each other. A sync group must contain one cloud, which represents an Azure file share and one or more server endpoints. A server endpoint represents a path on registered server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Question 7: Part 2 in Notion

A

No, No, Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Question 8: Part 2 in Notion

A

Step 1: Attach an external disk to Server1 and then run waimportexport.exe
Determine data to be imported, number of drives you need, destination blob location for your data in Azure storage.
Use the WAImportExport tool to copy data to disk drives. Encrypt the disk drives with BitLocker.
Step 2: From the Azure portal, create an import job.
Create an import job in your target storage account in Azure portal. Upload the drive journal files.
Step 3: Detach the external disks from Server1 and ship the disks to an Azure data center.
Provide the return address and carrier account number for shipping the drives back to you.
Ship the disk drives to the shipping address provided during job creation.
Step 4: From the Azure portal, update the import job
Update the delivery tracking number in the import job details and submit the import job.
The drives are received and processed at the Azure data center.
The drives are shipped using your carrier account to the return address provided in the import job.
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Question 9: Part 2 in Notion

A

1) share2 can be added as a cloud endpoint for Group1: “No”
2) E:\Folder2 on Server1 can be added as a server endpoint: “No”
3) D:\Data om Server2 can be added as a server endpoint for Group1: “Yes”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Question 10: Part 2 in Notion

A

contosostorage.file.core.windows.net\data
Box 1: contosostorage -

The name of account -

Box 2: file.core.windows.net -

Box 3: data -
The name of the file share is data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Question 11: Part 2 in Notion

A

1) make
2) blob

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Question 12: Part 2 in Notion

A

Should be File 1: Endpoint 1 only File 2: Endpoint 1, Endpoint 2 and Endpoint 3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Question 13: Part 2 in Notion

A

Box 1: never -
The 10.2.9.0/24 subnet is not whitelisted.

Box 2: never -
After you configure firewall and virtual network settings for your storage account, select Allow trusted Microsoft services to access this storage account as an exception to enable Azure Backup service to access the network restricted storage account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Question 14: Part 2in Notion

A

No, No, Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Question 15: Part 2 in Notion

A

B. storage2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You have an Azure subscription that contains a storage account named account1.
You plan to upload the disk files of a virtual machine to account1 from your on-premises network. The on-premises network uses a public IP address space of
131.107.1.0/24.
You plan to use the disk files to provision an Azure virtual machine named VM1. VM1 will be attached to a virtual network named VNet1. VNet1 uses an IP address space of 192.168.0.0/24.
You need to configure account1 to meet the following requirements:
✑ Ensure that you can upload the disk files to account1.
✑ Ensure that you can attach the disks to VM1.
✑ Prevent all other access to account1.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. From the Networking blade of account1, select Selected networks.
B. From the Networking blade of account1, select Allow trusted Microsoft services to access this storage account.
C. From the Networking blade of account1, add the 131.107.1.0/24 IP address range.
D. From the Networking blade of account1, add VNet1.
E. From the Service endpoints blade of VNet1, add a service endpoint.

A

A. From the Networking blade of account1, select Selected networks.
C. From the Networking blade of account1, add the 131.107.1.0/24 IP address range

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Question 17: Part 2 in Notion

A

Correct Answer:

Step 1: Install the Azure File Sync agent on Server1
The Azure File Sync agent is a downloadable package that enables Windows Server to be synced with an Azure file share

Step 2: Register Server1
Register Windows Server with Storage Sync Service
Registering your Windows Server with a Storage Sync Service establishes a trust relationship between your server (or cluster) and the Storage Sync Service.

Step 3: Add a server endpoint
Create a sync group and a cloud endpoint.
A sync group defines the sync topology for a set of files. Endpoints within a sync group are kept in sync with each other. A sync group must contain one cloud endpoint, which represents an Azure file share and one or more server endpoints. A server endpoint represents a path on registered server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Question 18: Part 2 in Notion

A

Box 1: Zone-redundant storage (ZRS)
Zone-redundant storage (ZRS) replicates your data synchronously across three storage clusters in a single Region.
GRS protects against Zone failure, while ZRS protects against data center failure.
LRS would not remain available if a data center in the region fails.
GRS and RA GRS use asynchronous replication.

Box 2: StorageV2 (general purpose V2)
ZRS only support GPv2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

You plan to use the Azure Import/Export service to copy files to a storage account.
Which two files should you create before you prepare the drives for the import job? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. an XML manifest file
B. a dataset CSV file
C. a JSON configuration file
D. a PowerShell PS1 file
E. a driveset CSV file

A

B: Modify the dataset.csv file in the root folder where the tool resides. Depending on whether you want to import a file or folder or both, add entries in the dataset.csv file

E: Modify the driveset.csv file in the root folder where the tool resides.

Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-data-to-files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

You have a Recovery Service vault that you use to test backups. The test backups contain two protected virtual machines.
You need to delete the Recovery Services vault.
What should you do first?

A. From the Recovery Service vault, delete the backup data.
B. Modify the disaster recovery properties of each virtual machine.
C. Modify the locks of each virtual machine.
D. From the Recovery Service vault, stop the backup of each backup item.

A

D. From the Recovery Service vault, stop the backup of each backup item

https://docs.microsoft.com/en-us/azure/backup/backup-azure-delete-vault

21
Q

Question 19: Part 2 in Notion

A

Box 1: VM1 only
VM1 is in the same region as Vault1. File1 is not in the same region as Vautl1. SQL is not in the same region as Vault1. Blobs cannot be backup up to service vaults.
Note: To create a Vault to protect VMs, the Vault must be in the same Region as the VMs.

Box 2: Share1 only
Storage1 is in the same region as Vault2. Share1 is in Storage1.
Note: Only VM and Fileshare is allowed to Backup.

Reference:
https://docs.microsoft.com/bs-cyrl-ba/azure/backup/backup-create-rs-vault
https://docs.microsoft.com/en-us/azure/backup/backup-afs
https://feedback.azure.com/forums/217298-storage/suggestions/37096837-possibility-to-backup-blob-data-in-the-recovery-se

22
Q

You have an Azure subscription named Subscription1.
You have 5 TB of data that you need to transfer to Subscription1.
You plan to use an Azure Import/Export job.
What can you use as the destination of the imported data?

A. a virtual machine
B. an Azure Cosmos DB database
C. Azure File Storage
D. the Azure File Sync Storage Sync Service

A

C. Azure File Storage

23
Q

Question 20: Part 2 in Notion

A
  • LRS has 3 copies of data
  • Access tier has the “cool” option to store infrequently accessed data.
24
Q

You have an Azure Storage account named storage1.
You plan to use AzCopy to copy data to storage1.
You need to identify the storage services in storage1 to which you can copy the data.
Which storage services should you identify?

A. blob, file, table, and queue
B. blob and file only
C. file and table only
D. file only
E. blob, table, and queue only

A

B. blob and file only

25
Q

Question 21: Part 2 in Notion

A

1) Blob Storage: “Azure Active Directory (Azure AD) and shared access signatures (SAS) only”
2) File Storage: “Shared Access Signatures (SAS) only”

26
Q

You have an Azure subscription that contains an Azure Storage account.
You plan to create an Azure container instance named container1 that will use a Docker image named Image1. Image1 contains a Microsoft SQL Server instance that requires persistent storage.
You need to configure a storage service for Container1.
What should you use?

A. Azure Files
B. Azure Blob storage
C. Azure Queue storage
D. Azure Table storage

A

A. Azure Files

27
Q

You have an app named App1 that runs on two Azure virtual machines named VM1 and VM2.
You plan to implement an Azure Availability Set for App1. The solution must ensure that App1 is available during planned maintenance of the hardware hosting
VM1 and VM2.
What should you include in the Availability Set?

A. one update domain
B. two fault domains
C. one fault domain
D. two update domains

A

D. two update domains

28
Q

You have an Azure subscription named Subscription1.
You have 5 TB of data that you need to transfer to Subscription1.
You plan to use an Azure Import/Export job.
What can you use as the destination of the imported data?

A. an Azure Cosmos DB database
B. Azure Blob storage
C. Azure Data Lake Store
D. the Azure File Sync Storage Sync Service

A

B. Azure Blob storage

Azure Import/Export service is used to securely import large amounts of data to Azure Blob storage and Azure Files by shipping disk drives to an Azure datacenter.
Note:
There are several versions of this question in the exam. The question has two correct answers:
1. Azure File Storage
2. Azure Blob Storage
The question can have other incorrect answer options, including the following:
✑ a virtual machine
✑ Azure SQL Database
✑ Azure Data Factory
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-service

29
Q

Question 22: part 2 in Notion

A

first action: Create a Storage Sync Service
The deployment of Azure File Sync starts with placing a Storage Sync Service resource into a resource group of your selected subscription.

Second action: Install the Azure File Sync agent
The Azure File Sync agent is a downloadable package that enables Windows Server to be synced with an Azure file share.

30
Q

Question 23: part 2 in Notion

A

Box 1: No -
A sync group must contain one cloud endpoint, which represents an Azure file share and one or more server endpoints.

Box 2: Yes -
Data2 is located on Server2 which is registered to Sync1.

Box 3: No -
Data3 is located on Server3 which is not registered to Sync1.

31
Q

Question 24: Part 2 in Notion

A

storage 3 and analytics 1, 2 , 3
https://docs.microsoft.com/en-us/azure/backup/backup-azure-configure-reports

32
Q

Question 25: part 2 in Notion

A

ox 1: contoso104 only
Premium file shares are hosted in a special purpose storage account kind, called a FileStorage account.

Box 2: contoso101 and contos103 only
Object storage data tiering between hot, cool, and archive is supported in Blob Storage and General Purpose v2 (GPv2) accounts. General Purpose v1 (GPv1) accounts don’t support tiering.
The archive tier supports only LRS, GRS, and RA-GRS.

Reference:

https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-create-premium-fileshare?tabs=azure-portal
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers

33
Q

Question 26: Part 2 in Notion

A

Correct Answer:

Box 1: will have no access
The IP 193.77.134.1 does not have access on the SAS, because it is not matching the SAS requirements. IP is out of range.

Box 2: will have no access
The SAS token is not supported in mounting Azure File share currently, it just supports the Azure storage account key.
Since it is using “net use” where it uses SMB, the SMB (Server Message Broker) protocol does not support SAS. it still asks for username/password. Accordingly, it will give error wrong username/pass and will not provide access.

34
Q

You have two Azure virtual machines named VM1 and VM2. You have two Recovery Services vaults named RSV1 and RSV2.
VM2 is backed up to RSV1.
You need to back up VM2 to RSV2.
What should you do first?

A. From the RSV1 blade, click Backup items and stop the VM2 backup
B. From the RSV2 blade, click Backup. From the Backup blade, select the backup for the virtual machine, and then click Backup
C. From the VM2 blade, click Disaster recovery, click Replication settings, and then select RSV2 as the Recovery Services vault
D. From the RSV1 blade, click Backup Jobs and export the VM2 job

A

A. From the RSV1 blade, click Backup items and stop the VM2 backup

If you want to change the recovery service vault you need to disassociate the previous RSV and delete the backup data. To delete backup data, you need to stop the backup first.
So:

  1. Stop the backup in RSV1 (D)
  2. Remove the backup data.
  3. Disassociate the VM in RSV1.
  4. Associate the VM in RSV2.
35
Q

You have a general-purpose v1 Azure Storage account named storage1 that uses locally-redundant storage (LRS).
You need to ensure that the data in the storage account is protected if a zone fails. The solution must minimize costs and administrative effort.
What should you do first?

A. Create a new storage account.
B. Configure object replication rules.
C. Upgrade the account to general-purpose v2.
D. Modify the Replication setting of storage1.

A

C. Upgrade the account to general-purpose v2

https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy

36
Q

Question 27: Part 2 in Notion

A

D. storage1, storage2, and storage3 only
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-lifecycle-management-concepts?tabs=azure-portal

37
Q

You create an Azure Storage account named contosostorage.
You plan to create a file share named data.
Users need to map a drive to the data file share from home computers that run Windows 10.
Which outbound port should you open between the home computers and the data file share?

A. 80
B. 443
C. 445
D. 3389

A

C. 445

https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-windows

38
Q

You have an Azure subscription named Subscription1.
You have 5 TB of data that you need to transfer to Subscription1.
You plan to use an Azure Import/Export job.
What can you use as the destination of the imported data?

A. Azure File Storage
B. an Azure Cosmos DB database
C. Azure Data Factory
D. Azure SQL Database

A

A. Azure File Storage

39
Q

Question 28: Part 2 in Notion

A

Box 1- Yes. VirtualNetworkRules & IpRules are blank, with the default action Allow.
Box 2- Yes. Individual blobs can be set to the archive tier - ref.https://docs.microsoft.com/en-us/azure/storage/blobs/access-tiers-overview
Bob 3. No. To access blob data in the Azure portal with Azure AD credentials, a user must have the following role assignments:

40
Q

Question 29: Part 2 in Notion

A

B. Device1, Device2 and Device3

41
Q

You have an Azure Storage account named storage1 that contains a blob container named container1.
You need to prevent new content added to container1 from being modified for one year.
What should you configure?

A. the access tier
B. an access policy
C. the Access control (IAM) settings
D. the access level

A

B. an access policy

42
Q

Question 30: Part 2 in Notion

A

Yes, Yes, Yes

43
Q

You are configuring Azure Active Directory (Azure AD) authentication for an Azure Storage account named storage1.
You need to ensure that the members of a group named Group1 can upload files by using the Azure portal. The solution must use the principle of least privilege.
Which two roles should you configure for storage1? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Storage Account Contributor
B. Storage Blob Data Contributor
C. Reader
D. Contributor
E. Storage Blob Data Reader

A

B. Storage Blob Data Contributor
C. Reader

44
Q

Question 31: Part 2 in Notion

A

Account type: StorageV2 or BlobStorage only

Object type to create in the new account: Container

Object Replication supports General Purpose V2 and Premium Blob accounts.
Blob versioning should be enabled on both the source and destination storage account.
Change feed is enabled on the source storage account.

45
Q

You have an on-premises server that contains a folder named D:\Folder1.
You need to copy the contents of D:\Folder1 to the public container in an Azure Storage account named contosodata.
Which command should you run?

A. https://contosodata.blob.core.windows.net/public
B. azcopy sync D:\folder1 https://contosodata.blob.core.windows.net/public –snapshot
C. azcopy copy D:\folder1 https://contosodata.blob.core.windows.net/public –recursive
D. az storage blob copy start-batch D:\Folder1 https://contosodata.blob.core.windows.net/public

A

C. azcopy copy D:\folder1 https://contosodata.blob.core.windows.net/public –recursive

46
Q

You have an Azure subscription.
In the Azure portal, you plan to create a storage account named storage1 that will have the following settings:
✑ Performance: Standard
✑ Replication: Zone-redundant storage (ZRS)
✑ Access tier (default): Cool
✑ Hierarchical namespace: Disabled
You need to ensure that you can set Account kind for storage1 to BlockBlobStorage.
Which setting should you modify first?

A. Performance
B. Replication
C. Access tier (default)
D. Hierarchical namespace

A

A. Performance

https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-performance-tiers

47
Q

Question 32: Part 2 in Notion

A

Blob Storage: Support both Azure Active Directory (AD) && Shared Access Signature (SAS) token.
File Storage: Only Shared Access Signature (SAS) token is supported.

48
Q

You create an Azure Storage account.
You plan to add 10 blob containers to the storage account.
For one of the containers, you need to use a different key to encrypt data at rest.
What should you do before you create the container?

A. Generate a shared access signature (SAS).
B. Modify the minimum TLS version.
C. Rotate the access keys.
D. Create an encryption scope.

A

D. Create an encryption scope

https://docs.microsoft.com/en-us/azure/storage/blobs/encryption-scope-overview

AZURE (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions