Mall Academy AZ-104 Azure Administrator Practice Exam #2 Flashcards

1
Q

Network Watcher is a central hub providing access to a wide range of networking tools in Azure.

A. TRUE
B. FALSE

A

A. TRUE

Explanation:
Network Watcher is a central hub providing access to a wide range of networking tools in Azure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.You receive a notification that VM1 will be affected by maintenance.You need to move VM1 to a different host immediately.Solution: From the Redeploy blade, you click Redeploy.Does this meet the goal?

A. Yes
B. No

A

A. Yes

Explanation:
When you redeploy a VM, it moves the VM to a new node within the Azure infrastructure and then powers it back on, retaining all your configuration options and associated resources. References: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/redeploy-to-new-node

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You have an Azure subscription that contains a virtual machine named VM1.

VM1 hosts a line-of-business application that is available 24 hours a day.

VM1 has one network interface and one managed disk.

VM1 uses the D4s v3 size.

You plan to make the following changes to VM1:

  • Change the size to D8s v3.
  • Add a 500-GB managed disk.
  • Add the Puppet Agent extension.
  • Attach an additional network interface.

Which change will cause downtime for VM1?

A. Add the Puppet Agent Extension
B. Change the size to D8s v3
C. Add a 500GB managed disk

A

B. Change the size to D8s v3

Explanation:
While resizing the VM it must be in a stopped state
References: https://azure.microsoft.com/en-us/blog/resize-virtual-machines/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Azure virtual networks (VNets) are isolated networks using a private IP address space.

A. TRUE
B. FALSE

A

A. TRUE

Explanation:
Azure Virtual Networks (VNets) are isolated networks using a private IP address space

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You have an Azure subscription that contains the resources shown in the following table.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

There is not an option to limit connectivity.

A. FALSE
B. TRUE

A

A. FALSE

Explanation:
There is an option to limit connectivity, in which case Network Security Groups rules must be used to define the permitted connections

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.

You receive a notification that VM1 will be affected by maintenance.

You need to move VM1 to a different host immediately.

Solution: From the Update management blade, you click Enable.

Does this meet the goal?

A. No
B. Yes

A

B. No

Explanation:
You would need to redeploy the VM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Your company has an Azure subscription named Subscription1.

The company also has two on-premises servers named Server1 and Server2 that run Windows Server 2016.

Server1 is configured as a DNS server that has a primary DNS zone named adatum.com.

Adatum.com contains 1,000 DNS records.

You manage Server1 and Subscription1 from Server2.

Server2 has the following tools installed:

  • The DNS Manager console
  • Azure PowerShell
  • Azure CLI 2.0

You need to move the adatum.com zone to Subscription1.

The solution must minimize administrative effort.

What should you use?

A.The Azure Portal
B. Azure CLI
C. Azure PowerShell
D. The DNS Manager Console

A

B. Azure CLI

Explanation:
Azure DNS supports importing and exporting zone files by using the Azure command-line interface (CLI).

Zone file import is not currently supported via AzurePowerShell or the Azure portal.

References: https://docs.microsoft.com/en-us/azure/dns/dns-import-export

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

You have an Azure virtual machine named VM1.

Azure collects events from VM1.

You are creating an alert rule in Azure Monitor to notify an administrator when an error is logged in the System event log of VM1.

You need to specify which resource type to monitor.

What should you specify?

A. Virtual Machine
B. Azure Log Analytics Workspace
C. Virtual Machine Extension
D. Metric Alert

A

C. Virtual Machine Extension

Explanation:
Azure Monitor can collect data directly from your Azure virtual machines into a Log Analytics workspace for detailed analysis and correlation. Installing the LogAnalytics VM extension for Windows and Linux allows Azure Monitor to collect data from your Azure VMs.

Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/learn/quick-collect-azurevm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

You have an Azure subscription named Subscription1.

Subscription1 contains a resource group named RG1.

RG1 contains resources that were deployed by using templates.

You need to view the date and time when the resources were created in RG1.

Solution: From the RG1 blade, you click Deployments.

Does this meet the goal?

A. No
B. Yes

A

B. Yes

Explanation:
From the RG1 blade, click Deployments. You see a history of deployment for the resource group.

Reference: https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-tutorial-create-first-template?tabs=azure-powershell

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

By default, peered VNets appear and perform as a single network.

A. TRUE
B. FALSE

A

A. TRUE

Explanation:
By default, peered VNets appear and perform as a single network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

You have an Azure subscription that contains the resources shown in the following table.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You have an Azure subscription named Subscription1.

You deploy a virtual machine named VM1 to Subscription1.

You need to monitor the metrics and the logs of VM1.

What should you use?

(It should apply to Windows and Linux VM)

A. Linux Diagnostic Extension (LAD) 3.0
B. The AzurePerformanceDiagnostics extension
C. Azure HDInsight
D. Azure Analysis Services

A

B. The AzurePerformanceDiagnostics extension

Explanation:
You can use extensions to configure diagnostics on your VMs to collect additional metric data
The basic host metrics are available, but to see more granular and VM specific metrics, you need to install the Azure diagnostics extension on the VM. The Azure diagnostics extension allows additional monitoring and diagnostics data to be retrieved from the VM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

User Defined Routes (UDRs) change the default behavior of subnets allowing you to direct outbound traffic to other locations. Typically, traffic is sent through a virtual appliance such as a firewall.

A. TRUE
B. FALSE

A

A. TRUE

Explanation:
User Defined Routes (UDRs) change the default behavior of subnets allowing you to direct outbound traffic to other locations. Typically, traffic is sent through a virtual appliance such as a firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You create an Azure Storage account named contosostorage.You plan to create a file share named data.Users need to map a drive to the data file share from home computers that run Windows 10.Which outbound port should you open between the home computers and the data file share?

A. 445
B. 3389
C. 80
D. 443

A

A. 445

Explanation:
Ensure port 445 is open: The SMB protocol requires TCP port 445 to be open, connections will fail if port 445 is blocked. References: https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-windows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Virtual networks are divided into subnets, which allow you to isolate workloads.

A. TRUE
B. FALSE

A

A. TRUE

Explanation:
Virtual networks are divided into subnets, which allow you to isolate workloads.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The effective routes for each network interface can be reviewed to help diagnose routing issues.

A. True
B. False

A

A. True

Explanation:
The effective routes for each network interface can be reviewed to help diagnose routing issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Virtual Machine Scale Sets (VMSS), can scale up to 10 instances. You need to ensure that you create the VMSS configured for large scale sets if you intend to go above 10 instances. There are several other limits to consider too. Using a custom image, you can only create up to 3 instances. To scale above 10 instances, you must use the Standard SKU of the Azure Load Balancer or the Azure App Gateway.

A. True
B. False

A

B. False

Explanation:
Virtual Machine Scale Sets (VMSS), can scale up to 1000 instances. You need to ensure that you create the VMSS configured for large scale sets if you intend to go above 100 instances. There are several other limits to consider too. Using a custom image, you can only create up to 300 instances. To scale above 100 instances, you must use the Standard SKU of the Azure Load Balancer or the Azure App Gateway.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Public IP addresses are not managed as a standalone resource.

A. True
B. False

A

B. False

Explanation:
Public IP addresses are managed as a standalone resource, which can be associated with a network interface IP configuration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

You have an Azure subscription.Users access the resources in the subscription from either home or from customer sites.

From home, users must establish a point-to-site VPN to access the Azure resources.

The users on the customer sites access the Azure resources by using site-to-site VPNs.

You have a line-of-business app named App1 that runs on several Azure virtual machine.

The virtual machines run Windows Server 2016.

You need to ensure that the connections to App1 are spread across all the virtual machines.

What are two possible Azure services that you can use?

Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

A. An Azure Application Gateway
B. An Internal Load Balancer
C. Traffic Manager
D. A public load balancer
E. An Azure Content Delivery Network (CDN)

A

A. An Azure Application Gateway
B. An Internal Load Balancer

Explanation:
Public load balancer is not correct as you’re going over site to site VPN, furthermore, traffic manager is used to bring resources closest to the requesting users, not to balance out the traffic to the backend pools.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

The Azure Backup service can backup and restore and entire virtual machine and you can also use it for just file recovery to restore files from a recovery point without recreating the entire virtual machine.

A. True
B. False

A

A. True

Explanation:
The Azure Backup service can backup and restore and entire virtual machine and you can also use it for just file recovery to restore files from a recovery point without recreating the entire virtual machine.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Virtual networks can be connected using VNet peering. This is supported both within a region or across regions.

A. True
B. False

A

A. True

Explanation:
Virtual networks can be connected using VNet peering. This is supported both within a region or across regions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

You have an Azure subscription named Subscription1 that is used by several departments at your company.

Subscription1 contains the resources in the following table.

Another administrator deploys a virtual machine named VM1 and an Azure Storage account named Storage2 by using a single Azure Resource Manager template.

You need to view the template used for the deployment.

Which blade can you use to check past template deployments made by another user?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

You have an Azure subscription.You have 100 Azure virtual machines.You need to quickly identify underutilized virtual machines that can have their service tier changed to a less expensive offering.Which blade should you use?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Azure Load Balancer also supports port forwarding, using inbound NAT rules. This maps a specific frontend port to a specific backend port on a specific backend server.

A. FALSE
B. TRUE

A

B. TRUE

Explanation:
Azure Load Balancer also supports port forwarding, using inbound NAT rules. This maps a specific frontend port to a specific backend port on a specific backend server.

26
Q

You have an Azure subscription that contains a storage account named account1.

You plan to upload the disk files of a virtual machine to account1 from your on-premises network.

The on-premises network uses a public IP address space of131.107.1.0/24.You plan to use the disk files to provision an Azure virtual machine named VM1.

VM1 will be attached to a virtual network named VNet1.

VNet1 uses an IP address space of 192.168.0.0/24.You need to configure account1 to meet the following requirements:

  • Ensure that you can upload the disk files to account1.
  • Ensure that you can attach the disks to VM1.
  • Prevent all other access to account1.

Which two actions should you perform?

Ensure that you can upload the disk files to account1 & Prevent all other access to account1.

Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A. From the Firewalls and virtual networks blade of account1, select Allow trusted Microsoft services to access this storage account
B. From the Firewalls and virtual networks blade of account1, add the 131.107.1.0/24 IP address range
C. From the Firewalls and virtual networks blade of account1, select Selected networks
D. From the firewalls and virtual networks blade of account1, add VNet1
E. From the Service endpoints blade of VNet1, add a service endpoint

A

B. From the Firewalls and virtual networks blade of account1, add the 131.107.1.0/24 IP address range

C. From the Firewalls and virtual networks blade of account1, select Selected networks

Explanation:
The 2 option (From the Firewalls and virtual networks blade of account1, add the 131.107.1.0/24 IP address range and

From the Firewalls and virtual networks balde of account1, select Selected networks) add the public IP to copy vhd files and also restrict the access to others.

Reference: https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security

27
Q

The first IP address allocated to VMs is therefore typically the .4 IP address. Private IP addresses for a VM are assigned from a subnet and configured as settings on the IP configuration of a network interface resource.

A. TRUE
B. FALSE

A

A. TRUE

Explanation:
The first IP address allocated to VMs is therefore typically the .4 IP address. Private IP addresses for a VM are assigned from a subnet and configured as settings on the IP configuration of a network interface resource.

28
Q

An Azure Load Balancer load-balancing configuration comprises _________________________.

A. Backend Pool
B. Load Balancing Rule
C. Frontend IP Configuration
D. Health probes

A

A. Backend Pool
B. Load Balancing Rule
C. Frontend IP Configuration
D. Health probes

Explanation:
An Azure Load Balancer load-balancing configuration comprises frontend IP configuration, backend pool, health probes, and load-balancing rule.

29
Q

VPN Troubleshoot provides automated, in-depth troubleshooting of VPN connections.

A. FALSE
B. TRUE

A

B. TRUE

Explanation:
VPN Troubleshoot provides automated, in-depth troubleshooting of VPN connections.

30
Q

Azure reserves the first 2 and last IP address in each subnet.

A. FALSE
B. TRUE

A

A. FALSE

Explanation:
Azure reserves the first 4 and last IP address in each subnet.

31
Q

You have an Azure subscription that contains the resources shown in the following table.

VM1 connects to VNET1.

You need to connect VM1 to VNET2.

Solution: You create a new network interface, and then you add the network interface to VM1.

Does this meet the goal?

A
32
Q

Public IP addresses support two pricing tiers (SKUs). The Basic tier supports dynamic and static assignment and provides open connectivity (which can be restricted using Network Security Groupss). The Standard tier supports zone-redundant deployments, use static allocation only, and is closed by default (access is enabled using Network Security Groupss).

A. FALSE
B. TRUE

A

A. FALSE

Explanation:
Public IP addresses support two pricing tiers (SKUs). The Basic tier supports dynamic and static assignment and provides open connectivity (which can be restricted using Network Security Groupss). The Standard tier supports zone-redundant deployments, use static allocation only, and is closed by default (access is enabled using Network Security Groupss).

33
Q

VNets can be connected using ______________________.

A. VNet to VNet VPN Connections
B. VPNET Connections
C. VNet Peering

A

A. VNet to VNet VPN Connections
C. VNet Peering

Explanation:
VNets can be connected using either VNet peering or VNet-to-VNet VPN connections.

34
Q

You have an Azure subscription that contains 100 virtual machines.You regularly create and delete virtual machines.You need to identify unattached disks that can be deleted.What should you do?

A. From Azure Cost Management, view Advisor Recommendations
B. From Azure Cost Management, view Cost Analysis
C. From the Azure portal, configure the Advisor recommendations
D. From Microsoft Azure Storage Explorer, view the Account Management properties

A

D. From Microsoft Azure Storage Explorer, view the Account Management properties

Explanation:
Advisor doesn’t show or highlight somehow Unattached disks. Azure Storage Explorer the simplest way to identify such stuff. And, for instance, simple ps-command: Get-AzDisk | Select-Object Name, DiskSizeGB, DiskState, ResourceGroupName.

You can find unused disks in the Azure Storage Explorer console.

Once you drill down to the Blob containers under a storage account, you can see the lease state of the residing VHD (the lease state determines if the VHD is being used by any resource) and the VM to which it is leased out.

If you find that the lease state and the VM fields are blank, it means that the VHD in question is unused.

The screenshot below shows two active VHDs being used by VMs as data and OS disks.

The name of the VM and lease state are shown in the “VM Name” and “Lease State” columns, respectively.

Reference: https://cloud.netapp.com/blog/reduce-azure-storage-costs

35
Q

A VM can be associated with one network interface, and this network interface can contain one IP configuration.

A. FALSE
B. TRUE

A

A. FALSE

Explanation:
A VM can be associated with one or more network interfaces, and each network interface can contain multiple IP configurations.

36
Q

You have an Azure virtual machine named VM1 that you use for testing. VM1 is protected by Azure Backup.

You delete VM1.

You need to remove the backup data stored for VM1.

What should you do first?

A. Modify the backup policy
B. Stop the backup
C. Delete the Recovery Services vault
D. Delete the storage account

A

B. Stop the backup

Explanation:
First you need to Stop backup and select Delete backup.

37
Q

Network Performance Monitor provides monitoring for hybrid networks. It supports performance monitor (for monitoring connections between two endpoints), connectivity monitor (to monitor outbound connections to a given IP or FQDN), and ExpressRoute monitor to monitor ExpressRoute connections.

A .TRUE
B. FALSE

A

A .TRUE

Explanation:
Network Performance Monitor provides monitoring for hybrid networks. It supports performance monitor (for monitoring connections between two endpoints), connectivity monitor (to monitor outbound connections to a given IP or FQDN), and ExpressRoute monitor to monitor ExpressRoute connections.

38
Q

You have an Azure subscription named Subscription1.You have 5 TB of data that you need to transfer to Subscription1.You plan to use an Azure Import/Export job.What can you use as the destination of the imported data?

A. Azure Data Lake Store
B. a virtual machine
C. The Azure File Sync Storage Sync Service
D. Azure Blob Storage

A

D. Azure Blob Storage

Explanation:
Azure Import/Export service is used to securely import large amounts of data to Azure Blob storage and Azure Files by shipping disk drives to an Azure datacenter.

The maximum size of an Azure Files Resource of a file share is 5 TB.

Reference: https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-service

39
Q

You have a Recovery Service vault that you use to test backups. The test backups contain two protected virtual machines.You need to delete the Recovery Services vault.What should you do first?

A. Modify the locks of each virtual machine
B. Modify the disaster recovery properties of each virtual machine
C. From the Recovery Service vault, stop the backup of each backup item

A

C. From the Recovery Service vault, stop the backup of each backup item

Explanation:
You can’t delete a Recovery Services vault if it is registered to a server and holds backup data. If you try to delete a vault, but can’t, the vault is still configured to receive backup data.Remove vault dependencies and delete vaultIn the vault dashboard menu, scroll down to the Protected Items section, and click Backup Items. In this menu, you can stop and delete Azure File Servers, SQLServers in Azure VM, and Azure virtual machines.

Reference: https://docs.microsoft.com/en-us/azure/backup/backup-azure-delete-vault

40
Q

VNet peering allows VMs to see each other as one network, but their relationships are non-transitive. If VNETA and VNETB are peered and VNETB and VNETC are peered VNETA and VNETC are not peered.

A. FALSE
B. TRUE

A

B. TRUE

Explanation:
VNet peering allows VMs to see each other as one network, but their relationships are non-transitive. If VNETA and VNETB are peered and VNETB and VNETC are peered VNETA and VNETC are not peered.

41
Q

You plan to use the Azure Import/Export service to copy files to a storage account.Which two files should you create before you prepare the drives for the import job? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point.

A. an XML manifest file
B. a dataset CSV file
C. a JSON configuration file
D. A driveset CSV file
E. A PowerShell PS1 file

A

B. a dataset CSV file
D. A driveset CSV file

Explanation:
A driveset CSV file: Modify the driveset.csv file in the root folder where the tool resides.

A dataset CSV file: Modify the dataset.csv file in the root folder where the tool resides. Depending on whether you want to import a file or folder or both, add entries in the dataset.csv file

References: https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-data-to-files

42
Q

You have the Azure virtual machines shown in the following table.

You have a Recovery Services vault that protects VM1 and VM2.

You need to protect VM3 and VM4 by using Recovery Services.

What should you do first?

A. Create a storage account
B. Create a new backup policy
C. Configure the extensions for VM3 and VM4
D. Create a new Recovery Services vault

A

D. Create a new Recovery Services vault

Explanation:
A Recovery Services vault is a storage entity in Azure that houses data.

The data is typically copies of data, or configuration information for virtual machines(VMs), workloads, servers, or workstations.

You can use Recovery Services vaults to hold backup data for various Azure services

References: https://docs.microsoft.com/en-us/azure/site-recovery/azure-to-azure-tutorial-enable-replication

43
Q

You have an Azure subscription.

You have an on-premises virtual machine named VM1.

The settings for VM1 are shown in the following picture.

You need to ensure that you can use the disks attached to VM1 as a template for Azure virtual machines.

What should you modify on VM1?

A. the network adapters
B. the processor
C. Integration Services
D. the memory
E. the hard drive

A

E. the hard drive

Explanation:
From the exhibit we see that the disk is in the VHDX format.Before you upload a Windows virtual machines (VM) from on-premises to Microsoft Azure, you must prepare the virtual hard disk (VHD or VHDX). Azure supports only generation 1 VMs that are in the VHD file format and have a fixed sized disk. The maximum size allowed for the VHD is 1,023 GB (The maximum size allowed only for the OS VHD is 2TB. While for a VHD it is 1023GB.). You can convert a generation 1 VM from the VHDX file system to VHD and from a dynamically expanding disk to fixed-sized.

Reference: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/prepare-for-upload-vhd-image?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json

44
Q

You plan to back up an Azure virtual machine named VM1.You discover that the Backup Pre-Check status displays a status of Warning.What is a possible cause of the Warning status?

A. VM1 does not have the latest version of WaAppAgent.exe installed
B. VM1 is stopped
C. VM1 has an unmanaged disk

A

A. VM1 does not have the latest version of WaAppAgent.exe installed

Explanation:
The Warning state indicates one or more issues in VM’s configuration that might lead to backup failures and provides recommended steps to ensure successful backups.

Not having the latest VM Agent installed, for example, can cause backups to fail intermittently and falls in this class of issues.

References: https://azure.microsoft.com/en-us/blog/azure-vm-backup-pre-checks/

45
Q

Private IP addresses support two allocation methods: dynamic or static. Static IP addresses are released when the VM is stopped (deallocated).

A. TRUE
B. FALSE

A

B. FALSE

Explanation:
Private IP addresses support two allocation methods: dynamic or static. Dynamic IP addresses are released when the VM is stopped (deallocated).

46
Q

You download an Azure Resource Manager template based on an existing virtual machine. The template will be used to deploy 100 virtual machines.

You need to modify the template to reference an administrative password. You must prevent the password from being stored in plain text.

What should you create to store the password?

A. A Recovery Services vault and a backup policy
B. An Azure Key Vault and access policy
C. An Azure Storage account and an access policy
D. Azure Active Directory (AD) Identity Protection and an Azure policy

A

B. An Azure Key Vault and access policy

Explanation:
You can use a template that allows you to deploy a simple Windows VM by retrieving the password that is stored in a Key Vault. Therefore, the password is never put in plain text in the template parameter file.

References: https://azure.microsoft.com/en-us/resources/templates/101-vm-secure-password/

47
Q

You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.You receive a notification that VM1 will be affected by maintenance.You need to move VM1 to a different host immediately.Solution: From the Overview blade, you move the virtual machine to a different subscription.Does this meet the goal?

A. Yes
B. No

A

B. No

Explanation:
You would need to redeploy the VM. References: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/redeploy-to-new-node

48
Q

You have a resource group named RG1.

RG1 contains an Azure Storage account named storageaccount1 and a virtual machine named VM1 that runs WindowsServer 2016.

Storageaccount1 contains the disk files for VM1.

You apply a ReadOnly lock to RG1.What can you do from the Azure portal?

A. Upload a blob to storageaccount1
B. Generate an automation script for RG1
C. Start VM1
D. View they keys of storageaccount1

A

B. Generate an automation script for RG1

Explanation:
Applying ReadOnly can lead to unexpected results because some operations that don’t seem to modify the resource actually require actions that are blocked by the lock. The ReadOnly lock can be applied to the resource or to the resource group containing the resource. Some common examples of the operations that are blocked by a ReadOnly lock are: A ReadOnly lock on a storage account prevents all users from listing the keys. The list keys operation is handled through a POST request because the returned keys are available for write operations.

References: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lock-resources

49
Q

If a UDR is used to send traffic to a virtual appliance, IP forwarding must be enabled on the NIC of the virtual appliance VM.

A. TRUE
B. FALSe

A

A. TRUE

Explanation:
If a UDR is used to send traffic to a virtual appliance, IP forwarding must be enabled on the NIC of the virtual appliance VM.

50
Q

You have an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com that contains 100 user accounts.

You purchase 10 Azure AD Premium P2 licenses for the tenant.

You need to ensure that 10 users can use all the Azure AD Premium features.

What should you do?

A. From the Directory role blade of each user, modify the directory role
B. From the Licenses blade of Azure AD, assign a license
C. From the Groups blade of each user, invite the users to a group
D. From the Azure AD Domain, add an enterprise application

A

B. From the Licenses blade of Azure AD, assign a license

Explanation”:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/license-users-groups

51
Q

Routing outbound Internet traffic via a VPN connection to a network security device is known as forced tunneling.

A. TRUE
B. FALSE

A

A. TRUE

Explanation:
Routing outbound Internet traffic via a VPN connection to a network security device is known as forced tunneling.

52
Q

You have an Azure subscription named Subscription1.You have 5 TB of data that you need to transfer to Subscription1.You plan to use an Azure Import/Export job.What can you use as the destination of the imported data?

A. The Azure File Sync Storage Sync Service
B. Azure Data Factory
C. Azure File Storage
D. an Azure Cosmos DB database

A

C. Azure File Storage

Explanation:
Azure Import/Export service is used to securely import large amounts of data to Azure Blob storage and Azure Files by shipping disk drives to an Azure datacenter.

The maximum size of an Azure Files Resource of a file share is 5 TB.

Reference: https://docs.microsoft.com/en-us/azure/storage/common/storage-import-export-service

53
Q

IP Flow Verify is a Network Watcher feature used to test if a given network flow is allowed in or out of an Azure VM.

A.TRUE
B. FALSE

A

A. TRUE

Explanation:
IP Flow Verify is a Network Watcher feature used to test if a given network flow is allowed in or out of an Azure VM.

54
Q

You have an Azure subscription that contains the resources in the following table.

Store1 contains a file share named Data.

Data contains 5,000 files.

You need to synchronize the files in the file share named Data to an on-premises server named Server1.

Which three actions should you perform?

Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A. Register Server1
B. Create a sync group
C. Create a container instance
D. Download an automation script
E. Install the Azure File Sync on Server1

A

B. Create a sync group
E. Install the Azure File Sync on Server1

Explanation:
Step 1: Install the Azure File Sync agent on Server1.

The Azure File Sync agent is a downloadable package that enables Windows Server to be synced with an Azure file sharec

Step 2 : Register Server1.

Register Windows Server with Storage Sync ServiceRegistering your Windows Server with a Storage Sync Service establishes a trust relationship between your server (or cluster) and the Storage Sync Service.

Step 3 : Create a sync group and a cloud endpoint.

A sync group defines the sync topology for a set of files. Endpoints within a sync group are kept in sync with each other. A sync group must contain one cloud endpoint, which represents an Azure file share and one or more server endpoints. A server endpoint represents a path on registered server.

References: https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-deployment-guide

55
Q

Packet Captures enables network traffic on a given VM to be captured ________________

A. either locally or to an Azure storage account
B. locally
C. to an Azure storage account

A

A. either locally or to an Azure storage account

Explanation:
Packet Captures enables network traffic on a given VM to be captured, either locally or to an Azure storage account.

56
Q

Azure Load Balancer comes in two pricing tiers (SKUs): Basic or Standard. The Standard tier supports availability zones, larger and more flexible backend pools, and a number of other features. The Basic tier is free of charge.

A. TRUE
B. FALSE

A

A. TRUE

Explanation:
Azure Load Balancer comes in two pricing tiers (SKUs): Basic or Standard. The Standard tier supports availability zones, larger and more flexible backend pools, and a number of other features. The Basic tier is free of charge.

57
Q

Network Topology creates a diagrammatic representation of the resources in your virtual network.

A. FALSE
B. TRUE

A

B. TRUE

Explanation:
Network Topology creates a diagrammatic representation of the resources in your virtual network.

58
Q

Next Hop is used to determine the next hop address and routing rule for a given network flow.

A. TRUE
B. FALSE

A

A. TRUE

Explanation:
Next Hop is used to determine the next hop address and routing rule for a given network flow.

59
Q

You have two Azure virtual machines named VM1 and VM2.

You have two Recovery Services vaults named RSV1 and RSV2.

VM2 is protected by RSV1.

You need to use RSV2 to protect VM2.

What should you do first?

A .From the RSV1 blade, click Backup Items and stop the VM2 backup
B. From the RSV2 blase, click Backup. From the Backup blade, select the backup for the virtual machine, and then click Backup
C. From the VM2 blade, click Disaster Recovery, click Replication settings and then select RSV2 as the Recovery Services vault
D. From the RSV1 blade, click Backup Jobs and export the VM2 job

A

C. From the VM2 blade, click Disaster Recovery, click Replication settings and then select RSV2 as the Recovery Services vault

Explanation:
You can do another RSV replication on the Disaster Recover Settings, it is recommended that your RSV location should be different geographic location in case of downtime.

Reference: https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-first-look-arm

60
Q

To connect two VNet, they can even have overlapping IP address spaces.

A. FALSE
B. TRUE

A

A. FALSE

Explanation:
The peered VNets must have non-overlapping IP address spaces. In addition, the VNet address space cannot be modified once the VNet is peered with another VNet.