Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AZ-104 Practice Test > Test 1 > Flashcards

Test 1 Flashcards

1
Q

Azure Admin1 and Admin2 are global administrators of Tenant1. Azure Admin1 is a ServiceAdministrator of Subscription1. Can Admin2 add a new administrator to Subscription1?

A

No, by default Global Administrators do not have managerial access to Azure subscription unless explicitly defined. Hence Admin2 cannot do anything in the subscription. Cannot even see it in the list of subscriptions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which types of storage support the archive tier?

A

BlobStorage and StorageV2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which types of storage do not support the archive tier?

A

FileStorage and Storage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Does the “storage” type support archive tier storage?

A

No, only BlobStorage and StorageV2 support archive-tier storage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

AdminUser1 is a global administrator of Tenant1, but cannot see all the resources inside the tenant. What could they do to view all resources, and how?

A

AdminUser1 could elevate their access to manage all subscriptions and management groups. To do, this they can go to “Azure Active Directory” in the Azure Portal, then Properties, and then select “Elevate Access”.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is virtual network peering in Azure?

A

Virtual network peering is connecting two or more networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Name and define the two types of virtual network peering.

A

Virtual network peering - connecting two or more networks within the same region.

Global virtual network peering - connecting two or more networks across Azure regions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What can prevent peering two networks?

A

Networks with overlapping address spaces cannot be peered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which type of gateway can be connected to a point-to-site connection?

A

A route-based virtual network gateway.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Can a route-based virtual network gateway be used to create a point-to-site connection?

A

Yes, route-based virtual network gateways can be used to create a P2S connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Can a policy-based virtual network gateway be used to create a point-to-site connection?

A

No, only a route-based virtual network gateway can be used to create a P2S connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a service endpoint in Azure and what are they used for?

A

Service endpoints are direct, network connections to Azure services. They allow private connections directly to Azure services without requiring a public IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You have an Azure virtual machine named VM1 that connects to a virtual network named VNet1.

VM1 has the following configuration:
Subnet: 10.0.0.0/24
Availability set: AVSet
Network security group (NSG): None
Private IP address: 10.0.0.4 (dynamic)
Public IP address: 40.90.219.6 (dynamic)

What must you do to deploy a standard load balancer and allow it to connect to VM1?

A

You must remove the dynamic public IP address assigned to VM1 and change it to a static public IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Can two machines in the same VNET communicate if there is no NSG configured?

A

Yes, by default machines within the same VNET can communicate freely with each other.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Can two machines in different VNETs communicate without an NSG configured?

A

No, machines cannot communicate freely with other networks by default.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

VNET 1 has 2 subnets, and VNET 2 has 3 subnets. Can machines in VNET1Sub1 communicate with VNET1Sub2 by default?

A

Yes, by default machines within the same VNET can communicate freely with each other, even between subnets.

17
Q

VNET 1 has 2 subnets, and VNET 2 has 3 subnets. Can machines in VNET1Sub1 communicate with VNET2Sub3 by default?

A

No, machines cannot communicate freely with other networks by default.

18
Q

VNET 1 has 2 subnets, and VNET 2 has 3 subnets. Can machines in VNET2Sub2 communicate with VNET2Sub3 by default?

A

Yes, by default machines within the same VNET can communicate freely with each other, even between subnets.

19
Q

VNET 1 is located in East US, and public IP IP1 is located in West Europe. In which regions can you create a network interface card (NIC)?

A

East US only - a NIC can only be created in a location which has a VNET.

20
Q

What is Azure Network Watcher?

A

Azure Network Watcher provides network performance monitoring and diagnostics tools.

21
Q

What is Azure Monitor?

A

Azure Monitor collects logs and metrics from your applications and infrastructure for monitoring. It does not contain any “active” investigation methods like packet captures.

22
Q

What is the difference between Azure Network Monitor and Azure Watcher?

A

Azure Network Watcher provides “active” investigation tools like packet captures and IP flow verification, whereas Azure Monitor provides only collection, analytics monitoring and reporting tools.

23
Q

In Azure Network Watcher, what is the IP flow verify tool?

A

The IP flow verify tool checks if a packet is allowed or denied to or from a specified virtual machine. The security group decision and the name of the rule that denied the packet are returned.

24
Q

In Azure Network Watcher, what is the next hop tool?

A

Next hop provides the next hop from a source machine to a target destination.

25
Q

How could you identify a security rule that prevents a network packet from reaching an Azure virtual machine?

A

Use the IP flow verify tool within Azure Network Watcher.

26
Q

In Azure Network Watcher, what is the connection troubleshoot tool?

A

Connection troubleshoot provides the ability to test a direct connection from a virtual machine to another VM, IP, FQDN or URL.

27
Q

Which protocols does the connection troubleshoot tool support?

A

TCP and ICMP.

28
Q

What is the difference between the IP flow verify and connection troubleshoot tools?

A

Connection troubleshoot can be used to test a connection between a VM and any IP, FQDN or URL using TCP and ICMP. IP flow verify checks is a packet is allowed to or from a virtual machine and returns the impacting security group decision and rule. IP flow verify supports UDP, whereas connection troubleshoot does not.

AZ-104 Practice Test (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions