AZ-104 Microsoft Azure Administrator practice exam questions + explaine part 1

AZ-104 Microsoft Azure Administrator practice exam questions + explaine part 1

Question 1: Which Azure service should you use to centrally manage access to multiple Azure services and Microsoft 365 services?

a) Azure Security Center
b) Azure Active Directory (Azure AD)
c) Azure Monitor
d) Azure Policy

    Answer: b) Azure Active Directory (Azure AD)

    Explanation: Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. It allows you to centrally manage identities and access to various Azure services and Microsoft 365 services. Azure AD provides features such as single sign-on (SSO), multi-factor authentication (MFA), identity protection, and more.

    Question 2: You need to ensure that a virtual machine (VM) in Azure automatically restarts if it becomes unavailable due to a hardware failure. Which Azure feature should you use?

    a) Azure Availability Zones
    b) Azure Availability Sets
    c) Azure Site Recovery
    d) Azure Backup

      Answer: b) Azure Availability Sets

      Explanation: Azure Availability Sets ensure high availability of virtual machines (VMs) by distributing VM instances across multiple fault domains and update domains within a datacenter. In the event of a hardware failure, VM instances in different fault domains remain unaffected, providing redundancy and automatic failover.

      Question 3: You want to monitor the performance and health of Azure resources in real-time. Which Azure service should you use?a) Azure Security Center
      b) Azure Log Analytics
      c) Azure Monitor
      d) Azure Resource Manager

        Answer: c) Azure Monitor

        Explanation: Azure Monitor is the centralized monitoring service in Azure that provides comprehensive insights into the performance and health of Azure resources. It collects and analyzes telemetry data from various sources, including Azure services, applications, and infrastructure components, allowing you to monitor, diagnose, and optimize the performance of your Azure environment in real-time.

        Question 4: You are responsible for managing Azure virtual machines (VMs) and need to ensure that a VM automatically scales based on predefined conditions such as CPU usage. Which Azure feature should you use?

        a) Azure Availability Sets
        b) Azure Auto Scaling
        c) Azure Virtual Machine Scale Sets
        d) Azure Load Balancer

          Answer: c) Azure Virtual Machine Scale Sets

          Explanation: Azure Virtual Machine Scale Sets allow you to automatically scale out or scale in the number of VM instances based on predefined conditions such as CPU usage, network traffic, or custom metrics. It enables you to ensure high availability, performance, and cost-efficiency by dynamically adjusting the capacity of VMs to meet changing workload demands.

          Question 5: Your company needs to securely store and manage sensitive keys, secrets, and certificates in Azure. Which Azure service should you use?

          a) Azure Key Vault
          b) Azure Security Center
          c) Azure Active Directory (Azure AD)
          d) Azure Storage

            Answer: a) Azure Key Vault

            Explanation: Azure Key Vault is a cloud service that allows you to securely store and manage keys, secrets, and certificates. It provides centralized key management, secrets management, and certificate management, enabling you to safeguard sensitive information and control access to cryptographic keys, application secrets, and SSL/TLS certificates used by your applications and services in Azure.

            Question 6: You need to deploy a solution that ensures data backup and recovery for Azure virtual machines (VMs). Which Azure service should you use?

            a) Azure Backup
            b) Azure Site Recovery
            c) Azure Blob Storage
            d) Azure File Sync

              Answer: a) Azure Backup

              Explanation: Azure Backup is a cloud-based backup service that allows you to protect data and workloads in Azure. It supports backup and recovery of Azure virtual machines (VMs), Azure file shares, SQL databases, and more. By using Azure Backup, you can create backup policies, schedule backups, and perform granular recovery of data to safeguard against data loss and ensure business continuity.

              Question 7: You want to implement role-based access control (RBAC) to enforce least privilege access to Azure resources. Which Azure service should you use?

              a) Azure Policy
              b) Azure Active Directory (Azure AD)
              c) Azure Security Center
              d) Azure Role-Based Access Control (RBAC)

                Answer: d) Azure Role-Based Access Control (RBAC)

                Explanation: Azure Role-Based Access Control (RBAC) is the authorization system used to manage access to Azure resources. RBAC allows you to grant users only the permissions they need to perform their jobs effectively, following the principle of least privilege. You can assign built-in or custom roles to users, groups, or service principals, controlling their access to Azure resources at a granular level.

                Question 8: You need to monitor and analyze log data from Azure virtual machines (VMs) for troubleshooting and performance optimization. Which Azure service should you use?

                a) Azure Monitor
                b) Azure Log Analytics
                c) Azure Diagnostics
                d) Azure Network Watcher

                  Answer: b) Azure Log Analytics

                  Explanation: Azure Log Analytics is a service that collects and analyzes log data from various sources, including Azure resources, virtual machines (VMs), applications, and operating systems. It provides advanced querying and visualization capabilities, allowing you to gain insights into the performance, health, and operational efficiency of your Azure environment for troubleshooting, monitoring, and optimization purposes.

                  Question 9: You need to ensure that sensitive data stored in Azure Storage is encrypted at rest. Which Azure feature should you enable?

                  a) Azure Security Center
                  b) Azure Storage Service Encryption
                  c) Azure Key Vault
                  d) Azure Active Directory (Azure AD)

                    Answer: b) Azure Storage Service Encryption

                    Explanation: Azure Storage Service Encryption automatically encrypts data at rest in Azure Storage using Microsoft-managed keys. It helps protect sensitive data stored in Azure blobs, files, queues, and tables from unauthorized access or data breaches. By enabling Azure Storage Service Encryption, you can ensure that your data remains encrypted and secure even if it is stored on disk within Azure datacenters.

                    Question 10: You need to deploy a web application that automatically scales based on incoming HTTP traffic. Which Azure service should you use?

                    a) Azure Application Gateway
                    b) Azure Traffic Manager
                    c) Azure Functions
                    d) Azure App Service

                      Answer: d) Azure App Service

                      Explanation: Azure App Service is a platform-as-a-service (PaaS) offering that allows you to build, deploy, and scale web applications and APIs. It supports automatic scaling based on various metrics, including incoming HTTP traffic, CPU usage, and memory usage. By hosting your web application on Azure App Service, you can take advantage of its built-in scalability features to ensure optimal performance and availability for your users.