00:15:00

Microsoft Azure Administrator Associate Practice Test (AZ-104)

Use the form below to configure your Microsoft Azure Administrator Associate Practice Test (AZ-104). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.

Logo for Microsoft Azure Administrator Associate AZ-104
Questions
Number of questions in the practice test
Free users are limited to 20 questions, upgrade to unlimited
Seconds Per Question
Determines how long you have to finish the practice test
Exam Objectives
Which exam objectives should be included in the practice test

Microsoft Azure Administrator Associate AZ-104 Information

As a candidate for this certification, you should have subject matter expertise in implementing, managing, and monitoring an organization’s Azure environment, including:

  • Virtual networks
  • Storage
  • Compute
  • Identity
  • Security
  • Governance

As an Azure administrator, you often serve as part of a larger team dedicated to implementing an organization's cloud infrastructure. You also coordinate with other roles to deliver Azure networking, security, database, application development, and DevOps solutions.

You should be familiar with:

  • Operating systems
  • Networking
  • Servers
  • Virtualization

In addition, you should have experience with:

  • PowerShell
  • Azure CLI
  • The Azure portal
  • Azure Resource Manager templates
  • Microsoft Entra ID

Skills measured

  • Manage Azure identities and governance
  • Implement and manage storage
  • Deploy and manage Azure compute resources
  • Implement and manage virtual networking
  • Monitor and maintain Azure resources

Free Microsoft Azure Administrator Associate AZ-104 Practice Test

Press start when you are ready, or press Change to modify any settings for the practice test.

  • Questions: 15
  • Time: Unlimited
  • Included Topics:
    Manage Azure identities and governance
    Implement and manage storage
    Deploy and manage Azure compute resources
    Configure and manage virtual networking
    Monitor and maintain Azure resources
Question 1 of 15

An administrator has deployed a public load balancer to distribute incoming HTTP traffic across three Azure virtual machines (VMs). However, users report that they cannot access the web application hosted on these VMs, and diagnostics show that the load balancer is not distributing traffic to the backend pool. What should the administrator check first to resolve the issue?

  • Check if the Azure Firewall is blocking incoming traffic to the load balancer

  • Verify that the health probes are configured properly and that the backend VMs are responding to them

  • Ensure that the load balancer's SKU matches that of the backend VMs

  • Increase the instance count of the load balancer to handle more traffic

Question 2 of 15

You are an Azure administrator at Contoso Ltd. Your organization needs to collaborate with external consultants who require access to certain internal applications secured by Azure Entra ID. You want to grant them access while maintaining security and manageability. What should you do to provide access to these external users?

  • Enable anonymous access to the applications to allow external users to access them.

  • Create new user accounts in Azure Entra ID for the consultants with standard user licenses.

  • Share the credentials of existing internal users with the consultants.

  • Add the external consultants as guest users through Azure AD B2B collaboration.

Question 3 of 15

You are tasked with automating the bulk transfer of files from an on-premises server to Azure Blob Storage. Which tool would be most appropriate to use?

  • AzCopy

  • Azure Portal

  • Azure Data Box

  • Azure Storage Explorer

Question 4 of 15

You need to configure replication of an Azure virtual machine to a secondary region for disaster recovery purposes. Which resource must you create first?

  • A Traffic Manager profile

  • A Recovery Services vault

  • A Network Security Group

  • An Azure Container Registry

Question 5 of 15

You are administering an Azure web application running on an App Service in the Standard pricing tier. You need to ensure the application data is backed up regularly to allow for restoration if needed. What should you do?

  • Use Azure Backup to back up the App Service to a Recovery Services vault

  • Enable the built-in backup feature in the App Service and configure a storage account

  • Downgrade the App Service plan to the Basic tier

  • Configure Azure Site Recovery to protect the App Service

Question 6 of 15

You have an existing AKS cluster running an older version of Kubernetes. You need to change it to a newer supported version. Which method should you use?

  • Create a new cluster with the desired version and migrate applications.

  • Manually update the Kubernetes components on each node.

  • Use the Azure CLI command to perform an in-place upgrade of the cluster.

  • Modify the cluster configuration file to set the new version.

Question 7 of 15

A company wants to manage network security by assigning policies to multiple virtual machines that serve the same function, without specifying IP addresses. Which Azure feature allows this?

  • Azure Firewall

  • Network Interfaces

  • Application Security Groups

  • Network Security Groups

Question 8 of 15

An organization wants to allow their users to regain access to their accounts if they forget their passwords, without involving administrators. Which Azure Entra ID feature should be enabled to accomplish this?

  • Password writeback

  • Conditional Access

  • Self-Service Password Reset

  • Multi-Factor Authentication

Question 9 of 15

You are deploying an Azure Kubernetes Service (AKS) cluster that requires advanced networking features, including assigning static IP addresses to pods and implementing network policies. Which networking model should you use for the AKS cluster deployment?

  • Use the default network configuration

  • Use the Azure Container Networking Interface (CNI) networking model

  • Configure network security groups (NSGs) for advanced networking

  • Use the kubenet networking model

Question 10 of 15

An organization wants to back up their Azure virtual machines with a specific retention policy: daily backups retained for 30 days, weekly backups retained for 12 weeks, monthly backups retained for 12 months, and yearly backups retained for 7 years. They want to automate this process with minimal administrative overhead. Which backup policy configuration option should they use?

  • Create a custom backup policy with multiple retention ranges for daily, weekly, monthly, and yearly backups

  • Set up a backup policy using Azure Site Recovery with custom retention settings

  • Configure separate backup policies for daily, weekly, monthly, and yearly backups

  • Use the default backup policy and adjust the retention to meet the requirements

Question 11 of 15

You are an Azure administrator for Contoso Ltd. The company wants to allow its users to access blobs in an Azure Storage account using their existing corporate credentials. Which authentication method should you configure?

  • Use shared access signatures (SAS) for each user

  • Configure Azure Entra ID authentication for the storage account

  • Distribute the storage account access keys to the users

  • Enable anonymous access to the blobs

Question 12 of 15

You are managing a critical Azure virtual machine that should not be accidentally deleted or modified. Which Azure feature should you use to prevent such accidental changes?

  • Azure Resource Locks

  • Azure Tags

  • Azure Role-Based Access Control (RBAC)

  • Azure Policy

Question 13 of 15

An organization needs to delegate administrative permissions so that certain administrators can manage users and groups within their own department without affecting other departments. Which Azure feature should you implement to achieve this?

  • Azure Entra ID Administrative Units

  • Azure Management Groups

  • Azure Entra ID Privileged Identity Management

  • Azure Role-Based Access Control (RBAC)

Question 14 of 15

You are an Azure administrator responsible for managing a virtual machine named VM1 that runs Windows Server 2019. You need to automate the installation of software and apply configuration settings on VM1, but you cannot connect directly to the VM. What is the best method to accomplish this?

  • Use Azure Automation to run a runbook against VM1

  • Use the Custom Script Extension to run a PowerShell script on VM1

  • Create a snapshot of VM1, install the software on the snapshot, and replace VM1 with the snapshot

  • Connect to VM1 via Remote Desktop Protocol (RDP) and install the software manually

Question 15 of 15

Your company runs a web application on Azure virtual machines. The application load varies throughout the day, and you need to ensure efficient resource utilization by dynamically adjusting the number of virtual machines based on resource demand. You decide to use a Virtual Machine Scale Set (VMSS) to achieve this. Which feature should you configure on the VM scale set to meet these requirements?

  • Enable autoscaling with custom scaling rules

  • Set up scheduled scaling with predefined times

  • Use Azure Traffic Manager to distribute load

  • Configure manual scaling with a fixed instance count