Free AZ-104 Exam Dumps

Question 131

- (Exam Topic 6)
You have 100 Azure subscriptions. All the subscriptions are associated to the same Azure Active Directory (Azure AD) tenant named contoso.com.
You are a global administrator.
You plan to create a report that lists all the resources across all the subscriptions. You need to ensure that you can view all the resources in all the subscriptions. What should you do?

A. From the Azure portal, modify the profile settings of your account.
B. From Windows PowerShell, run the Add-AzureADAdministrativeUnitMember cmdlet.
C. From Windows PowerShell, run the New-AzureADUserAppRoleAssignment cmdlet.
D. From the Azure portal, modify the properties of the Azure AD tenant.

Correct Answer:C
The New-AzureADUserAppRoleAssignment cmdlet assigns a user to an application role in Azure Active Directory (AD). Use it for the application report.
References:
https://docs.microsoft.com/en-us/powershell/module/azuread/new-azureaduserapproleassignment?view=azuread

Question 132

- (Exam Topic 6)
You have an Azure subscription that contains the resources in the following table.
AZ-104 dumps exhibit
To which subnets can you apply NSG1?

A. the subnets on VNet1 only
B. the subnets on VNet2 only
C. the subnets on VNet3 only
D. the subnets on VNet2. VNet2, and VNet3
E. the subnets on VNet2 and VNet3 only

Correct Answer:C
All Azure resources are created in an Azure region and subscription. A resource can only be created in a virtual network that exists in the same region and subscription as the resource.
References:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-vnet-plan-design-arm

Question 133

- (Exam Topic 6)
You have an Azure subscription that contains the resources shown in the following table.
AZ-104 dumps exhibit
You need to deploy Application1 to Cluster1. Which command should you run?

A. az acr build
B. az aks create
C. docker build
D. kubectl apply

Correct Answer:A

Question 134

- (Exam Topic 6)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You manage a virtual network named VNet1 that is hosted in the West US Azure region. VNet1 hosts two virtual machines named VM1 and VM2 that run Windows Server.
You need to inspect all the network traffic from VM1 to VM2 for a period of three hours.
Solution: From Performance Monitor, you create a Data Collector Set (DCS). Does this meet the goal?

A. Yes
B. No

Correct Answer:B
You should use Azure Network Watcher. References:
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview

Question 135

- (Exam Topic 4)
You have the Azure virtual machines shown in the following table.
AZ-104 dumps exhibit
A DNS service is install on VM1.
You configure the DNS server settings for each virtual network as shown in the following exhibit.

You need 10 ensure that all the virtual machines can resolve DNS names by using the DNS service on VM1. What should you do?

A. Add service endpoints on VNET2 and VNET3.
B. Configure peering between VNE11, VNETT2, and VNET3.
C. Configure a conditional forwarder on VM1
D. Add service endpoints on VNET1.

Correct Answer:C
An Azure AD DS DNS zone should only contain the zone and records for the managed domain itself.
A conditional forwarder is a configuration option in a DNS server that lets you define a DNS domain, such
as contoso.com, to forward queries to. Instead of the local DNS server trying to resolve queries for records in that domain, DNS queries are forwarded to the configured DNS for that domain. This configuration makes sure that the correct DNS records are returned, as you don't create a local a DNS zone with duplicate records in the managed domain to reflect those resources.
To create a conditional forwarder in your managed domain, complete the following steps:
* 1. Select your DNS zone, such as aaddscontoso.com.
* 2. Select Conditional Forwarders, then right-select and choose New Conditional Forwarder...
* 3. Enter your other DNS Domain, such as contoso.com, then enter the IP addresses of the DNS servers for th namespace, as shown in the following example:
AZ-104 dumps exhibit
* 4. Check the box for Store this conditional forwarder in Active Directory, and replicate it as follows, then select the option for All DNS servers in this domain, as shown in the following example:

* 5. To create the conditional forwarder, select OK.
Name resolution of the resources in other namespaces from VMs connected to the managed domain should now resolve correctly. Queries for the DNS domain configured in the conditional forwarder are passed to the relevant DNS servers.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-insta https://docs.microsoft.com/en-us/azure/active-directory-domain-services/manage-dns