AZ-104 : Microsoft Azure Administrator : Part 06

AZ-104 : Microsoft Azure Administrator : Part 06

1. You download an Azure Resource Manager template based on an existing virtual machine. The template will be used to deploy 100 virtual machines.

   You need to modify the template to reference an administrative password. You must prevent the password from being stored in plain text.

   What should you create to store the password?

   • an Azure Key Vault and an access policy
   • an Azure Storage account and an access policy
   • a Recovery Services vault and a backup policy
   • Azure Active Directory (AD) Identity Protection and an Azure policy
   Explanation:

   You can use a template that allows you to deploy a simple Windows VM by retrieving the password that is stored in a Key Vault. Therefore, the password is never put in plain text in the template parameter file.

2. HOTSPOT

   You have the App Service plans shown in the following table.

   

   You plan to create the Azure web apps shown in the following table.

   

   You need to identify which App Service plans can be used for the web apps.

   What should you identify? To answer, select the appropriate options in the answer area.

   NOTE: Each correct selection is worth one point.

   

   

   Explanation:

   Box 1: ASP1 ASP3
   Asp1, ASP3: ASP.NET Core apps can be hosted both on Windows or Linux.

   Not ASP2: The region in which your app runs is the region of the App Service plan it’s in.

   Box 2: ASP1
   ASP.NET apps can be hosted on Windows only.

3. HOTSPOT

   You create a virtual machine scale set named Scale1. Scale1 is configured as shown in the following exhibit.

   

   Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

   NOTE: Each correct selection is worth one point.

   

   

   Explanation:

   Box 1: 6 virtual machines
   The Autoscale scale out rule increases the number of VMs by 2 if the CPU threshold is 80% or higher. The initial instance count is 4 and rises to 6 when the 2 extra instances of VMs are added.

   Box 2: 2 virtual machnes
   The Autoscale scale in rule decreases the number of VMs by 4 if the CPU threshold is 30% or lower. The initial instance count is 4 and thus cannot be reduced to 0 as the minimum instances is set to 2. Instances are only added when the CPU threshold reaches 80%.

4. You plan to automate the deployment of a virtual machine scale set that uses the Windows Server 2016 Datacenter image.

   You need to ensure that when the scale set virtual machines are provisioned, they have web server components installed.

   Which two actions should you perform? Each correct answer presents part of the solution.

   NOTE: Each correct selection is worth one point.

   • Upload a configuration script
   • Create an automation account
   • Create an Azure policy
   • Modify the extensionProfile section of the Azure Resource Manager template
   • Create a new virtual machine scale set in the Azure portal
   Explanation:

   Virtual Machine Scale Sets can be used with the Azure Desired State Configuration (DSC) extension handler. Virtual machine scale sets provide a way to deploy and manage large numbers of virtual machines, and can elastically scale in and out in response to load. DSC is used to configure the VMs as they come online so they are running the production software.

5. HOTSPOT

   You have an Azure Kubernetes Service (AKS) cluster named AKS1 and a computer named Computer1 that runs Windows 10. Computer1 that has the Azure CLI installed.

   You need to install the kubectl client on Computer1.

   Which command should you run? To answer, select the appropriate options in the answer area.

   NOTE: Each correct selection is worth one point.

   

   

   Explanation:

   To install kubectl locally, use the az aks install-cli command:

   az aks install-cli

6. DRAG DROP

   You onboard 10 Azure virtual machines to Azure Automation State Configuration.

   You need to use Azure Automation State Configuration to manage the ongoing consistency of the virtual machine configurations.

   Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

   NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.

   

   

   Explanation:

   Step 1: Upload a configuration to Azure Automation State Configuration.
   Import the configuration into the Automation account.

   Step 2: Compile a configuration into a node configuration.
   A DSC configuration defining that state must be compiled into one or more node configurations (MOF document), and placed on the Automation DSC Pull Server.

   Step 3: Assign the node configuration

   Then: Check the compliance status of the node
   Each time Azure Automation State Configuration performs a consistency check on a managed node, the node sends a status report back to the pull server. You can view these reports on the page for that node.
   On the blade for an individual report, you can see the following status information for the corresponding consistency check:

   The report status — whether the node is “Compliant”, the configuration “Failed”, or the node is “Not Compliant”

7. You have an Azure Resource Manager template named Template1 that is used to deploy an Azure virtual machine.

   Template1 contains the following text:

   

   The variables section in Template1 contains the following text:

   "location": "westeurope"

   The resources section in Template1 contains the following text:

   

   You need to deploy the virtual machine to the West US location by using Template1.

   What should you do?

   •  Modify the location in the resources section to westus
   • Select West US during the deployment
   • Modify the location in the variables section to westus

8. You create an App Service plan named Plan1 and an Azure web app named webapp1.

   You discover that the option to create a staging slot is unavailable.

   You need to create a staging slot for Plan1.

   What should you do first?

   • From Plan1, scale up the App Service plan
   • From webapp1, modify the Application settings
   • From webapp1, add a custom domain
   • From Plan1, scale out the App Service plan
   Explanation:
   The app must be running in the Standard, Premium, or Isolated tier in order for you to enable multiple deployment slots.

   If the app isn’t already in the Standard, Premium, or Isolated tier, you receive a message that indicates the supported tiers for enabling staged publishing. At this point, you have the option to select Upgrade and go to the Scale tab of your app before continuing.

   Scale up: Get more CPU, memory, disk space, and extra features like dedicated virtual machines (VMs), custom domains and certificates, staging slots, autoscaling, and more.

   Incorrect:
   Scale out: Increase the number of VM instances that run your app. You can scale out to as many as 30 instances

9. You plan to move a distributed on-premises app named App1 to an Azure subscription.

   After the planned move, App1 will be hosted on several Azure virtual machines.

   You need to ensure that App1 always runs on at least eight virtual machines during planned Azure maintenance.

   What should you create?

   • one virtual machine scale set that has 10 virtual machines instances
   • one Availability Set that has three fault domains and one update domain
   • one Availability Set that has 10 update domains and one fault domain
   • one virtual machine scale set that has 12 virtual machines instances
   Explanation:

   An update domain is a logical group of underlying hardware that can undergo maintenance or be rebooted at the same time. As you create VMs within an availability set, the Azure platform automatically distributes your VMs across these update domains. This approach ensures that at least one instance of your application always remains running as the Azure platform undergoes periodic maintenance.

10. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have an Azure virtual machine named VM1 that runs Windows Server 2016.

    You need to create an alert in Azure when more than two error events are logged to the System event log on VM1 within an hour.

    Solution: You create an event subscription on VM1. You create an alert in Azure Monitor and specify VM1 as the source

    Does this meet the goal?

    • Yes
    • No
    Explanation:

    Instead: You create an Azure Log Analytics workspace and configure the data settings. You install the Microsoft Monitoring Agent on VM1. You create an alert in Azure Monitor and specify the Log Analytics workspace as the source.

11. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.

    You receive a notification that VM1 will be affected by maintenance.

    You need to move VM1 to a different host immediately.

    Solution: From the Overview blade, you move the virtual machine to a different subscription.

    Does this meet the goal?

    • Yes
    • No
    Explanation:

    You would need to redeploy the VM.

12. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.

    You receive a notification that VM1 will be affected by maintenance.

    You need to move VM1 to a different host immediately.

    Solution: From the Redeploy blade, you click Redeploy.

    Does this meet the goal?

    • Yes
    • No
    Explanation:

    When you redeploy a VM, it moves the VM to a new node within the Azure infrastructure and then powers it back on, retaining all your configuration options and associated resources.

13. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have an Azure virtual machine named VM1. VM1 was deployed by using a custom Azure Resource Manager template named ARM1.json.

    You receive a notification that VM1 will be affected by maintenance.

    You need to move VM1 to a different host immediately.

    Solution: From the Update management blade, you click Enable.

    Does this meet the goal?

    • Yes
    • No
    Explanation:

    You would need to redeploy the VM.

14. You have an Azure subscription that contains a web app named webapp1.

    You need to add a custom domain named www.contoso.com to webapp1.

    What should you do first?

    • Create a DNS record
    • Add a connection string
    • Upload a certificate.
    • Stop webapp1.
    Explanation:

    You can use either a CNAME record or an A record to map a custom DNS name to App Service.

15. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have an Azure subscription that contains the resources shown in the following table.

    

    VM1 connects to VNET1.

    You need to connect VM1 to VNET2.

    Solution: You move VM1 to RG2, and then you add a new network interface to VM1.

    Does this meet the goal?

    •  Yes
    • No
    Explanation:
    Instead you should delete VM1. You recreate VM1, and then you add the network interface for VM1.

    Note: When you create an Azure virtual machine (VM), you must create a virtual network (VNet) or use an existing VNet. You can change the subnet a VM is connected to after it’s created, but you cannot change the VNet.

16. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have an Azure subscription that contains the resources shown in the following table.

    

    VM1 connects to VNET1.

    You need to connect VM1 to VNET2.

    Solution: You delete VM1. You recreate VM1, and then you create a new network interface for VM1 and connect it to VNET2.

    Does this meet the goal?

    • Yes
    • No
    Explanation:
    You should delete VM1. You recreate VM1, and then you add the network interface for VM1.

    Note: When you create an Azure virtual machine (VM), you must create a virtual network (VNet) or use an existing VNet. You can change the subnet a VM is connected to after it’s created, but you cannot change the VNet.

17. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have an Azure subscription that contains the resources shown in the following table.

    

    VM1 connects to VNET1.

    You need to connect VM1 to VNET2.

    Solution: You turn off VM1, and then you add a new network interface to VM1.

    Does this meet the goal?

    •  Yes
    • No
    Explanation:
    Instead you should delete VM1. You recreate VM1, and then you add the network interface for VM1.

    Note: When you create an Azure virtual machine (VM), you must create a virtual network (VNet) or use an existing VNet. You can change the subnet a VM is connected to after it’s created, but you cannot change the VNet.

18. HOTSPOT

    You have an Azure subscription named Subscription1 that contains the quotas shown in the following table.

    

    You deploy virtual machines to Subscription1 as shown in the following table.

    

    You plan to deploy the virtual machines shown in the following table.

    

    For each of the following statements, select Yes if the statement is true. Otherwise, select No.

    NOTE: Each correct selection is worth one point.

    

    

    Explanation:

    The total regional vCPUs is 20 so that means a maximum total of 20 vCPUs across all the different VM sizes. The deallocated VM with 16 vCPUs counts towards the total. VM20 and VM1 are using 18 of the maximum 20 vCPUs leaving only two vCPUs available.

19. HOTSPOT

    You have an Azure subscription that contains an Azure Availability Set named WEBPROD-AS-USE2 as shown in the following exhibit.

    

    You add 14 virtual machines to WEBPROD-AS-USE2.

    Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

    NOTE: Each correct selection is worth one point.

    

    

    Explanation:

    Box 1: 2
    There are 10 update domains. The 14 VMs are shared across the 10 update domains so four update domains will have two VMs and six update domains will have one VM. Only one update domain is rebooted at a time. Therefore, a maximum of two VMs will be offline.

    Box 2: 7
    There are 2 fault domains. The 14 VMs are shared across the 2 fault domains, so 7 VMs in each fault domain. A rack failure will affect one fault domain so 7 VMs will be offline.

20. You deploy an Azure Kubernetes Service (AKS) cluster named Cluster1 that uses the IP addresses shown in the following table.

    

    You need to provide internet users with access to the applications that run in Cluster1.

    Which IP address should you include in the DNS record for Cluster1?

    •  131.107.2.1
    • 10.0.10.11
    • 172.17.7.1
    • 192.168.10.2