You have an Azure subscription that contains the resources shown in the following table.You need to create a network interface named NIC1. In which location can you create NIC1?
Answer(s): B
Before creating a network interface, you must have an existing virtual network in the same location and subscription you create a network interface in.
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface
You have Azure virtual machines that run Windows Server 2019 and are configured as shown in the following table.You create a public Azure DNS zone named adatum.com and a private Azure DNS zone named contoso.com. For controso.com, you create a virtual network link named link1 as shown in the exhibit. (Click the Exhibit tab.)You discover that VM1 can resolve names in contoso.com but cannot resolve names in adatum.com. VM1 can resolve other hosts on the Internet.You need to ensure that VM1 can resolve host names in adatum.com. What should you do?
HOTSPOT (Drag and Drop is not supported)You plan to use Azure Network Watcher to perform the following tasks:Task1: Identify a security rule that prevents a network packet from reaching an Azure virtual machine. Task2: Validate outbound connectivity from an Azure virtual machine to an external host.Which feature should you use for each task? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point.Hot Area:
Answer(s): A
Box 1: IP flow verifyAt some point, a VM may become unable to communicate with other resources, because of a security rule. The IP flow verify capability enables you to specify a source and destination IPv4 address, port, protocol (TCP or UDP), and traffic direction (inbound or outbound). IP flow verify then tests the communication and informs you if the connection succeeds or fails. If the connection fails, IP flow verify tells you which.Box 2: Connection troubleshootDiagnose outbound connections from a VM: The connection troubleshoot capability enables you to test a connection between a VM and another VM, an FQDN, a URI, or an IPv4 address. The test returns similar information returned when using the connection monitor capability, but tests the connection at a point in time, rather than monitoring it over time, as connection monitor does. Learn more about how to troubleshoot connections using connection-troubleshoot.
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview
HOTSPOT (Drag and Drop is not supported)You have an Azure subscription that contains the Azure virtual machines shown in the following table.You configure the network interfaces of the virtual machines to use the settings shown in the following table.From the settings of VNET1 you configure the DNS servers shown in the following exhibit.The virtual machines can successfully connect to the DNS server that has an IP address of 192.168.10.15 and the DNS server that has an IP address of 193.77.134.10.For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point.Hot Area:
Box 1: YesYou can specify DNS server IP addresses in the VNet settings. The setting is applied as the default DNS server(s) for all VMs in the VNet.Box 2: NoYou can set DNS servers per VM or cloud service to override the default network settings.Box 3: YesYou can set DNS servers per VM or cloud service to override the default network settings.
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-faq#name-resolution-dns
HOTSPOT (Drag and Drop is not supported)You have an Azure subscription that contains the resource groups shown in the following table.RG1 contains the resources shown in the following table.RG2 contains the resources shown in the following table.You need to identify which resources you can move from RG1 to RG2, and which resources you can move from RG2 to RG1.Which resources should you identify? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point.Hot Area:
Box 1: IP1, Storage1IP addresses and storage accounts can be moved. Virtual networks cannot be moved.There is no lock on RG1. Box 2: NoneThere is a delete lock on RG2.Note: When you apply a lock at a parent scope, all resources within that scope inherit the same lock. Even resources you add later inherit the lock from the parent. The most restrictive lock in the inheritance takes precedence.CanNotDelete means authorized users can still read and modify a resource, but they can't delete the resource. ReadOnly means authorized users can read a resource, but they can't delete or update the resource. Applying this lock is similar to restricting all authorized users to the permissions granted by the Reader role.
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/move-support-resources
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have an Azure subscription that contains the virtual machines shown in the following table.You deploy a load balancer that has the following configurations: Name: LB1Type: Internal SKU: StandardVirtual network: VNET1You need to ensure that you can add VM1 and VM2 to the backend pool of LB1.Solution: You create a Basic SKU public IP address, associate the address to the network interface of VM1, and then start VM1.Does this meet the goal?
A Backend Pool configured by IP address has the following limitations: Standard load balancer only
https://docs.microsoft.com/en-us/azure/load-balancer/backend-pool-management
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have an Azure subscription that contains the virtual machines shown in the following table.You deploy a load balancer that has the following configurations: Name: LB1Type: Internal SKU: StandardVirtual network: VNET1You need to ensure that you can add VM1 and VM2 to the backend pool of LB1.Solution: You create a Standard SKU public IP address, associate the address to the network interface of VM1, and then stop VM2.Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have an Azure subscription that contains the virtual machines shown in the following table.You deploy a load balancer that has the following configurations: Name: LB1Type: Internal SKU: StandardVirtual network: VNET1You need to ensure that you can add VM1 and VM2 to the backend pool of LB1.Solution: You create two Standard SKU public IP addresses and associate a Standard SKU public IP address to the network interface of each virtual machine.Does this meet the goal?
Share your comments for Microsoft AZ-104 exam with other users:
Question 528:
Recommend using AI for Solutions rather the Answer(s) submitted here
Can I trust to this source?