Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-104

Microsoft AZ-104 Exam
Microsoft Azure Administrator (Page 18 )

Updated On: 12-Jan-2026
Page 18 of 110
PDF with 553 Questions

HOTSPOT (Drag and Drop is not supported)
You have a Microsoft Entra tenant named adatum.com that contains the groups shown in the following table.


Adatum.com contains the users shown in the following table.


You assign a Microsoft Entra ID P2 license to Group1 as shown in the following exhibit.


Group2 is NOT directly assigned a license.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: No
User1 is a member of Group1.
In the Assign License exhibit we see: Assignment options
Microsoft Defender for Cloud Apps Discovery: off
Box 2: Yes
User1 is a member of Group1.
In the Assign License exhibit we see: Assignment options
Microsoft Entra ID P2: On
Box 3: Yes
User2 is a member of Group2. Group2 is a member of Group1.
In the Assign License exhibit we see:
Assignment options
* Microsoft Entra ID P2: On


Reference:

https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/license-users-groups



HOTSPOT (Drag and Drop is not supported)
You have a Microsoft Entra hybrid deployment that contains the users shown in the following table.


You need to modify the JobTitle and UsageLocation attributes for the users.
For which users can you modify the attributes from Microsoft Entra ID? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: User1 and User3 only
You must use Windows Server Active Directory to update the identity, contact info, or job info for users whose source of authority is Windows Server Active Directory.
Box 2: User1, User2, and User3 Reference:
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-users-profile-azure-portal



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Entra tenant named contoso.com.
You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the 500 external users.
Solution: You create a PowerShell script that runs the New-MgUser cmdlet for each external user. Does this meet the goal?

  1. Yes
  2. No

Answer(s): A



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Entra tenant named contoso.com.
You have a CSV file that contains the names and email addresses of 500 external users. You need to create a guest user account in contoso.com for each of the 500 external users.
Solution: You create a PowerShell script that runs the New-MgInvitation cmdlet for each external user. Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

Wrong module.
New-MgInvitation
Module: Microsoft.Graph.Identity.SignIns
Use this API to create a new invitation. Invitation adds an external user to the organization. When creating a new invitation, you have several options available:
Instead use the New-AzureADMSInvitation cmdlet which is used to invite a new external user to your directory. Reference:
https://docs.microsoft.com/en-us/powershell/module/azuread/new-azureadmsinvitation



You have an Azure subscription named Subscription1 that contains virtual network named VNet1. VNet1 is in a resource group named RG1.
A user named User1 has the following roles for Subscription1: Reader
Security Admin Security Reader
You need to ensure that User1 can assign the Reader role for VNet1 to other users. What should you do?

  1. Assign User1 the Contributor role for VNet1.
  2. Assign User1 the Network Contributor role for VNet1.
  3. Assign User1 the User Access Administrator role for VNet1.
  4. Remove User1 from the Security Reader and Reader roles for Subscription1. Assign User1 the Contributor role for Subscription1.

Answer(s): C

Explanation:

User Access Administrator
Manage user access to Azure resources Assign roles in Azure RBAC
Assign themselves or others the Owner role
Incorrect:
Not B: Network Contributor
Lets you manage networks, but not access to them.
Not A, not D: Contributor
Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.


Reference:

https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles



Viewing page 18 of 110
Viewing questions 86 - 90 out of 553 questions



Post your Comments and Discuss Microsoft AZ-104 exam prep with other Community members:

Join the AZ-104 Discussion