Palo Alto Networks

Microsoft AZ-104 Exam
Microsoft Azure Administrator (Page 21 )

Updated On: 12-Jan-2026

Viewing Page 21 of 110 pages.

Download PDF version with 553 Questions

QUESTION: 96 Exam Topic: Manage Azure identities and governance Question Set 1

HOTSPOT (Drag and Drop is not supported)
You purchase a new Azure subscription.
You create an Azure Resource Manager (ARM) template named deploy.json as shown in the following exhibit.

You connect to the subscription and run the following command.
New-AzDeployment –Location westus –TemplateFile “deploy.json”
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

See Explanation section for answer.

Answer(s): A

Explanation:

Box 1: Yes
Two resource groups are created in the copy index loop. One third is created in a separate statement.
We see:
"count": 2
Note: Syntax
Add the copy element to the resources section of your template to deploy multiple instances of the resource. The copy element has the following general format:
"copy": {
"name": "<name-of-loop>", "count": <number-of-iterations>, "mode": "serial" <or> "parallel",
"batchSize": <number-to-deploy-serially>
}
The name property is any value that identifies the loop. The count property specifies the number of iterations you want for the resource type.
Box 2: No
The resource groups created in the copyindex loop are named RGS1 and RGS2. The third resource group is named according to the statement:
"Name": "[concat('RGroup', length(parameters)('obj1')))] We see obj1 with four items (PropA, PropB, PropC, Prop4)
Length of obj1 would be 4, not 5.
Box 3: Yes
In the copy index loop we have "location": "eastus"
In the separate statement to create the third resource group we see:
We see:
"location": [last(variables('var1'))]
And var1 defined as:
"var1": [ "westus" "centraus" "eastus"
]
The location would again be eastus. Note:
The New-AzDeployment cmdlet adds a deployment at the current subscription scope. This includes the resources that the deployment requires.
To add a deployment at subscription, specify the location and a template. The location tells Azure Resource Manager where to store the deployment data.

Reference:

https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/copy-resources https://learn.microsoft.com/en-us/powershell/module/az.resources/new-azdeployment

Show Answer Next Question

QUESTION: 97 Exam Topic: Manage Azure identities and governance Question Set 1

Your on-premises network contains a VPN gateway.
You have an Azure subscription that contains the resources shown in the following table.

You need to ensure that all the traffic from VM1 to storage1 travels across the Microsoft backbone network. What should you configure?

Microsoft Entra Application Proxy
private endpoints
a network security group (NSG)
Azure Peering Service

Answer(s): B

Explanation:

For this question with different alternatives: Correct answers:
* private endpoints
service endpoints
Incorrect answers include:
* a network security group (NSG)
* Microsoft Entra Application Proxy
* Azure Application Gateway
* Azure Firewall
* Azure Peering Service
Azure Virtual WAN
Explanations for correct answers:
private endpoints-
You can use private endpoints for your Azure Storage accounts to allow clients on a virtual network (VNet) to securely access data over a Private Link. The private endpoint uses a separate IP address from the VNet address space for each storage account service. Network traffic between the clients on the VNet and the storage account traverses over the VNet and a private link on the Microsoft backbone network, eliminating exposure from the public internet.
service endpoints-
Private endpoints can be created in subnets that use Service Endpoints. Clients in a subnet can thus connect to one storage account using private endpoint, while using service endpoints to access others.

Reference:

https://learn.microsoft.com/en-us/azure/storage/common/storage-private-endpoints

Show Answer Next Question

QUESTION: 98 Exam Topic: Manage Azure identities and governance Question Set 1

Your on-premises network contains a VPN gateway.
You have an Azure subscription that contains the resources shown in the following table.

You need to ensure that all the traffic from VM1 to storage1 travels across the Microsoft backbone network. What should you configure?

Microsoft Entra Application Proxy
service endpoints
a network security group (NSG)
Azure Firewall

Answer(s): B

Explanation:

For this question with different alternatives: Correct answers:
* private endpoints
* service endpoints Incorrect answers include:
* a network security group (NSG)
* Microsoft Entra Application Proxy
* Azure Application Gateway
* Azure Firewall
* Azure Peering Service
Azure Virtual WAN
Explanations for correct answers:
private endpoints-
You can use private endpoints for your Azure Storage accounts to allow clients on a virtual network (VNet) to securely access data over a Private Link. The private endpoint uses a separate IP address from the VNet address space for each storage account service. Network traffic between the clients on the VNet and the storage account traverses over the VNet and a private link on the Microsoft backbone network, eliminating exposure from the public internet.
service endpoints-
Private endpoints can be created in subnets that use Service Endpoints. Clients in a subnet can thus connect to one storage account using private endpoint, while using service endpoints to access others.

Reference:

https://learn.microsoft.com/en-us/azure/storage/common/storage-private-endpoints

Show Answer Next Question

QUESTION: 99 Exam Topic: Manage Azure identities and governance Question Set 1

Your on-premises network contains a VPN gateway.
You have an Azure subscription that contains the resources shown in the following table.

You need to ensure that all the traffic from VM1 to storage1 travels across the Microsoft backbone network. What should you configure?

Azure Application Gateway
service endpoints
a network security group (NSG)
Azure Peering Service

Answer(s): B

Explanation:

For this question with different alternatives: Correct answers:
* private endpoints
service endpoints
Incorrect answers include:
* a network security group (NSG)
* Microsoft Entra Application Proxy
* Azure Application Gateway
* Azure Firewall
* Azure Peering Service
Azure Virtual WAN
Explanations for correct answers:
private endpoints-
You can use private endpoints for your Azure Storage accounts to allow clients on a virtual network (VNet) to securely access data over a Private Link. The private endpoint uses a separate IP address from the VNet address space for each storage account service. Network traffic between the clients on the VNet and the storage account traverses over the VNet and a private link on the Microsoft backbone network, eliminating exposure from the public internet.
* service endpoints-
Private endpoints can be created in subnets that use Service Endpoints. Clients in a subnet can thus connect to one storage account using private endpoint, while using service endpoints to access others.

Reference:

https://learn.microsoft.com/en-us/azure/storage/common/storage-private-endpoints

Show Answer Next Question

QUESTION: 100 Exam Topic: Manage Azure identities and governance Question Set 1

You have an Azure subscription named Sub1 that contains the resources shown in the following table.

You create a user named Admin1.
To what can you add Admin1 as a co-administrator?

RG1
MG1
Sub1
VM1

Answer(s): C

Explanation:

The Service Administrator and the Co-Administrators have the equivalent access of users who have been assigned the Owner role (an Azure role) at the subscription scope.

Reference:

https://learn.microsoft.com/en-us/azure/role-based-access-control/rbac-and-directory-admin-roles

Show Answer Next Question

…
19
20
21
22
23
…

Viewing page 21 of 110
Viewing questions 101 - 105 out of 553 questions

Post your Comments and Discuss Microsoft AZ-104 exam prep with other Community members:

Comments:

Name:

Join the AZ-104 Discussion

South Africa Commented on January 16, 2026
Is Question:83 answer is correct? Is Question:84 answer correct?
SOUTH AFRICA

Daniel Commented on January 12, 2026
Interesting and great content
UNITED KINGDOM

Tshidi Commented on January 11, 2026
This is really helpful
Anonymous

Tshidi Commented on January 11, 2026
great learning material
Anonymous

Tshidi Commented on January 09, 2026
This questions really helped for the exam preparations
Anonymous

Tshidi Commented on January 09, 2026
I have a clear understanding of what kind of questions to expect in the exam
Anonymous

Tshidi Commented on January 08, 2026
These questions really helped me to prepare for az-104 exam
Anonymous

South Africa Commented on January 04, 2026
Great learning experience
Anonymous

Azure Learner Commented on December 30, 2025
Just passed the AZ-104 exam, the questions here helped me preparing for the exam.
NEW ZEALAND

Triv Commented on December 24, 2025
Questions are very similar to actual questions, very good content for practice
JAPAN

Menzito - SA Commented on December 24, 2025
Very helpful, adding more knowledge to my learning path Menzito
Anonymous

Menzito Commented on December 20, 2025
Good learning experience - much appreciated
Anonymous

AB Commented on December 13, 2025
Awesome so far
Anonymous

YNWA97 Commented on December 08, 2025
Excellent study material. Thanks to the contributors
Anonymous

Nadeem Commented on November 21, 2025
I passed this exam. This practice questions is legit. Good luck people
Anonymous

Anon Commented on November 16, 2025
Very useful study material
Anonymous

Anon Commented on November 16, 2025
A good way to prepare for the exam
Anonymous

Anon Commented on November 15, 2025
Great resource
Anonymous

YNWA97 Commented on October 26, 2025
Excellent resource
Anonymous

YNWA97 Commented on October 26, 2025
Have perused comments and appears trustworthy. Prepping for International.
Anonymous

Tester Jim Commented on October 25, 2025
Testing this is a real comments page
Anonymous

Sunhill Commented on October 17, 2025
Took the test today preparing for it and some of these questions are still on here.
Anonymous

Triveni Commented on October 08, 2025
I started to prepare for AZ-104 exam. This site is good and gives the idea what kind of question will come in the exam.
INDIA

Farook Commented on September 06, 2025
To all the guys preping for this exam I want to share that I passed my exam yesterday. These questions are real and same wording in the exam.
Anonymous

Anonymous Commented on September 05, 2025
Will I pass the exam with this? thanks!
Anonymous

ananymous Commented on September 05, 2025
Is this valid? All questions are in the exam?
Anonymous

Dax Commented on August 14, 2025
Thanks @Raf
Anonymous

Raf Commented on August 14, 2025
Hay @Dax, Yes it is valid. I used these and studied for a bout a week. Mind that the free version contains about 60% of the questions. The full PDF version has all the questions. I ended up paying for the PDF version. Good luck man.
Anonymous

Dax Commented on August 14, 2025
Is this Valid?
Anonymous

13_square Commented on August 05, 2025
Thanks for making education free.
Anonymous

Mantas Commented on August 04, 2025
I started to prepare for AZ-104 exam. I think that questions and answers are good practice for that
LITHUANIA

PM Commented on August 02, 2025
VEry usefull to prepare for the exam
Anonymous

Anne Commented on August 01, 2025
Very useful
Anonymous

pooja Commented on July 31, 2025
I am reading these questions and found them really helpful to understand .
Anonymous

Pooja Commented on July 31, 2025
Very nice set of questions for preparation of AZ-104
Anonymous

yazmeister_93 Commented on July 30, 2025
useful content
UNITED KINGDOM

kavya Commented on July 29, 2025
This is very helpfu;
Anonymous

Greg Commented on July 29, 2025
Just passed my AZ-104 exam and I’m thrilled! I’m Greg from Ireland, and I found the prep questions on this site incredibly helpful. They gave me a solid idea of the exam format and helped reinforce key topics like Azure AD, storage, and networking. While they’re not a replacement for studying the official Microsoft materials, they’re great for practice and building confidence. I used them alongside the Microsoft Learn content and some labs on Azure. If you’re preparing for AZ-104, I’d definitely recommend using this exam questions and answers for review. It made a big difference for me. Best of luck to everyone studying!
Anonymous

Davz Commented on July 29, 2025
Great help to practice
Anonymous

imaz Commented on July 23, 2025
This site is extremely helpful, not only for the AZ-104 exam but also for understanding Azure infrastructure through various scenarios.
UNITED STATES

Azure Site Recovery - VM subnet mapping rules Commented on July 14, 2025
Azure Site Recovery - VM subnet mapping 1. the subnet of same name (if exists) 2. first subnet (alphabetically)
UNITED STATES

To deploy a resourcegroup using template use New-A Commented on June 28, 2025
Page69/Q55 - Correct answer is B
JAPAN

Mukund Surjuse Commented on June 27, 2025
Question50 > Answers in Box1 & Box2 seem incorrect. Box3 is correct. We are allowed to more than one network link to a VNET but auto-registration is not allow. Cross regions multiple network link creation is also allowed.
JAPAN

jeff Commented on June 25, 2025
q55. New-AzResourceGroupDeployment cmdlet To deploy a template, you can use the New-AzResourceGroupDeployment cmdlet12. This command allows you to deploy a saved JSON template at the resource group scope2.
Anonymous

jeff Commented on June 25, 2025
q.108. One! When configuring secure RDP connections to virtual machines using Azure Bastion, the minimum number of Bastion hosts required is one. Virtual network peering can be used together with Azure Bastion, so you don't need to deploy Bastion in each peered VNet2. By default, a virtual network is peered with up to 500 other virtual networks, but you can increase this limit to peer up to 1,000 virtual networks to a single virtual network5.
Anonymous

jeff Commented on June 25, 2025
q108. One When configuring secure RDP connections to virtual machines using Azure Bastion, the minimum number of Bastion hosts required is one. Virtual network peering can be used together with Azure Bastion, so you don't need to deploy Bastion in each peered VNet2. By default, a virtual network is peered with up to 500 other virtual networks, but you can increase this limit to peer up to 1,000 virtual networks to a single virtual network5.
Anonymous

Jeff Commented on June 24, 2025
Q61. In Kubernetes, the max count typically refers to the maximum number of replicas or pods that can be created for a deployment, stateful set, or other workload.and max surge is a parameter used in the context of rolling updates for Deployments or StatefulSets. It defines the maximum number of additional Pods that can be created during an update process, temporarily exceeding the desired number of replicas. This helps ensure high availability during updates by allowing new Pods to start before old ones are terminated.
Anonymous

Borce Commented on June 22, 2025
Just passed this exam. This practice questions is pretty valid. All questions and answers were in the exam.
UNITED STATES

user Commented on June 22, 2025
very useful one
JAPAN

user Commented on June 22, 2025
are all 606 questions available
JAPAN