AZ-104 Microsoft Azure Administrator Exam - Practice Questions

Question 10 (New Update)

You have a general purpose v1 storage account named storageaccount1 that has a private container named container1. You need to allow read access to the data inside container1, but only within a 14 day window. How do you accomplish this?

Select all that apply, then click Submit answer.

○ Create a stored access policy
○ Create a service SAS
○ Create a shared access signatures
○ Upgrade the storage account to general purpose v2

Question 11 (Mixed Questions)

You have an Azure subscription that contains the resources in the following table.

Store1 contains a file share named data. Data contains 5,000 files.

You need to synchronize the files in the file share named data to an on-premises server named Server1.

Which three actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Select all that apply, then click Submit answer.

○ Create a container instance
○ Register Server1
○ Install the Azure File Sync agent on Server1
○ Download an automation script
○ Create a sync group

Question 12 (Mixed Questions)

You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains four subnets named Gateway, Perimeter, NVA, and Production.

The NVA subnet contains two network virtual appliances (NVAs) that will perform network traffic inspection between the Perimeter subnet and the Production subnet.

You need to implement an Azure load balancer for the NVAs. The solution must meet the following requirements:

The NVAs must run in an active-active configuration that uses automatic failover.

The load balancer must load balance traffic to two services on the Production subnet. The services have different IP addresses.

Which three actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Select all that apply, then click Submit answer.

○ Deploy a basic load balancer
○ Deploy a standard load balancer
○ Add two load balancing rules that have HA Ports and Floating IP enabled
○ Add two load balancing rules that have HA Ports enabled and Floating IP disabled
○ Add a frontend IP configuration, a backend pool, and a health probe
○ Add a frontend IP configuration, two backend pools, and a health probe

Reference / correct answer:

Deploy a standard load balancer

Add two load balancing rules that have HA Ports and Floating IP enabled

Add a frontend IP configuration, two backend pools, and a health probe

To run NVAs in an active-active configuration with automatic failover, you should use a **Standard Load Balancer** (Basic Load Balancer doesn’t support the required HA scenarios like HA Ports). Because you must load-balance traffic to **two different services with different IP addresses**, you typically expose **multiple frontends** and map them to the NVAs. Using **two backend pools** lets you target/associate different rules/frontends to the same pair of NVAs (common design for multi-VIP / multiple services scenarios). For NsNVAs, you create **load-balancing rules using HA Ports**, which forwards all ports to the NVAs (often required for NVA inspection patterns). With HA Ports, enabling **Floating IP (direct server return)** is used in many NVA designs so the appliances can preserve/handle original flow behavior correctly. References (official): - https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-overview - https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-ha-ports-overview - https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-multivip-overview

AZ-104 – Microsoft Azure Administrator Exam