{"id":81612,"date":"2022-03-25T02:22:25","date_gmt":"2022-03-25T07:52:25","guid":{"rendered":"https:\/\/www.whizlabs.com\/blog\/?p=81612"},"modified":"2026-05-13T17:45:35","modified_gmt":"2026-05-13T12:15:35","slug":"azure-administrator-az-104-exam-questions","status":"publish","type":"post","link":"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/","title":{"rendered":"AZ-104 Practice Questions &#038; Answers with explanation"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_76 ez-toc-wrap-left counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ea7e02;color:#ea7e02\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ea7e02;color:#ea7e02\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#AZ-104_Practice_Questions_Answers_with_explanation_to_Pass_Azure_Administrator_Exam\" >AZ-104 Practice Questions &amp; Answers with explanation to Pass Azure Administrator Exam<\/a><ul class='ez-toc-list-level-2' ><li class='ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#What_Kind_of_Questions_Are_Asked_in_the_AZ-104_Exam\" >What Kind of Questions Are Asked in the AZ-104 Exam?<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#AZ-104_Exam_Format_at_a_Glance_2026\" >AZ-104 Exam Format at a Glance (2026)<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#AZ-104_Exam_Domains_What_Every_AZ-104_Practice_Questions_Maps_To\" >AZ-104 Exam Domains: What Every AZ-104 Practice Questions Maps To<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Section_1_AZ-104_Practice_Questions_Multiple_Choice_Q1%E2%80%93Q6\" >Section 1: AZ-104 Practice Questions Multiple Choice (Q1\u2013Q6)<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_1\" >Question No.: 1<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_2\" >Question No.: 2<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_3\" >Question No.: 3<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_4\" >Question No.: 4<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_5\" >Question No.: 5<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_6\" >Question No.: 6<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Section_2_AZ-104_Exam_Case_Study_Type_Questions_Q7_%E2%80%93_Q13\" >Section 2: AZ-104 Exam Case Study Type Questions (Q7 &#8211; Q13)<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_7\" >Question No.: 7<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_8\" >Question No.: 8<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_9\" >Question No.: 9<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_10\" >Question No.: 10<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_11\" >Question No.: 11<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_12\" >Question No.: 12<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Section_3_AZ-104_Drag_and_Drop_Ordering_Questions_Q13%E2%80%93Q20\" >Section 3: AZ-104 Drag and Drop \/ Ordering Questions (Q13\u2013Q20)<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-20\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_13\" >Question No.: 13<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-21\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_14\" >Question No.: 14<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-22\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_15\" >Question No.: 15<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-23\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_16\" >Question No.: 16<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-24\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_17\" >Question No.: 17<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-25\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_18\" >Question No.: 18<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-26\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_19\" >Question No.: 19<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-27\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Question_No_20\" >Question No.: 20<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-28\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#AZ-104_Exam_Tips_How_to_Approach_Each_Question_Type\" >AZ-104 Exam Tips: How to Approach Each Question Type<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-29\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Whats_the_Best_Way_to_Continue_Your_AZ-104_Preparation\" >What&#8217;s the Best Way to Continue Your AZ-104 Preparation?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-30\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Frequently_Asked_Questions\" >Frequently Asked Questions<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-31\" href=\"https:\/\/www.whizlabs.com\/blog\/azure-administrator-az-104-exam-questions\/#Summary\" >Summary<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"AZ-104_Practice_Questions_Answers_with_explanation_to_Pass_Azure_Administrator_Exam\"><\/span><b>AZ-104 Practice Questions &amp; Answers with explanation to Pass Azure Administrator Exam<\/b><span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">Planning to take the AZ-104: Microsoft Azure Administrator exam? The fastest way to know whether you&#8217;re ready and to identify exactly where you&#8217;re not is to work through real exam-style AZ-104 practice questions with detailed explanations.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This blog gives you 20 free Microsoft AZ-104 questions across every format the exam uses: multiple choice, case study, and drag-and-drop. Each answer includes an explanation so you understand why, not just what, which is what the actual exam tests.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">But first, let&#8217;s make sure you know exactly what you&#8217;re walking into.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"What_Kind_of_Questions_Are_Asked_in_the_AZ-104_Exam\"><\/span><b>What Kind of Questions Are Asked in the AZ-104 Exam?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">AZ-104 includes scenario-based questions on Azure virtual machines, networking, identity, storage, and monitoring.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Most questions test real-world decision-making rather than simple definitions. The exam uses multiple choice, case study, and drag-and-drop formats across 40\u201360 questions in 120 minutes.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">That 40-word answer is the featured snippet version. Here&#8217;s the fuller picture:<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"AZ-104_Exam_Format_at_a_Glance_2026\"><\/span><b>AZ-104 Exam Format at a Glance (2026)<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<table>\n<tbody>\n<tr>\n<td><b>Format<\/b><\/td>\n<td><b>What It Tests<\/b><\/td>\n<td><b>Approx. Share<\/b><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Multiple Choice (single answer)<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Concept knowledge and best-practice decisions<\/span><\/td>\n<td><span style=\"font-weight: 400;\">~40%<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Multiple Choice (multi-select)<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Identifying all the correct steps in a solution<\/span><\/td>\n<td><span style=\"font-weight: 400;\">~15%<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Case Study<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Applying governance, networking, or identity logic to a real organisation scenario<\/span><\/td>\n<td><span style=\"font-weight: 400;\">~20%<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Drag and Drop \/ Ordering<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Sequencing steps, matching services to requirements<\/span><\/td>\n<td><span style=\"font-weight: 400;\">~15%<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Hot Area \/ Yes-No<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Evaluating whether specific configurations meet requirements<\/span><\/td>\n<td><span style=\"font-weight: 400;\">~10%<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><b>Passing score:<\/b><span style=\"font-weight: 400;\"> 700 out of 1000\u00a0<\/span><\/p>\n<p><b>Duration:<\/b><span style=\"font-weight: 400;\"> 120 minutes\u00a0<\/span><\/p>\n<p><b>Delivery: <\/b><span style=\"font-weight: 400;\">Online proctored or Pearson VUE test centre.\u00a0<\/span><\/p>\n<p><b>Renewal:<\/b><span style=\"font-weight: 400;\"> Annual, via free Microsoft renewal assessment.<\/span><\/p>\n<p><b>Exam tip: <\/b><span style=\"font-weight: 400;\">Microsoft has progressively shifted AZ-104 toward scenario reasoning.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">&gt; You won&#8217;t see &#8220;What does Azure Policy do?&#8221;, instead you&#8217;ll see &#8220;Contoso needs to enforce tag inheritance across all resources in a management group.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">&gt; Which two steps achieve this?&#8221; Know the application, not just the definition.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"AZ-104_Exam_Domains_What_Every_AZ-104_Practice_Questions_Maps_To\"><\/span><b>AZ-104 Exam Domains: What Every AZ-104 Practice Questions Maps To<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Every question in this blog, and in the real exam, maps to one of five domains. Use this as your self-assessment radar:<\/span><\/p>\n<table>\n<tbody>\n<tr>\n<td><b>Domain<\/b><\/td>\n<td><b>Exam Weight<\/b><\/td>\n<td><b>Topics Covered<\/b><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Manage Azure Identities and Governance<\/span><\/td>\n<td><span style=\"font-weight: 400;\">20\u201325%<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Entra ID, RBAC, Azure Policy, Management Groups, subscriptions<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Implement and Manage Storage<\/span><\/td>\n<td><span style=\"font-weight: 400;\">15\u201320%<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Storage accounts, blob tiers, SAS tokens, Azure Files<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Deploy and Manage Azure Compute Resources<\/span><\/td>\n<td><span style=\"font-weight: 400;\">20\u201325%<\/span><\/td>\n<td><span style=\"font-weight: 400;\">VMs, scale sets, containers, ARM\/Bicep templates<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Implement and Manage Virtual Networking<\/span><\/td>\n<td><span style=\"font-weight: 400;\">15\u201320%<\/span><\/td>\n<td><span style=\"font-weight: 400;\">VNets, NSGs, load balancers, VPN, DNS, Private Endpoints<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Monitor and Maintain Azure Resources<\/span><\/td>\n<td><span style=\"font-weight: 400;\">10\u201315%<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Azure Monitor, Log Analytics, Backup, Site Recovery<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-100966\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.24.50\u202fPM.png\" alt=\"AZ-104 practice questions sample\" width=\"2604\" height=\"1442\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.24.50\u202fPM.png 2604w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.24.50\u202fPM-300x166.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.24.50\u202fPM-1024x567.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.24.50\u202fPM-768x425.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.24.50\u202fPM-1536x851.png 1536w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.24.50\u202fPM-2048x1134.png 2048w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.24.50\u202fPM-150x83.png 150w\" sizes=\"(max-width: 2604px) 100vw, 2604px\" \/><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Section_1_AZ-104_Practice_Questions_Multiple_Choice_Q1%E2%80%93Q6\"><\/span><b>Section 1: AZ-104 Practice Questions Multiple Choice (Q1\u2013Q6)<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Test your knowledge across identity, compute, storage, and networking.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_1\"><\/span><b>Question No.: 1<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Manage Azure identities and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Manage Microsoft Entra users and groups<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Create users and groups\u00a0<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Your organisation wants to enforce naming conventions for Microsoft Entra groups to ensure consistency and avoid duplication. For example, all group names should start with the department name, such as \u201cHR-\u201c, \u201cFinance-\u201c, or \u201cIT-\u201c. How can you achieve this?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Use Group Naming Policy in Microsoft Entra ID and configure prefix\/suffix rules based on department.<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Manually rename each group as they are created.<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Implement a PowerShell script that runs daily to enforce the naming convention.<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Use Azure Policies to define naming rules for groups.<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option A is CORRECT because Microsoft Entra ID provides a Group Naming Policy feature to enforce group naming conventions. An Azure Administrator can configure rules to automatically apply prefixes and\/or suffixes based on user attributes like department or other organisational needs. This is the recommended and automated approach for achieving consistent group naming without manual intervention.<\/span><\/p>\n<p><b>Reference:<\/b> <a title=\"Entra Identity\" href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/users\/groups-naming-policy\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/users\/groups-naming-policy<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_2\"><\/span><b>Question No.: 2<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Manage Azure identities and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Manage Microsoft Entra users and groups<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Manage licenses in Microsoft Entra ID<\/span><\/p>\n<p><b>Question Text:\u00a0\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">A user in your organisation reports that they cannot access certain Microsoft 365 services despite having an assigned license. Upon investigation, you find that the user\u2019s license is disabled. What is the most likely cause?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. The user\u2019s account has been disabled in Microsoft Entra ID<br \/>\n<\/span><span style=\"font-weight: 400;\">B. The license was assigned to the user through a group, but the service plan for that license is disabled<br \/>\n<\/span><span style=\"font-weight: 400;\">C. The user\u2019s role does not permit them to use the licensed services<br \/>\n<\/span><span style=\"font-weight: 400;\">D. The license was assigned, but has not yet been synchronised with the Microsoft 365 portal<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option B is CORRECT because when licenses are assigned via group-based licensing, an Azure administrator can enable or disable specific service plans within the license. If the relevant service plan is disabled, the user will not have access to those specific services, even though the license itself is assigned. This is a common scenario when managing license assignments using groups.<\/span><\/p>\n<p><b>References:\u00a0<\/b><\/p>\n<p><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/users\/licensing-groups-assign\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/users\/licensing-groups-assign<\/span><\/a><\/p>\n<p><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/users\/licensing-group-advanced\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/users\/licensing-group-advanced<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_3\"><\/span><b>Question No.: 3<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Manage Azure identities and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Manage Microsoft Entra users and groups<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Manage external users<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">You are configuring external collaboration settings for your organisation in Microsoft Entra ID. The security team has requested the following requirements for external guest access:<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Guest users should only access their own directory objects, such as their profiles, and should not be able to see other users, groups, or memberships.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Only administrators with specific roles should have permission to invite guest users.<\/span><\/li>\n<\/ol>\n<p><span style=\"font-weight: 400;\">What should you configure to meet these requirements? (Select two options)<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Set \u201cGuest user access is restricted to properties and memberships of their own directory objects\u201d under Guest user access.<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Set \u201cGuest users have the same access as members\u201d under Guest user access<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Set \u201cAnyone in the organisation can invite guest users, including guests and non-admins\u201d under Guest invite settings<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Set \u201cGuest users have limited access to properties and memberships of directory objects\u201d under Guest user access<br \/>\n<\/span><span style=\"font-weight: 400;\">E. Set \u201cOnly users assigned to specific admin roles can invite guest users\u201d under Guest invite settings<\/span><\/p>\n<p><b>Correct Answers: A and E<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Option A is CORRECT because this setting ensures that guest users can only access their own profiles and directory objects, such as their own memberships. It restricts them from seeing other users, groups, or memberships, which satisfies the requirement that guests cannot view other directory objects. This is the most restrictive setting available for guest access and directly addresses the security team\u2019s requirement for limiting guest access.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Option E is CORRECT because this setting limits the ability to invite guest users to administrators with specific roles, such as the User Administrator or Guest Inviter roles. This directly addresses the requirement that only certain administrators should have permission to invite external users, ensuring tighter control over external collaboration.<\/span><\/li>\n<\/ul>\n<p><b>Reference: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/external-id\/external-collaboration-settings-configure#configure-settings-in-the-portal\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/entra\/external-id\/external-collaboration-settings-configure#configure-settings-in-the-portal<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_4\"><\/span><b>Question No.: 4<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Manage Azure identities and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Manage Microsoft Entra users and groups<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Configure self-service password reset (SSPR)<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">You are an Azure Administrator for your organisation, tasked with enhancing security for self-service password reset (SSPR). The IT security team mandates that users must verify their identity using two different authentication methods before they can reset their passwords. This policy aims to ensure compliance with company security standards.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">What three configurations should you apply to meet this requirement?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">(Select three options)<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Enable SSPR for all users.<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Set \u201cNumber of methods required to reset\u201d to 2<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Configure SSPR to use \u201cSecurity questions\u201d as the only authentication method.<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Add \u201cMobile app notification\u201d and \u201cEmail\u201d as authentication methods<br \/>\n<\/span><span style=\"font-weight: 400;\">E. Limit SSPR registration to selected groups<\/span><\/p>\n<p><b>Correct Answer: A, B, and D<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\"><strong>Option A<\/strong> is CORRECT because enabling SSPR for all users ensures that the self-service password reset feature is available across the organisation. Without this step, users will not have the capability to reset their passwords using SSPR, even if other configurations are correct.<\/span><\/p>\n<p><span style=\"font-weight: 400;\"><strong>Option B<\/strong> is CORRECT because setting the \u201cNumber of methods required to reset\u201d to 2 enforces the policy requiring users to verify their identity using two different authentication methods before resetting their passwords. This configuration is essential to meet the company\u2019s security requirements.<\/span><\/p>\n<p><span style=\"font-weight: 400;\"><strong>Option D<\/strong> is CORRECT because configuring authentication methods such as \u201cMobile app notification\u201d and \u201cEmail\u201d ensures users have secure and reliable options to verify their identity. At least two methods must be available to satisfy the requirement for two-factor authentication during password reset.<\/span><\/p>\n<p><b>References: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/authentication\/concept-sspr-howitworks#authentication-methods\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/authentication\/concept-sspr-howitworks#authentication-methods<\/span><\/a><\/p>\n<p><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/authentication\/concept-sspr-howitworks#change-authentication-methods\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/authentication\/concept-sspr-howitworks#change-authentication-methods<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_5\"><\/span><b>Question No.: 5<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Manage Azure identities and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Manage Azure subscriptions and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Implement and manage Azure Policy<\/span><\/p>\n<p><b>Question Text:\u00a0\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Your organisation has multiple Azure subscriptions managed under a single management group. A new security compliance mandate requires all storage accounts across these subscriptions to have secure transfer enabled. As an Azure Administrator, you need to ensure this requirement is enforced uniformly across all subscriptions with minimal administrative effort. What is the best way to achieve this?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Assign the policy to each resource group individually<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Assign the policy to a single subscription and replicate the setup<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Assign the policy at the management group level<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Use Azure Monitor to track storage accounts without secure transfer<\/span><\/p>\n<p><b>Correct Answer: C<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option C is CORRECT because assigning the policy at the management group level applies the policy to all subscriptions under the management group. This approach ensures uniform enforcement of the compliance mandate across all storage accounts in multiple subscriptions and minimises administrative effort, making it the most efficient solution.<\/span><\/p>\n<p><b>Reference: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/governance\/policy\/tutorials\/create-and-manage#implement-a-new-custom-policy\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/governance\/policy\/tutorials\/create-and-manage#implement-a-new-custom-policy<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_6\"><\/span><b>Question No.: 6<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Manage Azure identities and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Manage Azure subscriptions and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Configure resource locks<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Your organisation has applied a Delete lock to a storage account containing critical business data. A developer tries to delete a container within this storage account to free up space, but encounters an error. What is the most likely reason for the error<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. The Delete lock applies to all sub-resources of the storage account, including containers.<br \/>\n<\/span><span style=\"font-weight: 400;\">B. The Delete lock is incorrectly configured and should only apply to the storage account itself.<br \/>\n<\/span><span style=\"font-weight: 400;\">C. The developer lacks Azure RBAC permissions to delete the container<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Containers are not affected by resource locks<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option A is CORRECT because a Delete lock applied to a storage account affects the storage account itself as well as its sub-resources, including containers. This ensures that no deletions can occur at any level under the locked storage account, which is why the developer encounters an error when attempting to delete a container.<\/span><\/p>\n<p><b>Reference:<\/b> <a title=\"Protect your Azure resources with a lock \u2013 Azure Resource Manager\" href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/management\/lock-resources?tabs=json#lock-inheritance\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Protect your Azure resources with a lock \u2013 Azure Resource Manager<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Section_2_AZ-104_Exam_Case_Study_Type_Questions_Q7_%E2%80%93_Q13\"><\/span><b>Section 2: AZ-104 Exam Case Study Type Questions (Q7 &#8211; Q13)<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Case studies require you to read a scenario and answer several independent questions based on it. Read the full scenario before attempting questions.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.<\/span><\/p>\n<h4><b>Overview:<\/b><\/h4>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Contoso Inc. is a multinational company specialising in cloud-based enterprise solutions. They have recently migrated several of their workloads to Microsoft Azure to streamline operations and improve security. Contoso has multiple departments, including finance, sales, and HR, which require different resources across several regions.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">The company has an Azure environment with several subscriptions for different projects and departments. These subscriptions are governed by various access policies and management practices to ensure compliance with both corporate standards and regulatory requirements.<\/span><\/li>\n<\/ul>\n<p><b>Existing Environment:<\/b><\/p>\n<p><b>1. Azure Subscriptions: <\/b><span style=\"font-weight: 400;\">Contoso Inc. has three main Azure subscriptions:<\/span><\/p>\n<p><b>2. Finance Subscription: <\/b><span style=\"font-weight: 400;\">Hosts finance-related workloads.<\/span><\/p>\n<p><b>3. Sales Subscription:<\/b><span style=\"font-weight: 400;\"> Hosts workloads for the sales department.<\/span><\/p>\n<p><b>4. HR Subscription: <\/b><span style=\"font-weight: 400;\">Hosts HR applications and employee data.<\/span><\/p>\n<p><b>5. Resource Groups:<\/b><span style=\"font-weight: 400;\"> Each department has resource groups assigned to specific applications.\u00a0<\/span><\/p>\n<ul>\n<li><span style=\"font-weight: 400;\">Finance has resource groups like Finance-Dev and Finance-Prod.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Sales has resource groups like Sales-Dev, Sales-Prod.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">HR has resource groups like HR-Dev and HR-Prod.<\/span><\/li>\n<\/ul>\n<p><b style=\"font-style: inherit;\">6. Tagging Policy: <\/b><span style=\"font-weight: 400;\">Contoso uses tags for cost allocation, resource management, and compliance auditing. For instance, the tag Environment is applied to each resource with values such as Dev, Prod, or Test.<\/span><\/p>\n<p><b>7. Cost Management: <\/b><span style=\"font-weight: 400;\">Contoso has implemented Azure cost management solutions, using budgets to monitor and control costs across departments. The Finance department has exceeded its budget for the last quarter, while other departments are within their budget limits.<\/span><\/p>\n<p><b>8. Compliance and Security: <\/b><span style=\"font-weight: 400;\">Contoso has set up policies to ensure that no resources are deployed without necessary tags and that resource locks are enforced to prevent accidental deletion of critical resources<\/span><b>.<\/b><\/p>\n<p><b>9. Management Groups:<\/b><span style=\"font-weight: 400;\"> The organisation follows a hierarchical structure to manage resources:<\/span><\/p>\n<ol>\n<li style=\"list-style-type: none;\">\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"2\"><span style=\"font-weight: 400;\">Top-level Management Group: Contoso-Main<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"2\"><span style=\"font-weight: 400;\">Sub-management groups for each department: Finance, Sales, HR. <\/span><\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h4><b>Requirements: <\/b><b>Technical Requirements<\/b><\/h4>\n<p><b>Contoso has the following technical requirements:\u00a0<\/b><\/p>\n<ul>\n<li aria-level=\"1\"><b>Tagging: <\/b>The Finance team has requested that all resources within the Finance-Prod resource group automatically inherit a Compliance tag with the value High to ensure accurate compliance reporting.<\/li>\n<li aria-level=\"1\"><b>Cost Management: <\/b>The Sales department has requested a solution to alert them when their monthly Azure spend exceeds $50,000 to prevent overspending.<\/li>\n<li aria-level=\"1\"><b>Resource Group Management: <\/b>The HR department wants to ensure that all resources in the HR-Prod resource group are protected with a Delete Lock to avoid accidental deletion during system updates.<\/li>\n<li aria-level=\"1\"><b>Subscription Management: <\/b>Management needs a strategy to enforce consistent governance across all Azure subscriptions while maintaining department-level autonomy.<\/li>\n<li aria-level=\"1\"><b>Management Groups: <\/b>Contoso wants to set up a policy for all resources under the Sales management group to automatically use a specific SKU for all virtual machines (VMs) to standardise resource provisioning.<b style=\"font-style: inherit;\">\u00a0<\/b><\/li>\n<\/ul>\n<h4><b>Requirements: <\/b><b>User Requirements:<\/b><\/h4>\n<p><b>Contoso has the following user requirements:\u00a0<\/b><\/p>\n<ul>\n<li aria-level=\"1\"><b>Finance Team:<\/b> Ensure all resources in the Finance subscription are tagged for reporting and budgeting.<\/li>\n<li aria-level=\"1\"><b>Sales Team: <\/b>Monitor and manage Azure cost alerts efficiently to avoid exceeding budget limits.<\/li>\n<li aria-level=\"1\"><b>HR Team: <\/b>Ensure critical resources are locked to prevent accidental deletion.<\/li>\n<li aria-level=\"1\"><b>IT Governance Team: <\/b>Establish consistent resource management policies across subscriptions while maintaining departmental autonomy.<\/li>\n<\/ul>\n<table>\n<tbody>\n<tr>\n<td><b>Department<\/b><\/td>\n<td><b>Requirement<\/b><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Finance<\/span><\/td>\n<td><span style=\"font-weight: 400;\">All Finance-Prod resources must auto-inherit a Compliance = High tag<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Sales<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Alert when monthly spend exceeds $50,000<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">HR<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Protect all HR-Prod resources from accidental deletion<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">IT Governance<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Enforce consistent policies across all subscriptions while maintaining departmental autonomy<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Sales (VM)<\/span><\/td>\n<td><span style=\"font-weight: 400;\">All VMs in the Sales management group must use a standard approved SKU<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_7\"><\/span><b>Question No.: 7<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Manage Azure identities and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Manage Azure subscriptions and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Manage resource groups<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Contoso wants to implement a policy that automatically ensures no resources in the HR-Prod resource group can be deleted. What is the most efficient way to achieve this?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Apply a Delete lock on each resource within the HR-Prod resource group.<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Apply a Delete lock to the entire HR-Prod resource group to prevent deletion of any resources.<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Assign a Role-Based Access Control (RBAC) policy that prevents the deletion of resources in the HR-Prod resource group.<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Use Azure Automation to periodically check the resources in the HR-Prod group and manually apply locks.<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option B is CORRECT because a Delete lock applied at the resource group level ensures that all resources within the group are protected against deletion, regardless of when they were created. This includes any existing resources and any resources added to the resource group in the future. The Delete lock is an in-built Azure feature that overrides permissions, meaning even users with elevated roles, such as Owners or Contributors, cannot delete resources within the group unless the lock is removed. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">This approach is efficient because it eliminates the need for manual intervention and ensures consistent protection across the resource group. Additionally, locks provide transparency and are visible in the Azure portal, helping organisations enforce strict governance policies. This solution aligns with best practices for managing resources in Azure and reduces the risk of accidental or unauthorised deletions, which could lead to downtime or data loss.<\/span><\/p>\n<p><b>Reference: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/management\/lock-resources?tabs=json\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/management\/lock-resources?tabs=json<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_8\"><\/span><b>Question No.: 8<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Manage Azure identities and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Manage Azure subscriptions and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Manage subscriptions<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Contoso Inc. has three Azure subscriptions: Finance, Sales, and HR. The organisation wants to ensure that the Finance team can manage all resources within their subscription, while the Sales and HR teams only have limited access to their respective subscriptions. Additionally, the Finance team needs to be able to manage billing across all subscriptions. What is the most efficient approach to implement this scenario?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Assign the Finance team as subscription owners for all three subscriptions and restrict the Sales and HR teams to Contributor roles within their respective subscriptions.<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Create a management group for each department and assign the Finance team as a Global Administrator at the management group level, while assigning the Sales and HR teams as Owners within their respective subscriptions.<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Use Microsoft Entra Privileged Identity Management to elevate access for the Finance team when needed and assign the Sales and HR teams as Readers in their subscriptions.<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Set up Azure Lighthouse and delegate control of the subscriptions to the Finance team for billing, and assign the Sales and HR teams appropriate roles within their subscription.<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option A is CORRECT because assigning the Finance team as Subscription Owners for all subscriptions provides them with full administrative control, including the ability to manage billing across all subscriptions. At the same time, restricting the Sales and HR teams to the Contributor role within their respective subscriptions ensures they can manage resources but are limited to actions within their designated scope. This solution ensures a clear separation of responsibilities while fulfilling the requirement for Finance to manage billing and other resources across subscriptions. It is straightforward and does not involve unnecessary complexity, making it efficient and scalable for governance.<\/span><\/p>\n<p><b>References: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/role-based-access-control\/role-assignments-portal-subscription-admin\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/role-based-access-control\/role-assignments-portal-subscription-admin<\/span><\/a><\/p>\n<p><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/role-based-access-control\/role-assignments-steps#privileged-administrator-roles\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/role-based-access-control\/role-assignments-steps#privileged-administrator-roles<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_9\"><\/span><b>Question No.: 9<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Manage Azure identities and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Manage Azure subscriptions and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Manage costs by using alerts, budgets, and Azure Advisor recommendations<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">The Sales department has a monthly budget of $50,000 for Azure services. The department wants to receive an alert when its spending approaches 80% of the budgeted amount. Which of the following actions should you take to achieve this?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Create an Azure Monitor alert based on the subscription\u2019s total spend<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Use Azure Cost Management to set up a budget and configure an alert for when the spend exceeds 80% of the budget<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Configure Azure Advisor recommendations to alert the Sales team when costs are nearing the budget limit<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Set up an automatic scale rule to scale down the resources when the budget exceeds 80%<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option B is CORRECT because Azure Cost Management provides the functionality to create budgets and set spending thresholds. You can configure a budget specific to the Sales department\u2019s subscription or resource group and set an alert for 80% of the allocated budget ($50,000 in this case). This approach is aligned with the requirement, as it directly tracks spending and provides proactive notifications when nearing the defined threshold. This method is efficient, automated, and purpose-built for cost governance in Azure.<\/span><\/p>\n<p><b>References: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/cost-management-billing\/costs\/tutorial-acm-create-budgets?tabs=psbudget\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/cost-management-billing\/costs\/tutorial-acm-create-budgets?tabs=psbudget<\/span><\/a><\/p>\n<p><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/cost-management-billing\/costs\/tutorial-acm-create-budgets?tabs=psbudget#configure-forecasted-budget-alerts\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/cost-management-billing\/costs\/tutorial-acm-create-budgets?tabs=psbudget#configure-forecasted-budget-alerts<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_10\"><\/span><b>Question No.: 10<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Manage Azure identities and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Manage Azure subscriptions and governance<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Configure management groups<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Contoso wants to enforce a policy that ensures all virtual machines deployed under the Sales management group use a specific SKU (e.g., Standard_D2_v2) to standardise VM deployment. What is the most efficient way to enforce this policy?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Define a custom role within the Sales management group at the resource group level to enforce limitations on the available virtual machine (VM) SKUs<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Apply an Azure Policy at the Sales management group level to enforce the specific SKU for all virtual machines.<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Manually configure the SKU for each virtual machine deployed in the Sales management group.<br \/>\n<\/span><span style=\"font-weight: 400;\">Assign a policy at the subscription level to enforce the VM SKU for all resources within the subscription.<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option B is CORRECT because Azure Policy is specifically designed to enforce compliance and standardisation for Azure resources, including virtual machines. By applying a policy at the Sales management group level, you can define a rule that ensures all VMs deployed under this group use the required SKU (e.g., Standard_D2_v2). This policy propagates automatically to all subscriptions and resource groups within the Sales management group, ensuring uniform enforcement with minimal administrative effort. Azure Policy also provides auditing and compliance reporting, allowing Azure administrators to track and remediate non-compliant resources if needed.<\/span><\/p>\n<p><b>References:\u00a0<\/b><\/p>\n<p><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/governance\/policy\/overview\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/governance\/policy\/overview<\/span><\/a><\/p>\n<p><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/governance\/policy\/tutorials\/create-and-manage\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/governance\/policy\/tutorials\/create-and-manage<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_11\"><\/span><b>Question No.: 11<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Deploy and manage Azure compute resources<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Automate deployment of resources by using Azure Resource Manager (ARM) templates or Bicep files<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Modify an existing Azure Resource Manager template<\/span><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">You are modifying an ARM template to include a new Azure Storage account. The storage account must be created before a virtual machine in the same template, as the virtual machine depends on the storage account for disk storage.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Which action ensures that the storage account is created before the virtual machine?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Add the dependsOn property to the virtual machine resource and reference the storage account.<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Reorder the resources in the template so the storage account is defined before the virtual machine.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">C. Use a condition to deploy the storage account only if the virtual machine exists.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Add the storage account to a nested template and call it before the virtual machine.<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option A is CORRECT because the dependsOn property explicitly specifies a dependency between resources in an ARM template. By referencing the storage account in the dependsOn property of the virtual machine, Azure ensures that the storage account is fully provisioned before the virtual machine is deployed. This is the most reliable and recommended method for defining dependencies between resources.<\/span><\/p>\n<p><b>Reference: <\/b><a title=\"Define the order for deploying resources in ARM templates\" href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/templates\/resource-dependency\" target=\"_blank\" rel=\"noopener\">Define the order for deploying resources in ARM templates\u00a0<\/a><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_12\"><\/span><b>Question No.: 12<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Deploy and manage Azure compute resources<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Automate deployment of resources by using Azure Resource Manager (ARM) templates or Bicep files<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Modify an existing Bicep file<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">You are managing an application deployment project where different environments (development, testing, production) require varying Azure App Service plan SKUs. The current Bicep file deploys the App Service plan with the SKU hard-coded<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0as P1v2. This has caused issues because the production environment needs P3v2, while development and testing require F1 and S1, respectively.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">How should you modify the Bicep file to make the SKU configurable during deployment?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Add a new parameter for the SKU and update the App Service plan resource to reference this parameter.<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Add a new variable for the SKU and update the App Service plan resource to reference this variable.<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Update the SKU property directly in the resource definition to include all possible SKU values.<br \/>\n<\/span><span style=\"font-weight: 400;\">A. Add a new output for the SKU to display the selected value after deployment.<\/span><\/p>\n<p><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option A is CORRECT because using a parameter makes the SKU value configurable during deployment. Parameters allow you to supply values specific to the environment (e.g., F1 for development, S1 for testing, and P3v2 for production) without modifying the Bicep file. This approach ensures flexibility, reusability, and alignment with best practices for infrastructure as code.<\/span><\/p>\n<p><b>Reference: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/bicep\/file#parameters\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/bicep\/file#parameters<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Section_3_AZ-104_Drag_and_Drop_Ordering_Questions_Q13%E2%80%93Q20\"><\/span><b>Section 3: AZ-104 Drag and Drop \/ Ordering Questions (Q13\u2013Q20)<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">In the real exam, you drag items into the correct sequence or match them to categories. Here, select the correct order or match from the options.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_13\"><\/span><b>Question No.: 13<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Deploy and manage Azure compute resources<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Automate deployment of resources by using Azure Resource Manager (ARM) templates or Bicep files<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Deploy resources by using an Azure Resource Manager template or a Bicep file<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">You are tasked with deploying Azure resources using a local Bicep file. You need to ensure the deployment follows the required steps to create a resource group and deploy the resources. Arrange the steps in the correct order to complete the deployment using Azure CLI.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">[options on the left side]<\/span><\/p>\n<ol>\n<li><span style=\"font-weight: 400;\">Validate the Azure CLI installation and ensure it is updated to its latest version.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Create the resource group using the az group create command<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Verify successful deployment in the Azure portal<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Use the az deployment group create command with the Bicep file and parameters.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Log in to Azure and set the appropriate subscription using az login and az account set.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Prepare the local Bicep file with the required resource definitions.<\/span><\/li>\n<\/ol>\n<p><b>Correct Answer (to be dragged to the right side)<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Correct Sequence \u2013 1, 5, 6, 2, 4, 3<\/span><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Validate the Azure CLI installation: Before starting any deployment, it is imperative to confirm that the Azure Command-Line Interface (CLI) is installed and functioning correctly. This involves running a command like az \u2013version to check the current version of the Azure CLI. Keeping the CLI updated is crucial because newer versions may introduce new features, improvements, fixes, and support for the latest Azure features, including enhancements related to Bicep, which is a domain-specific language (DSL) for deploying Azure resources. Ensuring that the Azure CLI is up to date helps avoid compatibility issues during deployment.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Log in to Azure and set the subscription: The next step is to authenticate to Azure by running the command az login. This command opens a new browser window prompting for Azure credentials, allowing you to sign in securely. Once authenticated, it\u2019s essential to specify which subscription to use if your account has access to multiple subscriptions. This is accomplished with the command az account set \u2013subscription \u201cYourSubscriptionName\u201d. This step ensures that subsequent commands for resource group creation and resource deployment will target the correct Azure subscription, making the deployment process organised and eliminating potential errors related to targeting the wrong subscription.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Prepare the local Bicep file: With the Azure CLI set and authenticated, you will need to prepare your Bicep file. The Bicep file is where you define all the Azure resources you want to deploy, such as virtual machines, storage accounts, networking components, etc.<br \/>\n<\/span>This file uses a clear, concise syntax, making it easier to read and maintain compared to traditional JSON ARM templates. Ensure that your Bicep file includes the necessary parameters and resource definitions to meet your deployment needs. This step is crucial because any misconfiguration or missing parameters in the Bicep file can lead to deployment failures.<\/li>\n<\/ol>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Create the resource group: Before deploying resources, it is essential to ensure that the target resource group exists. A resource group is a logical container for Azure resources, providing a way to manage and organise related resources.\u00a0<\/span><\/li>\n<\/ol>\n<p><span style=\"font-weight: 400;\">Use the command az group create\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u2013name: YourResourceGroupName\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u2013location: YourLocation to create a new resource group.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If the resource group already exists, you can skip this step. However, if it does not exist, this command ensures a suitable environment is ready for deploying your defined resources.<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Deploy resources using Bicep: Once you have the resource group set up, the next step is to execute the deployment using the command that a deployment group creates. This command takes several parameters, including \u2013resource-group, the name of the resource group where you want to deploy the resources, and \u2013template-file pointing to your Bicep file. Optionally, if your Bicep file requires parameters, you can supply these using the \u2013parameters flag. This step is where the actual deployment happens, and Azure starts provisioning the resources as defined in your Bicep file.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Verify the deployment: After initiating the deployment, it is important to verify that everything was deployed successfully. You can either monitor the output in the CLI, which provides immediate feedback on the deployment status or log into the Azure portal and navigate to the resource group to visually confirm that the resources are created as expected. Checking the deployment status helps ensure that all resources are provisioned correctly, and if any issues arise, it allows you to troubleshoot or investigate errors accordingly.<\/span><\/li>\n<\/ol>\n<p><b>References: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/bicep\/deploy-cli#deploy-local-bicep-file\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/bicep\/deploy-cli#deploy-local-bicep-file<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_14\"><\/span><b>Question No.: 14<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Deploy and manage Azure compute resources<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Automate deployment of resources by using Azure Resource Manager (ARM) templates or Bicep files<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Export a deployment as an Azure Resource Manager template or convert an Azure Resource Manager template to a Bicep file<\/span><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">You are working as an Azure Administrator for a company that heavily uses ARM templates to deploy and manage Azure resources. The development team recently decided to transition to using Bicep files for better readability and easier resource management. The team has shared an existing ARM template that defines the infrastructure for a web application, including virtual networks, storage accounts, and app services. They request your assistance in converting this ARM template into a Bicep file to align with the new approach.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Which action should you take to convert the ARM template into a Bicep file?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Use the az bicep build command to convert the ARM template into a Bicep file.<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Use the az bicep decompile command to convert the ARM template into a Bicep file.<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Open the ARM template in Visual Studio Code and use the \u201cConvert to Bicep\u201d extension.<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Rewrite the ARM template manually in Bicep syntax<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option B is CORRECT because the az bicep decompile command is specifically designed to convert an existing ARM template (JSON format) into a Bicep file. It simplifies the transition from ARM templates to Bicep by automatically generating the equivalent Bicep code from a JSON file. This is the most efficient and accurate way to achieve the stated objective.<\/span><\/p>\n<p><b>Reference: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/bicep\/decompile?tabs=azure-cli\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/bicep\/decompile?tabs=azure-cli<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_15\"><\/span><b>Question No.: 15<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Deploy and manage Azure compute resources<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Create and configure virtual machines<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Configure Azure Disk Encryption<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">You are configuring Azure Disk Encryption for a new Linux-based virtual machine (VM). The VM will be deployed using a custom image, and you must ensure that the disk encryption process is performed automatically during the deployment.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Which of the following actions will ensure that the VM\u2019s OS disk is encrypted automatically during deployment?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Use the az vm encryption enable command after the VM is deployed<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Ensure that the Key Vault and encryption key are configured in the VM\u2019s deployment template<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Configure the VM to use managed disks and enable encryption at rest through the Azure portal<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Manually create an encryption script and run it after the VM is deployed<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option B is CORRECT because to enable encryption automatically during deployment, the Key Vault and encryption key need to be configured in the VM\u2019s deployment template (either an ARM template or a Bicep file). By specifying the Key Vault and encryption key in the template, Azure will automatically encrypt the OS disk during the VM\u2019s creation process. This approach is fully automated and eliminates the need for manual steps after deployment. The encryption happens as part of the VM deployment lifecycle.<\/span><\/p>\n<p><b>References: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/virtual-machines\/disks-enable-host-based-encryption-portal?tabs=azure-powershell\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/virtual-machines\/disks-enable-host-based-encryption-portal?tabs=azure-powershell<\/span><\/a><\/p>\n<p><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/virtual-machines\/linux\/disk-encryption-linux?tabs=azcliazure%2Cenableadecli%2Cefacli%2Cadedatacli\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/virtual-machines\/linux\/disk-encryption-linux?tabs=azcliazure%2Cenableadecli%2Cefacli%2Cadedatacli<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_16\"><\/span><b>Question No.: 16<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Deploy and manage Azure compute resources<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Create and configure virtual machines<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Move a virtual machine to another resource group, subscription, or region<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">You are managing an Azure environment and have been tasked with moving a virtual machine (VM) to a new resource group to align with updated organisational policies. While operating the Azure portal, you encounter an error indicating that some dependent resources cannot be moved along with the VM. The error prevents the move operation from completing. Which of the following resources is likely causing the issue?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Virtual network and network security group<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Azure Key Vault associated with the VM<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Azure Policy assignments linked to the VM<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Azure Monitor alerts are configured for the VM<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0<\/span><b>Correct Answer: A<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option A is CORRECT because dependent resources such as virtual networks (VNets) and network security groups (NSGs) are tightly bound to the VM. When moving a VM to a new resource group, all associated resources must either already exist in the target resource group or be moved simultaneously. If these resources are not in the same resource group or cannot be moved, the operation will fail. Azure enforces this dependency to maintain resource integrity and connectivity.<\/span><\/p>\n<p><b>References: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/management\/move-support-resources\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/management\/move-support-resources<\/span><\/a><\/p>\n<p><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/management\/move-limitations\/virtual-machines-move-limitations?tabs=azure-cli\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/azure-resource-manager\/management\/move-limitations\/virtual-machines-move-limitations?tabs=azure-cli<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_17\"><\/span><b>Question No.: 17<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Deploy and manage Azure compute resources<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Create and configure virtual machines<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Manage virtual machine sizes<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">You are using a VM with the size Standard_D16s_v3 for testing purposes.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The testing is complete, and you want to reduce costs by resizing the VM to a smaller size, Standard_B2s. The VM has managed disks and an associated public IP. Which<\/span><span style=\"font-weight: 400;\">\u00a0of the following is the best and optimal method to perform the resizing operation?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Change the VM size directly in the Azure portal without stopping it<br \/>\n<\/span><span style=\"font-weight: 400;\">B. Stop the VM, resize it to a smaller size, and then start the VM<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Delete the VM, select the new size, and recreate it with a new public IP<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Create a snapshot of the disk, deploy a new VM with the desired size, and attach the disk to it<\/span><\/p>\n<p><b>Correct Answer: B<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option B is CORRECT because this is the optimal method for resizing a VM to a smaller size. Stopping (deallocating) the VM ensures that the resizing operation can be completed successfully. Azure allows resizing to smaller sizes (like Standard_B2s) only if the VM is deallocated. This method is best for ensuring a seamless operation without any compatibility issues. Resizing a stopped VM also avoids potential disruptions during the resize operation. Deallocating the VM also helps release resources, allowing for the new size to be applied correctly. Once the resize is complete, you can start the VM again.<\/span><\/p>\n<p><b>Reference: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/virtual-machines\/sizes\/resize-vm?tabs=portal\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/virtual-machines\/sizes\/resize-vm?tabs=portal<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_18\"><\/span><b>Question No.: 18<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Deploy and manage Azure compute resources<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Create and configure virtual machines<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Deploy virtual machines to availability zones and availability sets<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Your organisation wants to deploy 10 virtual machines into an Availability Set. You need to distribute these VMs across fault domains and update domains. Based on Azure\u2019s limitations, what is the maximum number of fault domains Azure will assign within an Availability Set?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. 2<br \/>\n<\/span><span style=\"font-weight: 400;\">B. 10<br \/>\n<\/span><span style=\"font-weight: 400;\">C. 5<br \/>\n<\/span><span style=\"font-weight: 400;\">D. 3<\/span><\/p>\n<p><b style=\"font-style: inherit;\">Correct Answer: D<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option D is CORRECT because Azure Availability Sets support 3 fault domains per region. When you place virtual machines in an Availability Set, Azure automatically distributes them across these fault domains to reduce the impact of potential hardware failures or outages within a specific rack.<\/span><\/p>\n<p><b>Reference:<\/b> <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/virtual-machines\/availability-set-overview#how-do-availability-sets-work\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/virtual-machines\/availability-set-overview#how-do-availability-sets-work<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_19\"><\/span><b>Question No.: 19<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Deploy and manage Azure compute resources<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Provision and manage containers in the Azure portal<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Manage sizing and scaling for containers, including Azure Container Instances and Azure Container Apps<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">You are managing a logistics application deployed in Azure Container Apps. The app processes incoming shipment data sent via an Azure Service Bus queue. To ensure timely processing during high traffic, the app must automatically scale out when more than five messages are waiting in the queue. Which scaling rule type should you configure to achieve this?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. HTTP scaling rule<br \/>\n<\/span><span style=\"font-weight: 400;\">B. TCP scaling rule<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Custom scaling rule<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Default scaling rule<\/span><\/p>\n<p><b>Correct Answer: C<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option C is CORRECT because custom scaling rules allow you to configure scaling for scenarios like Azure Service Bus, where specific metrics (e.g., the number of messages in a queue) trigger scaling. In this case, you can use a KEDA (Kubernetes-based Event Driven Autoscaler) scaler to monitor the queue length and scale out the app when there are more than five messages.<\/span><\/p>\n<p><b>Reference: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/container-apps\/scale-app?pivots=azure-portal#scale-rules\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/container-apps\/scale-app?pivots=azure-portal#scale-rules<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Question_No_20\"><\/span><b>Question No.: 20<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Domain: Deploy and manage Azure compute resources<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Main Topic: Create and configure Azure App Service<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Sub Topic: Configure scaling for an App Service plan<\/span><\/p>\n<p><b>Question Text:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Your App Service is hosted in a B1 App Service Plan. It has started encountering frequent HTTP 500 errors during peak hours due to resource exhaustion. You decide to scale up to a higher pricing tier. What limitation should you be aware of when scaling up?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A. Scaling up will require recreating the App Service Plan<br \/>\n<\/span><span style=\"font-weight: 400;\">B. App Service scaling up is not supported in the Basic tier<br \/>\n<\/span><span style=\"font-weight: 400;\">C. Scaling up will change the available features and pricing of the App Service Plan<br \/>\n<\/span><span style=\"font-weight: 400;\">D. Scaling up is only allowed during non-peak hours<\/span><\/p>\n<p><b>Correct Answer: C<\/b><\/p>\n<p><b>Explanation:\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Option C is CORRECT because when scaling up an App Service Plan to a higher pricing tier, you unlock additional features and resources such as higher CPU, memory, and storage, along with different pricing. This change in features and cost is a key consideration before scaling up.<\/span><\/p>\n<p><b>Reference: <\/b><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/app-service\/manage-scale-up\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">https:\/\/learn.microsoft.com\/en-us\/azure\/app-service\/manage-scale-up<\/span><\/a><\/p>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-100968\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.30.53\u202fPM.png\" alt=\"Az 104 Practice questions domain wise details\" width=\"2654\" height=\"710\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.30.53\u202fPM.png 2654w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.30.53\u202fPM-300x80.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.30.53\u202fPM-1024x274.png 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.30.53\u202fPM-768x205.png 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.30.53\u202fPM-1536x411.png 1536w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.30.53\u202fPM-2048x548.png 2048w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Screenshot-2026-05-13-at-5.30.53\u202fPM-150x40.png 150w\" sizes=\"(max-width: 2654px) 100vw, 2654px\" \/><\/p>\n<h2><span class=\"ez-toc-section\" id=\"AZ-104_Exam_Tips_How_to_Approach_Each_Question_Type\"><\/span><b>AZ-104 Exam Tips: How to Approach Each Question Type<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Before you sit the real exam, internalise these strategies.<\/span><\/p>\n<ul>\n<li><b>For Multiple Choice: <\/b><span style=\"font-weight: 400;\">Eliminate obviously wrong answers first. Microsoft almost always includes two plausible-looking distractors and two clearly wrong ones. If you can eliminate two, your odds are good even under uncertainty.<\/span><\/li>\n<li><b>For Case Studies: <\/b><span style=\"font-weight: 400;\">Read the Requirements section before the Overview. Know what the exam is asking you to solve, then read the scenario to find the relevant details. Time is tight, don&#8217;t read everything before knowing what matters.<\/span><\/li>\n<li><b>For Drag and Drop:<\/b><span style=\"font-weight: 400;\"> Work from what you know. If you&#8217;re certain about the first and last step, place those first. The middle often fills in logically.<\/span><\/li>\n<li><b>For Scenario Questions: <\/b><span style=\"font-weight: 400;\">Ask yourself: &#8220;What is the most specific, least-privileged, most automated solution?&#8221; Microsoft exam answers reward precision and automation over manual effort.<\/span><\/li>\n<\/ul>\n<p><strong>Also, check <a title=\"how to prepare for AZ 104 Test on your first Attempt\" href=\"https:\/\/www.whizlabs.com\/blog\/how-to-pass-az-104-first-attempt\/\" target=\"_blank\" rel=\"noopener\">how to prepare for AZ 104 Test on your first Attempt\u00a0<\/a><\/strong><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Whats_the_Best_Way_to_Continue_Your_AZ-104_Preparation\"><\/span><b>What&#8217;s the Best Way to Continue Your AZ-104 Preparation?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">These 20 AZ-104 practice questions are a starting point. The real exam has 40\u201360 questions across a broader topic surface, and the only way to truly prepare is volume and variety. <\/span><span style=\"font-weight: 400;\">Here&#8217;s the progression that works:<\/span><\/p>\n<p><b>Step 1: Identify weak domains<\/b><span style=\"font-weight: 400;\"> using a short mock test (aim for the domains where you got questions wrong above)<\/span><\/p>\n<p><b>Step 2: Practice hands-on<\/b><span style=\"font-weight: 400;\"> in a real Azure environment. Whizlabs AZ-104 Hands-on Labs give you 80+ live lab scenarios covering every domain, with no Azure subscription required.<\/span><\/p>\n<p><b>Step 3: Full mock tests.<\/b><span style=\"font-weight: 400;\"> Whizlabs&#8217;<\/span><a title=\"Azure Az-104 Praactice questions\" href=\"https:\/\/www.whizlabs.com\/microsoft-azure-certification-az-104\/\" target=\"_blank\" rel=\"noopener\"> <span style=\"font-weight: 400;\">AZ-104 Practice questions<\/span><\/a><span style=\"font-weight: 400;\"> include 500+ questions with detailed explanations, updated for the 2025 exam blueprint.<\/span><\/p>\n<p><b>Step 4: Open sandbox practice<\/b><a title=\"Azure Cloud Sandbox\" href=\"https:\/\/www.whizlabs.com\/labs\/azure-sandbox\" target=\"_blank\" rel=\"noopener\"> <span style=\"font-weight: 400;\">Azure Cloud Sandbox<\/span><\/a><span style=\"font-weight: 400;\"> for free-form experimentation without a script<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Frequently_Asked_Questions\"><\/span><b>Frequently Asked Questions<\/b><b><\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><b>How many questions are in the AZ-104 exam?<br \/>\n<\/b><span style=\"font-weight: 400;\">The AZ-104 exam contains 40\u201360 questions. The exact number varies per exam session. You have 120 minutes, which works out to roughly 2 minutes per question.<\/span><b><\/b><\/p>\n<p><b>What is the passing score for AZ-104?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">The AZ-104 passing score is 700 out of 1000. Microsoft uses a scaled scoring system, so not every question carries equal weight.<\/span><b><\/b><\/p>\n<p><b>What is the AZ-104 exam pattern and question types?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">AZ-104 uses multiple choice (single and multi-select), case study, drag-and-drop, hot area, and yes\/no question types. Approximately 40% are traditional multiple choice; the remaining 60% are scenario-based or interactive formats.<\/span><b><\/b><\/p>\n<p><b>Where can I find AZ-104 practice questions with explanations?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Whizlabs&#8217; AZ-104 practice questions include 500+ questions with detailed explanations for every answer, including why wrong answers are wrong, which is critical for exam preparation. It&#8217;s updated regularly to reflect the current exam blueprint.<\/span><\/p>\n<p><b>What topics do AZ-104 sample questions cover?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">AZ-104 practice questions cover all five exam domains: Azure identity and governance (RBAC, Azure Policy, Entra ID), storage (blob tiers, lifecycle, SAS), compute (VMs, scale sets, templates), virtual networking (NSGs, VNets, DNS, load balancers), and monitoring (Azure Monitor, Log Analytics, Backup).<\/span><\/p>\n<p><b>Are there free AZ-104 sample questions available?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Yes, this blog contains 20 free AZ-104 practice questions with detailed explanations. For a full question bank of 500+ questions with timed mock exams, Whizlabs&#8217; AZ-104 practice questions is the most comprehensive option available.<\/span><\/p>\n<p><b>What is a good AZ-104 dumps alternative?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Brain dumps violate Microsoft&#8217;s exam policies and risk certification revocation. A legitimate and more effective alternative is scenario-based practice tests with explanations, like those on Whizlabs, combined with hands-on lab practice. You learn to reason through problems rather than memorise answers that change with each exam update.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Summary\"><\/span><b>Summary<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Working through AZ-104 practice questions across multiple formats: MCQ, case study, and drag-and-drop, is the most efficient way to identify gaps and build exam-day confidence. The questions in this blog map directly to the five AZ-104 exam domains and mirror the scenario-based reasoning the real exam demands.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To go further: combine these AZ-104 practice questions with hands-on labs, a full practice test in exam mode, and the Azure sandbox for a complete AZ-104 certification prep 2026 strategy.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Have a question about a specific answer or topic? Drop it in the comments, and our team will respond.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>AZ-104 Practice Questions &amp; Answers with explanation to Pass Azure Administrator Exam &nbsp; Planning to take the AZ-104: Microsoft Azure Administrator exam? The fastest way to know whether you&#8217;re ready and to identify exactly where you&#8217;re not is to work through real exam-style AZ-104 practice questions with detailed explanations. This blog gives you 20 free Microsoft AZ-104 questions across every format the exam uses: multiple choice, case study, and drag-and-drop. Each answer includes an explanation so you understand why, not just what, which is what the actual exam tests. But first, let&#8217;s make sure you know exactly what you&#8217;re walking [&hellip;]<\/p>\n","protected":false},"author":444,"featured_media":100963,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[15],"tags":[3285],"class_list":["post-81612","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-azure","tag-az-104-exam"],"uagb_featured_image_src":{"full":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2.webp",1200,628,false],"thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-150x150.webp",150,150,true],"medium":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-300x157.webp",300,157,true],"medium_large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-768x402.webp",768,402,true],"large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-1024x536.webp",1024,536,true],"1536x1536":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2.webp",1200,628,false],"2048x2048":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2.webp",1200,628,false],"profile_24":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-24x24.webp",24,24,true],"profile_48":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-48x48.webp",48,48,true],"profile_96":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-96x96.webp",96,96,true],"profile_150":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-150x150.webp",150,150,true],"profile_300":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-300x300.webp",300,300,true],"tptn_thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-250x250.webp",250,250,true],"web-stories-poster-portrait":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-640x628.webp",640,628,true],"web-stories-publisher-logo":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-96x96.webp",96,96,true],"web-stories-thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2022\/03\/Blog-Banner-2-150x79.webp",150,79,true]},"uagb_author_info":{"display_name":"Mythili Sivakumar","author_link":"https:\/\/www.whizlabs.com\/blog\/author\/mythili\/"},"uagb_comment_info":740,"uagb_excerpt":"AZ-104 Practice Questions &amp; Answers with explanation to Pass Azure Administrator Exam &nbsp; Planning to take the AZ-104: Microsoft Azure Administrator exam? The fastest way to know whether you&#8217;re ready and to identify exactly where you&#8217;re not is to work through real exam-style AZ-104 practice questions with detailed explanations. This blog gives you 20 free&hellip;","_links":{"self":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/81612","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/users\/444"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/comments?post=81612"}],"version-history":[{"count":35,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/81612\/revisions"}],"predecessor-version":[{"id":100975,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/81612\/revisions\/100975"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media\/100963"}],"wp:attachment":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media?parent=81612"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/categories?post=81612"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/tags?post=81612"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}