没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
试读
627页
参加该考试的考生应具备学科专业知识,可以实施、管理和监控组织的 Microsoft Azure 环境,包括: 虚拟网络 存储 计算 标识 安全性 调控 Azure 管理员通常在一个较大团队中致力于实现组织的云基础结构。 还要与其他角色协调配合,以提供 Azure 网络、安全、数据库、应用程序开发和 DevOps 解决方案。 你应该熟悉以下内容: 操作系统 网络 服务器 虚拟化 此外,你还应具有以下方面的经验: PowerShell Azure CLI Azure 门户 Azure 资源管理器模板 Microsoft Azure Active Directory (Azure AD)(Microsoft Entra 的一部分)
资源推荐
资源详情
资源评论
Exam Code: AZ-104
Exam Name: Microsoft Azure Administrator
QUESTION 1
Hotspot Question
You have Azure virtual machines that run Windows Server 2019 and are configured as shown in
the following table.
You create a private Azure DNS zone named adatum.com. You configure the adatum.com zone
to allow auto registration from VNET1.
Which A records will be added to the adatum.com zone for each virtual machine? To answer,
select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
The virtual machines are registered (added) to the private zone as A records pointing to their
private IP addresses.
Reference:
https://docs.microsoft.com/en-us/azure/dns/private-dns-overview
https://docs.microsoft.com/en-us/azure/dns/private-dns-scenarios
QUESTION 2
You plan to deploy three Azure virtual machines named VM1, VM2, and VM3. The virtual
machines will host a web app named App1.
You need to ensure that at least two virtual machines are available if a single Azure datacenter
becomes unavailable.
What should you deploy?
A.
all three virtual machines in a single Availability Zone
B.
all virtual machines in a single Availability Set
C.
each virtual machine in a separate Availability Zone
D.
each virtual machine in a separate Availability Set
Answer: C
Explanation:
Azure makes sure that the VMs you place within an Availability Set run across multiple physical
servers, compute racks, storage units, and network switches.
Protecting the app from a data center outage would (imho) require the distribution of VMs among
availability zones.
Reference:
https://docs.microsoft.com/en-us/azure/availability-zones/az-overview#availability-zones
https://docs.microsoft.com/de-de/azure/virtual-machines/windows/tutorial-availability-sets
QUESTION 3
You have an Azure virtual machine named VM1 that runs Windows Server 2019.
You save VM1 as a template named Template1 to the Azure Resource Manager library.
You plan to deploy a virtual machine named VM2 from Template1.
What can you configure during the deployment of VM2?
A.
operating system
B.
administrator username
C.
virtual machine size
D.
resource group
Answer: D
Explanation:
When you deploy a template, you specify a resource group that will contain the resources. Before
running the deployment command, create the resource group or during deployment also we can
create the resource group. If you try to deploy your own template in the portal, there are 3
available options - "Subscription", "Resource Group", "Location".
QUESTION 4
You have an Azure subscription that contains an Azure virtual machine named VM1. VM1 runs a
financial reporting app named App1 that does not support multiple active instances.
At the end of each month, CPU usage for VM1 peaks when App1 runs.
You need to create a scheduled runbook to increase the processor performance of VM1 at the
end of each month.
What task should you include in the runbook?
A.
Add the Azure Performance Diagnostics agent to VM1.
B.
Modify the VM size property of VM1.
C.
Add VM1 to a scale set.
D.
Increase the vCPU quota for the subscription.
E.
Add a Desired State Configuration (DSC) extension to VM1.
Answer: E
Explanation:
https://docs.microsoft.com/en-us/azure/automation/automation-quickstart-dsc-configuration
QUESTION 5
Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution that might meet the stated goals. Some
question sets might have more than one correct solution, while others might not have a
correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result,
these questions will not appear in the review screen.
You have an Azure subscription that contains 10 virtual networks. The virtual networks are hosted
in separate resource groups.
Another administrator plans to create several network security groups (NSGs) in the subscription.
You need to ensure that when an NSG is created, it automatically blocks TCP port 8080 between
the virtual networks.
Solution: You configure a custom policy definition, and then you assign the policy to the
subscription.
Does this meet the goal?
A.
Yes
B.
No
Answer: A
Explanation:
Resource policy definition used by Azure Policy enables you to establish conventions for
resources in your organization by describing when the policy is enforced and what effect to take.
By defining conventions, you can control costs and more easily manage your resources.
Reference:
https://docs.microsoft.com/en-us/azure/azure-policy/policy-definition
QUESTION 6
You have two Azure virtual networks named VNet1 and VNet2. VNet1 contains an Azure virtual
machine named VM1. VNet2 contains an Azure virtual machine named VM2.
VM1 hosts a frontend application that connects to VM2 to retrieve data.
Users report that the frontend application is slower than usual.
You need to view the average round-trip time (RTT) of the packets from VM1 to VM2.
Which Azure Network Watcher feature should you use?
A.
IP flow verify
B.
Connection troubleshoot
C.
Connection monitor
D.
NSG flow logs
Answer: C
Explanation:
The connection monitor capability monitors communication at a regular interval and informs you
of reachability, latency, and network topology changes between the VM and the endpoint
Incorrect Answers:
A: The IP flow verify capability enables you to specify a source and destination IPv4 address,
port, protocol (TCP or UDP), and traffic direction (inbound or outbound). IP flow verify then tests
the communication and informs you if the connection succeeds or fails. If the connection fails, IP
flow verify tells you which security rule allowed or denied the communication, so that you can
resolve the problem.
B: The connection troubleshoot capability enables you to test a connection between a VM and
another VM, an FQDN, a URI, or an IPv4 address. The test returns similar information returned
when using the connection monitor capability, but tests the connection at a point in time, rather
than monitoring it over time, as connection monitor does.
D: The NSG flow log capability allows you to log the source and destination IP address, port,
protocol, and whether traffic was allowed or denied by an NSG.
Reference:
剩余626页未读,继续阅读
资源评论
xueyunshengling
- 粉丝: 171
- 资源: 441
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功