New 2021 Azure az-204 exam questions from Lead4Pass az-204 dumps!
Welcome to download the newest Lead4Pass az-204 VCE and PDF dumps: https://www.leads4pass.com/az-204.html (335 Q&As)

P.S. Free 2021 Azure az-204 Dumps are available on Google Drive shared by Lead4Pass: https://drive.google.com/file/d/1X4oEpmjyo511Zd7SIA81eE-pvqgBSg5W/

Free Azure az-204 exam questions and answers

QUESTION 1

HOTSPOT
You need to configure security and compliance for the corporate website files.
Which Azure Blob storage settings should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

microsoft az-204 exam questions q1

Correct Answer:

microsoft az-204 exam questions q1-1

Box 1: role-based access control (RBAC)
Azure Storage supports authentication and authorization with Azure AD for the Blob and Queue services via Azure rolebased access control (Azure RBAC).
Scenario: File access must restrict access by IP, protocol, and Azure AD rights.
Box 2: storage account type
Scenario: The website uses files stored in Azure Storage
Auditing of the file updates and transfers must be enabled to comply with General Data Protection Regulation (GDPR).
Creating a diagnostic setting:
1.
Sign in to the Azure portal.
2.
Navigate to your storage account.
3.
In the Monitoring section, click Diagnostic settings (preview).
4.
Choose file as the type of storage that you want to enable logs for.
5.
Click Add diagnostic setting.

microsoft az-204 exam questions q1-2

Reference: https://docs.microsoft.com/en-us/azure/storage/common/storage-introduction https://docs.microsoft.com/enus/azure/storage/files/storage-files-monitoring

 

QUESTION 2

HOTSPOT
You need to update the APIs to resolve the testing error.
How should you complete the Azure CLI command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

microsoft az-204 exam questions q2

Correct Answer:

microsoft az-204 exam questions q2-1

Enable Cross-Origin Resource Sharing (CORS) on your Azure App Service Web App.
Enter the full URL of the site you want to allow to access your WEB API or * to allow all domains.
Box 1: cors
Box 2: add
Box 3: allowed-origins
Box 4: http://testwideworldimporters.com/
References:
http://donovanbrown.com/post/How-to-clear-No-Access-Control-Allow-Origin-header-error-with-Azure-App-Service

 

QUESTION 3

You develop a gateway solution for a public facing news API. The news API back end is implemented as a RESTful
service and uses an OpenAPI specification.
You need to ensure that you can access the news API by using an Azure API Management service instance.
Which Azure PowerShell command should you run?

A. Import-AzureRmApiManagementApi –Context $ApiMgmtContext –SpecificationFormat “Swagger” -SpecificationPath
$SwaggerPath –Path $Path
B. New-AzureRmApiManagementBackend -Context $ApiMgmtContext -Url $Url -Protocol http
C. New-AzureRmApiManagement –ResourceGroupName $ResourceGroup –Name $Name –Location $Location
–Organization $Org –AdminEmail $AdminEmail
D. New-AzureRmApiManagementBackendProxy –Url $ApiUrl

Correct Answer: D
New-AzureRmApiManagementBackendProxy creates a new Backend Proxy Object which can be piped when creating a
new Backend entity.
Example: Create a Backend Proxy In-Memory Object PS C:\>$secpassword = ConvertTo-SecureString
“PlainTextPassword” -AsPlainText -Force PS C:\>$proxyCreds = New-Object
System.Management.Automation.PSCredential (“foo”, $secpassword) PS C:\>$credential = NewAzureRmApiManagementBackendProxy -Url “http://12.168.1.1:8080” -ProxyCredential $proxyCreds
PS C:\>$apimContext = New-AzureRmApiManagementContext -ResourceGroupName “Api-Default-WestUS”
-ServiceName “contoso”
PS C:\>$backend = New-AzureRmApiManagementBackend -Context $apimContext -BackendId 123 -Url
\\’https://contoso.com/awesomeapi\\’ -Protocol http -Title “first backend” -SkipCertificateChainValidation $true -Proxy
$credential Description “backend with proxy server” Creates a Backend Proxy Object and sets up Backend
Incorrect Answers:
A: The Import-AzureRmApiManagementApi cmdlet imports an Azure API Management API from a file or a URL in Web
Application Description Language (WADL), Web Services Description Language (WSDL), or Swagger format.
B: New-AzureRmApiManagementBackend creates a new backend entity in Api Management.
C: The New-AzureRmApiManagement cmdlet creates an API Management deployment in Azure API Management.
References: https://docs.microsoft.com/en-us/powershell/module/azurerm.apimanagement/newazurermapimanagementbackendproxy?view=azurermps-6.13.0

 

QUESTION 4

HOTSPOT
You are developing a back-end Azure App Service that scales based on the number of messages contained in a
Service Bus queue.
A rule already exists to scale up the App Service when the average queue length of unprocessed and valid queue
messages is greater than 1000.
You need to add a new rule that will continuously scale down the App Service as long as the scale up condition is not
met.
How should you configure the Scale rule? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

microsoft az-204 exam questions q4 microsoft az-204 exam questions q4-1

Correct Answer:

microsoft az-204 exam questions q4-2 microsoft az-204 exam questions q4-3

Box 1: Service bus queue
You are developing a back-end Azure App Service that scales based on the number of messages contained in a
Service Bus queue.
Box 2: ActiveMessage Count
ActiveMessageCount: Messages in the queue or subscription that are in the active state and ready for delivery.
Box 3: Count
Box 4: Less than or equal to
You need to add a new rule that will continuously scale down the App Service as long as the scale up condition is not
met.
Box 5: Decrease count by

 

QUESTION 5

You must implement Application Insights instrumentation capabilities utilizing the Azure Mobile Apps SDK to provide
meaningful analysis of user interactions with a molbile app.
You need to capture the data required to implement the Usage Analytics feature of Application Insights.
Which three data values should you capture? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Trace
B. Session Id
C. Exception
D. User Id
E. Events

Correct Answer: ADE
Application Insights is a service for monitoring the performance and usage of your apps. This module allows you to send telemetry of various kinds (events, traces, etc.) to the Application Insights service where your data can be visualized in the Azure Portal.
Application Insights manages the ID of a session for you.
References: https://github.com/microsoft/ApplicationInsights-Android

 

QUESTION 6

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You develop Azure solutions.
You must grant a virtual machine (VM) access to specific resource groups in Azure Resource Manager.
You need to obtain an Azure Resource Manager access token.
Solution: Run the Invoke-RestMethod cmdlet to make a request to the local managed identity for Azure resources
endpoint.
Does the solution meet the goal?

A. Yes
B. No

Correct Answer: A
Get an access token using the VM\\’s system-assigned managed identity and use it to call Azure Resource Manager
You will need to use PowerShell in this portion.
1.
In the portal, navigate to Virtual Machines and go to your Windows virtual machine and in the Overview, click Connect.
2.
Enter in your Username and Password for which you added when you created the Windows VM.
3.
Now that you have created a Remote Desktop Connection with the virtual machine, open PowerShell in the remote
session.
4.
Using the Invoke-WebRequest cmdlet, make a request to the local managed identity for Azure resources endpoint to get
an access token for Azure Resource Manager.
Example: $response = Invoke-WebRequest -Uri \\’http://169.254.169.254/metadata/identity/oauth2/token?apiversion=2018-02-01andresource=https://management.azure.com/\\’ -Method GET -Headers @{Metadata=”true”}
Reference: https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windowsvm-access-arm

 

QUESTION 7

HOTSPOT
You are developing an Azure App Service hosted ASP.NET Core API app by using C#. The API app will allow users to
authenticate by using Twitter and Azure Active Directory (Azure AD).
Users must be authenticated before calling API methods. You must log the user\\’s name for each method call.
You need to configure the API method calls.
Which values should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

microsoft az-204 exam questions q7

Correct Answer:

microsoft az-204 exam questions q7-1

Box 1: Authorize
Box 2: X-MS-CLIENT-PRINCIPAL-NAME
App Service passes user claims to your application by using special headers. External requests aren\\’t allowed to set
these headers, so they are present only if set by App Service. Some example headers include:
X-MS-CLIENT-PRINCIPAL-NAME X-MS-CLIENT-PRINCIPAL-ID Here\\’s the set of headers you get from Easy Auth for
a Twitter authenticated user:
{ “cookie”: “AppServiceAuthSession=Lx43…xHDTA==”, …
“x-ms-client-principal-name”: “evilSnobu”,
“x-ms-client-principal-id”: “35….”,
“x-ms-client-principal-idp”: “twitter”,
“x-ms-token-twitter-access-token”: “35…Dj”,
“x-ms-token-twitter-access-token-secret”: “OK3…Jx”,
}
References: https://docs.microsoft.com/en-us/azure/app-service/app-service-authentication-how-to

 

QUESTION 8

DRAG DROP
You maintain an existing Azure SQL Database instance. Management of the database is performed by an external
party. All cryptographic keys are stored in an Azure Key Vault.
You must ensure that the external party cannot access the data in the SSN column of the Person table.
Will each protection method meet the requirement? To answer, drag the appropriate responses to the correct protection
methods. Each response may be used once, more than once, or not at all. You may need to drag the split bar between
panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:

microsoft az-204 exam questions q8

Correct Answer:

microsoft az-204 exam questions q8-1

Box 1: Yes
You can configure Always Encrypted for individual database columns containing your sensitive data. When setting up
encryption for a column, you specify the information about the encryption algorithm and cryptographic keys used to
protect
the data in the column.
Box 2: No
Box 3: Yes
In SQL Database, the VIEW permissions are not granted by default to the public fixed database role. This enables
certain existing, legacy tools (using older versions of DacFx) to work properly. Consequently, to work with encrypted
columns
(even if not decrypting them) a database administrator must explicitly grant the two VIEW permissions.
Box 4: No
All cryptographic keys are stored in an Azure Key Vault.
References:
https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypted-database-engine

 

QUESTION 9

You are developing an ASP.NET Core Web API web service. The web service uses Azure Application Insights for all
telemetry and dependency tracking. The web service reads and writes data to a database other than Microsoft SQL
Server.
You need to ensure that dependency tracking works for calls to the third-party database.
Which two Dependency Telemetry properties should you store in the database? Each correct answer presents part of
the solution.
NOTE: Each correct selection is worth one point.

A. Telemetry.Context.Operation.Id
B. Telemetry.Name
C. Telemetry.Context.Cloud.RoleInstance
D. Telemetry.Context.Session.Id
E. Telemetry.Id

Correct Answer: AE
Example:
public async Task Enqueue(string payload)
{
// StartOperation is a helper method that initializes the telemetry item
// and allows correlation of this operation with its parent and children.
var operation = telemetryClient.StartOperation(“enqueue ” + queueName);
operation.Telemetry.Type = “Azure Service Bus”;
operation.Telemetry.Data = “Enqueue ” + queueName;
var message = new BrokeredMessage(payload);
// Service Bus queue allows the property bag to pass along with the message.
// We will use them to pass our correlation identifiers (and other context)
// to the consumer.
message.Properties.Add(“ParentId”, operation.Telemetry.Id);
message.Properties.Add(“RootId”, operation.Telemetry.Context.Operation.Id);
References: https://docs.microsoft.com/en-us/azure/azure-monitor/app/custom-operations-tracking

 

QUESTION 10

HOTSPOT
You are creating a CLI script that creates an Azure web app related services in Azure App Service. The web app uses
the following variables:

microsoft az-204 exam questions q10

You need to automatically deploy code from GitHub to the newly created web app.
How should you complete the script? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

microsoft az-204 exam questions q10-1

Correct Answer:

microsoft az-204 exam questions q10-2

Box 1: az appservice plan create
The azure group creates command successfully returns JSON result. Now we can use resource group to create a azure
app service plan
Box 2: az webapp create
Create a new web app..
Box 3: –plan $webappname
..with the serviceplan we created in step.
Box 4: az webapp deployment
Continuous Delivery with GitHub. Example:
az webapp deployment source config –name firstsamplewebsite1 –resource-group websites–repo-url $gitrepo –branch
master –git-token $token
Box 5: –repo-url $gitrepo –branch master –manual-integration
References:
https://medium.com/@satish1v/devops-your-way-to-azure-web-apps-with-azure-cli-206ed4b3e9b1

 

QUESTION 11

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.
After you answer a question in this question, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
Margie\\’s Travel is an international travel and bookings management service. The company is expanding into
restaurant bookings. You are tasked with implementing Azure Search for the restaurants listed in their solution.
You create the index in Azure Search.
You need to import the restaurant data into the Azure Search service by using the Azure Search .NET SDK.
Solution:
1.
Create a SearchServiceClient object to connect to the search index.
2.
Create a DataContainer that contains the documents which must be added.
3.
Create a DataSource instance and set its Container property to the DataContainer.
4.
Call the Documents.Suggest method of the SearchIndexClient and pass the DataSource. Does the solution meet the
goal?

A. Yes
B. No

Correct Answer: B
Use the following method:
1.
– Create a SearchIndexClient object to connect to the search index
2.
– Create an IndexBatch that contains the documents which must be added.
3.
– Call the Documents.Index method of the SearchIndexClient and pass the IndexBatch.
References: https://docs.microsoft.com/en-us/azure/search/search-howto-dotnet-sdk

 

QUESTION 12

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains
a unique solution that might meet the stated goals. Some question sets might have more than one correct solution,
while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not
appear in the review screen.
You are developing an Azure solution to collect point-of-sale (POS) device data from 2,000 stores located throughout
the world. A single device can produce 2 megabytes (MB) of data every 24 hours. Each store location has one to five
devices that send data.
You must store the device data in Azure Blob storage. Device data must be correlated based on a device identifier.
Additional stores are expected to open in the future.
You need to implement a solution to receive the device data.
Solution: Provision an Azure Notification Hub. Register all devices with the hub.
Does the solution meet the goal?

A. Yes
B. No

Correct Answer: B
Instead use an Azure Service Bus, which is used order processing and financial transactions.
Reference: https://docs.microsoft.com/en-us/azure/event-grid/compare-messaging-services

 

QUESTION 13

DRAG DROP
You are developing a software solution for an autonomous transportation system. The solution uses large data sets and Azure Batch processing to simulate navigation sets for entire fleets of vehicles.
You need to create compute nodes for the solution on Azure Batch.
What should you do?
Put the actions in the correct order.
Select and Place:

microsoft az-204 exam questions q13

Correct Answer:

microsoft az-204 exam questions q13-1

With the Azure CLI:
Step 1: In the Azure CLI, run the command: az batch account create
First we create a batch account.
Step 2: In Azure CLI, run the command: az batch pool create
Now that you have a Batch account, create a sample pool of Linux compute nodes using the az batch pool create
command.
Step 3: In Azure CLI, run the command: az batch job create
Now that you have a pool, create a job to run on it. A Batch job is a logical group for one or more tasks. A job includes
settings common to the tasks, such as priority and the pool to run tasks on. Create a Batch job by using the az batch
job create command.
Step 4: In Azure CLI, run the command: az batch task create
Now use the az batch task create command to create some tasks to run in the job.
References:
https://docs.microsoft.com/en-us/azure/batch/quick-create-cli

Continue to follow to get more free updates…

New 2021 Azure az-204 exam questions from Lead4Pass az-204 Dumps! Welcome to download the newest Lead4Pass az-204 VCE and PDF dumps: https://www.leads4pass.com/az-204.html (335 Q&As)

P.S. Free 2021 Azure az-204 Dumps are available on Google Drive shared by Lead4Pass: https://drive.google.com/file/d/1X4oEpmjyo511Zd7SIA81eE-pvqgBSg5W/