AZ-104 Interview Questions
The Microsoft Azure Administrator Associate (AZ-104) exam assesses and confirms your Azure Administrator skills. Candidates who plan to take the AZ-104 exam should be familiar with key Azure services, workloads, security, and governance. The Microsoft Certified: Azure Administrator Associate AZ-104 Exam is part of a role-based restructuring module of Microsoft certifications, and Azure Administrators’ primary responsibility is to implement, monitor, and maintain Microsoft Azure solutions, including major computing, storage, network, and security services.
Below are some of the top AZ-104 interview questions. Practice and Prepare with these and clear your interview successfully with flying colors.
Interview Questions- AZ 104
What is Azure and what are its main components?
Azure is a cloud computing platform provided by Microsoft. Its main components include compute, storage, networking, database, and security services. These services can be used to build, deploy, and manage various types of applications and workloads in the cloud.
What is Azure Resource Manager (ARM) and how does it differ from classic deployment model?
Azure Resource Manager (ARM) is a deployment model in Azure that enables you to manage resources as a group, known as a resource group. ARM allows you to deploy, update, and delete resources in a coordinated and predictable manner, whereas the classic deployment model is an older deployment model in Azure that does not have these capabilities.
What is a virtual network in Azure and what are its main components?
A virtual network in Azure is a representation of a network in the cloud. Its main components include subnets, network security groups, routes, and virtual network gateways. A virtual network enables you to create a secure and isolated network environment in the cloud to host your virtual machines and other resources.
What is Azure Active Directory (AD) and what are its main features?
Azure Active Directory (AD) is a cloud-based directory and identity management service provided by Microsoft. Its main features include user and group management, single sign-on (SSO), multi-factor authentication (MFA), and identity protection. Azure AD enables you to manage and secure your users, devices, and applications in the cloud.
What is the difference between an Azure storage account and an Azure file share?
An Azure storage account is a cloud-based storage solution that provides scalable and durable storage for various types of data, such as blobs, tables, queues, and files. Further, an Azure file share is a network file share that is hosted in Azure and is accessible via the Server Message Block (SMB) protocol. An Azure file share is stored in an Azure storage account, but it is a separate service from other storage services in the same account.
How can you secure data in Azure storage accounts?
You can secure data in Azure storage accounts by using encryption, access control, and monitoring. You can encrypt data at rest using Azure Storage Service Encryption (SSE) or client-side encryption. Also, you can control access to data using shared access signatures (SAS) or Azure Active Directory (AD) authentication. You can monitor access to data using Azure Storage Analytics.
These are some common interview questions and answers for the Microsoft Azure Administrator Associate (AZ-104) certification. It is always recommended to study the official Microsoft Azure documentation and practice hands-on labs to fully prepare for the certification exam.
How can you configure and manage storage in Azure?
To configure and manage storage in Azure, you can follow these steps:
- Create a storage account: A storage account is a logical container for storing data in Azure. You can create a storage account using the Azure portal, Azure CLI, or Azure Powershell.
- Choose a storage account type: Azure offers two types of storage accounts: Blob storage and File storage. You should choose a storage account type based on your specific data and performance requirements.
- Set up data replication: Azure provides multiple options for replicating data across multiple regions, such as Geo-redundant storage and Zone-redundant storage. This will help you to protect your data against data loss or unavailability due to a disaster or other service disruption.
- Manage access to storage: You can use Azure Active Directory (AD) to manage access to storage, and also configure Role-based Access Control (RBAC) to provide fine-grained control over access to your storage accounts and data.
- Monitor storage performance and usage: Azure provides various tools and services, such as Azure Monitor and Azure Log Analytics, to help you monitor performance and usage of your storage accounts, and ensure that you are using the most cost-effective storage solutions.
- Scale storage as needed: Azure provides the ability to scale storage up or down as needed, based on changes in your data and performance requirements.
By following these steps, you can effectively configure and manage storage in Azure, and ensure that your data is secure, available, and performant.
Can you describe the process of deploying and managing virtual machines in Azure?
Here’s the process of deploying and managing virtual machines in Azure:
- Plan your virtual machine: Before deploying a virtual machine, you should plan the size and configuration of the virtual machine, as well as the storage, network, and security requirements for your workload.
- Create a virtual machine: You can create a virtual machine using the Azure portal, Azure CLI, or Azure Powershell. During the creation process, you will need to specify the operating system, size, and storage options for your virtual machine.
- Configure network settings: You will need to configure network settings for your virtual machine, including assigning a virtual IP address, creating a network security group, and configuring inbound and outbound firewall rules.
- Manage access to the virtual machine: You can manage access to the virtual machine using Azure Active Directory (AD) or by creating and managing a custom username and password.
- Monitor performance and usage: Azure provides tools such as Azure Monitor and Azure Log Analytics to help you monitor the performance and usage of your virtual machine, and identify any potential performance or resource utilization issues.
- Scale the virtual machine: Azure provides the ability to scale up or down the size of a virtual machine, based on changes in your workload or performance requirements.
- Update and maintain the virtual machine: You should regularly update and maintain the virtual machine, including applying security updates, patches, and configuration changes, to keep it secure and running optimally.
By following these steps, you can effectively deploy and manage virtual machines in Azure, and ensure that your workloads are highly available, scalable, and secure.
What is Azure Backup and how does it work?
Azure Backup is a cloud-based backup solution provided by Microsoft Azure. It helps you protect your data and applications by creating backups and storing them in the Azure cloud. Here’s how it works:
- Data backup: Azure Backup can be used to backup various types of data, including on-premises servers, virtual machines in Azure, and files and folders from various sources.
- Backup schedule: You can set a backup schedule for your data, specifying how often backups should be taken, and for how long the backup data should be retained.
- Backup storage: The backup data is stored in the Azure cloud, in a secure and encrypted form. You can choose to store the backup data in a dedicated Azure Backup Vault, or in a Recovery Services Vault.
- Backup retrieval: If you need to restore data from a backup, you can easily retrieve the data from the Azure Backup Vault. You can restore the data to its original location, or to a new location, and you can choose to restore the entire backup, or just specific files and folders.
- Management and monitoring: Azure Backup provides a centralized management console, where you can view and manage all your backups, set backup policies, and monitor the status of backups.
By using Azure Backup, you can ensure that your data and applications are protected against data loss, and you can quickly restore data in the event of a disaster or data loss scenario. Azure Backup provides a secure and scalable backup solution, with the added benefit of being fully managed by Microsoft Azure.
Can you discuss the different types of disaster recovery solutions available in Azure?
Azure provides several disaster recovery solutions to help organizations protect their applications and data in the event of a disaster. Here are some of the most commonly used disaster recovery solutions in Azure:
- Azure Site Recovery (ASR): ASR is a disaster recovery solution that helps you replicate and recover your on-premises and Azure virtual machines (VMs) in the event of a disaster. It provides a streamlined process for replicating VMs to Azure, and enables you to test and perform disaster recovery drills without affecting production workloads.
- Azure Backup: Azure Backup is a cloud-based backup solution that helps you protect your data and applications by creating backups and storing them in the Azure cloud. You can use Azure Backup to protect your on-premises servers, Azure VMs, and other workloads.
- Azure Storage Replication: Azure Storage Replication is a feature of Azure storage that provides options for replicating data within the same region, or between regions, to protect against data loss in the event of a disaster.
- Azure SQL Database Geo-Replication: Azure SQL Database Geo-Replication is a disaster recovery solution that provides asynchronous replication of data between two or more Azure SQL Database instances in different regions.
- Azure ExpressRoute Disaster Recovery (DR): Azure ExpressRoute DR provides a secondary ExpressRoute connection to a disaster recovery site, enabling you to protect your workloads in the event of a disaster or network outage.
These are just a few of the disaster recovery solutions available in Azure. Organizations can choose the solution that best fits their specific requirements, and can use a combination of solutions to create a comprehensive disaster recovery strategy.
What is Microsoft Azure?
Azure is a cloud computing platform that was launched by Microsoft in Feb 2010. It’s a cloud platform that helps in development, data storage, service hosting, and management.
What is Cloud Computing?
The term “cloud computing” refers to the process of storing and accessing data over the internet. However, it does not save any data on your computer’s hard drive and only allows you to retrieve data from a remote server.
Explain the Importance of the role and how many types of roles are available in Windows Azure?
Roles are a very important concept in Windows Azure, and learning them is the base for further programming. Three types of roles in Windows Azure are:
- Web Role: It deploys a website by using langue that has support of the IIS platform for running the web apps.
- Worker Role: It helps you to execute the process that runs in the background by
- VM Role: It helps you to schedule the windows services and task.
Explain command task in Microsoft Azure
When the system is running, a command task is an operational window that starts the flow of one or more common whiles.
What are unconnected lookups?
The input ins taken by the LKP procedure are unconnectedly looked up. User-defined values are ignored in unconnected lookups in this type of lookup procedure.
Explain Cmdlet command of Microsoft Azure
A cmdlet is a command that can be used in the Microsoft PowerShell environment. Windows PowerShell uses the cmdlet to automate programs that run from the command line.
What is the use of the Migration Assistant tool in Azure Websites?
You can use the Migration Assistant programme to analyse your IIS installation. It assists you in determining which sites can move to the cloud. It also includes components that does not move or do not have support on the Azure platform.
What is Network virtual appliance?
Network virtual appliances or NVAs are virtual machines that control the flow of network traffic by controlling routing. A WAN optimizer, application-delivery controllers, routers, load balancers, proxies, and an SD-WAN edge are common components of an NVA. They commonly control traffic flowing from a perimeter network to other networks or subnets.
When to choose Virtual Network Peering?
Network communication between services in various virtual networks can be made possible by virtual network peering. When you need to integrate Azure virtual networks, virtual network peering should be your first choice because it’s simple to set up and deploy, and it works across regions and subscriptions.
What are alias record?
Azure alias records enable a zone apex domain to reference other Azure resources from the DNS zone. You don’t need to create complex redirection policies and an alias can also route all traffic through Traffic Manager.
The Azure alias record can point to the following Azure resources:
- A Traffic Manager profile
- Azure Content Delivery Network endpoints
- A public IP resource
- A front door profile
What is Azure DNS
Using a globally distributed name server architecture, Azure DNS allows you to host and administer your domains. Using your existing Azure credentials, you may manage all of your domains. Azure DNS serves as the domain’s SOA. However, you cannot register a domain name using Azure DNS. To register your domain, you’ll need to go through a third-party registrar.
How do you connect Virtual Network?
Virtual network peering is a technique for connecting virtual networks. Peering allows virtual network resources to communicate with one another. These virtual networks can be in different zones, allowing you to use Azure to build a global interconnected network.
I have some private servers on my premises, also I have distributed some of my workloads on the public cloud, what is this architecture called?
This type of architecture would be a hybrid cloud because we are using both, the public cloud, and on-premises servers i.e the private cloud.
What are the three main components of the Windows Azure platform?
Three most important components of the Windows Azure platform are:
- Compute
- Storage
- AppFabric
What is an Availability Set?
An availability set is a logical grouping of virtual machines that helps Azure understand how your application can constructed for redundancy and availability. When using Azure Premium Storage with a single VM, the Azure SLA applies to unscheduled maintenance events. To provide a highly available application and to achieve the 99.95 percent Azure SLA, it is suggested that two or more VMs be established inside an availability set.
What are Fault Domains and Update Domains?
- A fault domain, like a rack in an on-premise data centre, is a logical grouping of the underlying hardware that shares a common power source and network switch. The Azure platform distributes your VMs among various fault domains as you construct them inside an availability set. This method reduces the impact of physical hardware failures, network outages, and power outages.
- An update domain is a logical collection of the underlying hardware that can offer service or reboot at the same time. The Azure platform distributes your VMs among various update domains as you build VMs inside an availability set. As the Azure platform undergoes periodic maintenance, this strategy ensures that at least one instance of your application is always running, but only one update domain restarts at a time.
What is autoscaling in Azure?
Auto-scaling is a method of automatically increasing or decreasing the number of computer resources allocated to your program based on its current needs. The important aspect is that you can now create a scalable architecture that can automatically scale up or down to meet your demands over the lifespan of your setup, regardless of how fast or slow your site grows.
Here are the most popular ways of autoscaling:
- Horizontal Scaling
- Vertical Scaling
What happens when you exhaust the maximum failed attempts for authenticating yourself via Azure AD?
To lock accounts, we employ a more advanced technique. This is determined by the request’s IP address and the passwords submitted. The length of the lockout is also determined by the likelihood of an attack.
What is the difference between Service Bus Queues and Storage Queues?
- The Azure Storage Queue is easy to use and has a nice developer experience. It makes use of the local Azure Storage Emulator, which makes debugging a breeze. You can quickly peek at the top 32 messages using the Azure Storage Queues tools, and if the messages are in XML or JSON, you can visualise their contents right from Visual Studio. Furthermore, the contents of these queues can cleanse, which is particularly valuable during development and quality assurance operations.
- The Azure Service Bus Queues, on the other hand, have a number of beneficial processes that make them enterprise-worthy! They’re part of the Service Bus and can pass messages through to other Queues and Topics. They feature a built-in dead-letter queue, and messages have a time limit that you choose, so messages don’t vanish after seven days.
My web app still uses an old Docker container image after I’ve updated the image on Docker Hub. Does Azure support continuous integration/deployment of custom containers?
It certainly does. You can update the container for private registries by stopping and restarting your web app. You can also force an update of your container by changing or adding a mock application option.
What are the three types of RBAC controls in Microsoft Azure?
The three different types of roles are :
- Owner: It has full access to all resources including the right to delegate access to others.
- Contributor: It can create and manage all types of Azure resources but can’t grant access to others.
- Reader: It can view existing Azure resources.
What should you do if your Azure Virtual Machine encounters issues caused by user configurations or host infrastructure?
You can try to move the virtual machine to a different host using Virtual Machine – Redeploy blade
What are the steps to move an Azure Virtual Machine from one virtual network to another virtual network?
- Delete a virtual machine in VNET1
- Create a virtual machine in VNET2
- Attach an existing disk to the newly created VM
Define Windows Azure AppFabric.
You can use Windows Azure Diagnostics to collect diagnostic data from a Windows Azure application and use it for capacity planning and evaluation. Windows Azure AppFabric is the name of the procedure.
What is the distinction between Windows Azure Queues and Windows Azure Service Bus Queues?
Azure Queues are responsible for solid and particular messaging between and within the services. They emphasize on a very straightforward rest-based get/put/peek interface as well. Bus Queues are for a more extensive Windows Azure messaging framework to support queuing.