Home Guides Blogs Your Exams Certifications

    Exam: AZ-204: Azure Developer Associate

    Total Questions: 364
    Page of

    You have two Hyper-V hosts named Host1 and Host2. Host1 has an Azure virtual machine named VM1 that was deployed by using a custom Azure Resource
    Manager template.
    You need to move VM1 to Host2.
    What should you do?
    A. From the Update management blade, click Enable.
    B. From the Overview blade, move VM1 to a different subscription.
    C. From the Redeploy blade, click Redeploy.
    D. From the Profile blade, modify the usage location.
    Answer : C ✅ Explanation: In this scenario, VM1 is an Azure virtual machine, not a local VM running on your Hyper-V hosts. Azure VMs can't be directly moved between on-premises Hyper-V hosts using native Azure blades unless you export/import the VHD manually or use tools like Azure Site Recovery or backup/restore workflows. However, since the question refers to options within the Azure portal and one of the hosts (Host1) is hosting the Azure VM, it's likely VM1 is linked through nested virtualization or Azure Stack, or perhaps "Host1" is used conceptually for a management context. Let’s review the options: A. From the Update management blade, click Enable This is used to manage OS updates for VMs. It has nothing to do with VM migration or redeployment. B. From the Overview blade, move VM1 to a different subscription This moves the VM to another subscription, not to another host. So it's unrelated to the movement between Host1 and Host2. C. From the Redeploy blade, click Redeploy Redeploying a VM in Azure moves it to a new Azure host while keeping all configuration (OS, data disks, IPs, etc.). This is used to fix underlying Azure infrastructure issues. So this is the only correct option that moves the VM from one Azure host to another. D. From the Profile blade, modify the usage location Usage location affects billing and licensing, not physical or logical host placement.

    You have downloaded an Azure Resource Manager template to deploy numerous virtual machines. The template is based on a current virtual machine, but must be adapted to reference an administrative password. You need to make sure that the password is not stored in plain text.
    You are preparing to create the necessary components to achieve your goal.
    Which of the following should you create to achieve your goal? Answer by dragging the correct option from the list to the answer area.
    Select and Place:
    Question image
    Answer :
    Answer image

    Your company has an Azure Kubernetes Service (AKS) cluster that you manage from an Azure AD-joined device. The cluster is located in a resource group.
    Developers have created an application named MyApp. MyApp was packaged into a container image.
    You need to deploy the YAML manifest file for the application.
    Solution: You install the Azure CLI on the device and run the kubectl apply `"f myapp.yaml command.
    Does this meet the goal?
    A. Yes
    B. No
    Answer : A ✅ Explanation: -The command kubectl apply -f myapp.yaml is the correct syntax to deploy a YAML manifest file to a Kubernetes cluster. -However, the solution as stated is incomplete, because it only installs the Azure CLI and tries to run kubectl without the necessary context and authentication setup. Here’s what’s missing or incorrect: -Missing kubectl installation/configuration: -The solution only mentions installing Azure CLI, but kubectl must also be installed separately or via the Azure CLI using az aks install-cli. -Missing AKS cluster authentication: Before you can run kubectl apply, you must configure access to the AKS cluster using: bash Copy Edit az aks get-credentials --resource-group <YourResourceGroup> --name <YourAKSClusterName> This command sets up the local kubeconfig to authenticate and connect to the AKS cluster. 🛠️ Correct steps to meet the goal: Install Azure CLI -Install kubectl (az aks install-cli or directly) Run: bash Copy Edit -az aks get-credentials --resource-group <ResourceGroupName> --name <AKSClusterName> kubectl apply -f myapp.yaml

    Your company has an Azure Kubernetes Service (AKS) cluster that you manage from an Azure AD-joined device. The cluster is located in a resource group.
    Developers have created an application named MyApp. MyApp was packaged into a container image.
    You need to deploy the YAML manifest file for the application.
    Solution: You install the docker client on the device and run the docker run -it microsoft/azure-cli:0.10.17 command.
    Does this meet the goal?
    A. Yes
    B. No
    Answer : B ✅ Explanation: -The goal is to deploy a YAML manifest file to an Azure Kubernetes Service (AKS) cluster. -The proposed solution: bash Copy Edit docker run -it microsoft/azure-cli:0.10.17 launches a Docker container running an old version of the Azure CLI — but: -It does not actually deploy anything. -It does not use kubectl or reference the myapp.yaml file. -It provides no access or configuration to connect to your AKS cluster. -It's using a very outdated CLI image (0.10.17) — the current CLI versions are 2.x+. -So, although this command might give you a shell inside a container that has the Azure CLI, it does not meet the goal of deploying MyApp to AKS.

    Your company has a web app named WebApp1.
    You use the WebJobs SDK to design a triggered App Service background task that automatically invokes a function in the code every time new data is received in a queue. You are preparing to configure the service processes a queue data item.
    Which of the following is the service you should use?
    A. Logic Apps
    B. WebJobs
    C. Flow
    D. Functions
    Answer : B ✅ Explanation: -You are already using the WebJobs SDK, and the task is to automatically trigger a function when a new queue item arrives. This setup directly matches the capabilities of Azure WebJobs, which: -Are designed to run background tasks in an App Service. -Can be triggered by Azure Queue Storage messages, timers, blobs, etc. -Use the WebJobs SDK to simplify binding to queue messages and other inputs/outputs. -Let’s quickly evaluate the other options: A. Logic Apps – These are used for building automated workflows with a GUI, and while they can respond to queues, they are not related to WebJobs SDK or code-based solutions. C. Flow – This is an older name for Power Automate, a low-code/no-code automation platform, not suitable for WebJobs SDK-based code tasks. D. Functions – Azure Functions also use the WebJobs SDK internally, and they can be triggered by queue messages too. However, in your scenario, you specifically mentioned App Service background tasks and WebJobs SDK, so WebJobs is the most appropriate answer here.

    Your company has an Azure subscription.
    You need to deploy a number of Azure virtual machines to the subscription by using Azure Resource Manager (ARM) templates. The virtual machines will be included in a single availability set. You need to ensure that the ARM template allows for as many virtual machines as possible to remain accessible in the event of fabric failure or maintenance.
    Which of the following is the value that you should configure for the platformFaultDomainCount property?
    A. 10
    B. 30
    C. Min Value
    D. Max Value
    Answer : D ✅ Explanation: -The platformFaultDomainCount is a property used in Azure Resource Manager (ARM) templates when defining an availability set. It determines the number of fault domains — essentially, physical racks in ---Azure data centers — across which Azure distributes your virtual machines (VMs). -Why choose D. Max Value? To ensure maximum availability during hardware failures or maintenance, you should maximize the number of fault domains so that VMs are spread across as many fault domains as Azure supports in that region. -More fault domains = better fault tolerance. -Azure typically allows up to 3 fault domains in most regions (though this can vary). -Setting platformFaultDomainCount to the maximum supported value allows ARM to distribute the VMs in a way that minimizes impact from any single hardware failure. Let's break down the options: A. 10 / B. 30 — Invalid values. Azure doesn't support 10 or 30 fault domains. Typically, the maximum is 3. C. Min Value — Setting the minimum (e.g., 1 or 2) reduces fault tolerance, which is not what we want. D. Max Value — Ensures maximum resilience, which is exactly the goal in this case.

    Your company has an Azure subscription.
    You need to deploy a number of Azure virtual machines to the subscription by using Azure Resource Manager (ARM) templates. The virtual machines will be included in a single availability set. You need to ensure that the ARM template allows for as many virtual machines as possible to remain accessible in the event of fabric failure or maintenance.
    Which of the following is the value that you should configure for the platformUpdateDomainCount property?
    A. 10
    B. 20
    C. 30
    D. 40
    Answer : D ✅ Explanation: -When deploying Azure Virtual Machines in an Availability Set using an Azure Resource Manager (ARM) template, the platformUpdateDomainCount property defines how many update domains the availability set will use. -What is an Update Domain? -An update domain is a logical group of hardware that can undergo maintenance or be rebooted independently. -Azure sequentially updates one update domain at a time during planned maintenance. -Spreading VMs across multiple update domains ensures that not all VMs go down during an update.

    You are creating an Azure Cosmos DB account that makes use of the SQL API. Data will be added to the account every day by a web application.
    You need to ensure that an email notification is sent when information is received from IoT devices, and that compute cost is reduced.
    You decide to deploy a function app.
    Which of the following should you configure the function app to use? Answer by dragging the correct options from the list to the answer area.
    Select and Place:
    Question image
    Answer :
    Answer image

    This question requires that you evaluate the underlined text to determine if it is correct.
    You company has an on-premises deployment of MongoDB, and an Azure Cosmos DB account that makes use of the MongoDB API.
    You need to devise a strategy to migrate MongoDB to the Azure Cosmos DB account.
    You include the Data Management Gateway tool in your migration strategy.
    Instructions: Review the underlined text. If it makes the statement correct, select `No change required.` If the statement is incorrect, select the answer choice that makes the statement correct.
    A. No change required
    B. mongorestore
    C. Azure Storage Explorer
    D. AzCopy
    Answer : B ✅ Explanation: -The underlined text suggests using the Data Management Gateway to migrate from on-premises MongoDB to Azure Cosmos DB using the MongoDB API. -Why is this incorrect? -The Data Management Gateway is a legacy tool primarily used with Azure Data Factory (ADF) V1 for connecting on-prem data sources to cloud pipelines. -It is not used for MongoDB migrations. -Azure Data Factory does support MongoDB, but it uses integration runtimes, not the Data --- -Management Gateway specifically, and even that is not the most direct tool for this use case. ✅ Correct Tool: B. mongorestore -When migrating MongoDB data (on-premises) to Azure Cosmos DB (using the MongoDB API), a common and supported method is: -Use mongodump to export data from the source MongoDB. -Use mongorestore to import it into the Cosmos DB instance. -These tools are native to MongoDB and fully compatible with Cosmos DB’s MongoDB API. Other Options: C. Azure Storage Explorer – Used to manage data in Azure Blob Storage, not suitable for MongoDB migration. D. AzCopy – Also used for copying Blobs or Files, not relevant to MongoDB or Cosmos DB.

    You are developing an e-Commerce Web App.
    You want to use Azure Key Vault to ensure that sign-ins to the e-Commerce Web App are secured by using Azure App Service authentication and Azure Active
    Directory (AAD).
    What should you do on the e-Commerce Web App?
    A. Run the az keyvault secret command.
    B. Enable Azure AD Connect.
    C. Enable Managed Service Identity (MSI).
    D. Create an Azure AD service principal.
    Answer : C ✅ Explanation: -To securely access secrets from Azure Key Vault in your e-Commerce Web App, and authenticate using Azure Active Directory (AAD) without embedding credentials in code, you should: -Enable Managed Service Identity (MSI) — now known as Managed Identity. -Why C. Enable Managed Service Identity (MSI) is correct: -Managed Identity allows your App Service (i.e., the e-Commerce Web App) to authenticate to Azure services like Key Vault using Azure AD, without needing client secrets or certificates. -Once enabled, your app can request secrets from Azure Key Vault with no credentials stored in code. -It works seamlessly with Azure App Service and is the recommended approach for secure secret access. -Let’s review the other options: A. Run the az keyvault secret command This command manages secrets manually via CLI, not relevant to configuring authentication between App Service and Key Vault. B. Enable Azure AD Connect Azure AD Connect is used to sync on-prem AD with Azure AD — not needed in this cloud-native scenario. D. Create an Azure AD service principal While service principals are one way to authenticate apps, Managed Identity is the preferred and more secure option when supported (which App Service supports).
    Back View All Questions