ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-104 All Questions

View all questions & answers for the AZ-104 exam
Go to Exam

Exam AZ-104 topic 4 question 30 discussion

Actual exam question from Microsoft's AZ-104
Question #: 30
Topic #: 4
[All AZ-104 Questions]

You have an Azure subscription named Subscription1 that has the following providers registered:
✑ Authorization
✑ Automation
✑ Resources
✑ Compute
✑ KeyVault
✑ Network
✑ Storage
✑ Billing
✑ Web
Subscription1 contains an Azure virtual machine named VM1 that has the following configurations:
✑ Private IP address: 10.0.0.4 (dynamic)
✑ Network security group (NSG): NSG1
✑ Public IP address: None
✑ Availability set: AVSet
✑ Subnet: 10.0.0.0/24
✑ Managed disks: No
✑ Location: East US
You need to record all the successful and failed connection attempts to VM1.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Enable Azure Network Watcher in the East US Azure region.
  • B. Add an Azure Network Watcher connection monitor.
  • C. Register the MicrosoftLogAnalytics provider.
  • D. Create an Azure Storage account.
  • E. Register the Microsoft.Insights resource provider.
  • F. Enable Azure Network Watcher flow logs.
Show Suggested Answer Hide Answer
Suggested Answer: DEF 🗳️
by olsenOnS at Dec. 10, 2021, 12:49 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
HenriKI2
Highly Voted 3 years, 1 month ago
Selected Answer: DEF
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview When you create or update a virtual network in your subscription, Network Watcher will be enabled automatically in your Virtual Network's region. There is no impact to your resources or associated charge for automatically enabling Network Watcher. For more information, see Network Watcher create. https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-portal Create a VM with a network security group Enable Network Watcher (done by default with the vnet/subnet creation) -- and register the Microsoft.Insights provider ---------todo Enable a traffic flow log for an NSG, using Network Watcher's NSG flow log capability --todo BUT ! NSG flow log data is written to an Azure Storage account. Complete the following steps to create a storage account for the log data. So you need to create a storage account before enable the NSG flow Download logged data View logged data
upvoted 81 times
cnduknthm
2 years, 4 months ago
you are right but in this scenario, there is no mention of Virtual Network creation or updation. It just said the subscription contains Network Provider registered but not VNET created or updated. So, in that Network Watcher is yet to be enabled correct?
upvoted 2 times
Marz
2 years, 2 months ago
It is mentioned that a VM is already created. You cannot create a VM when there is nog VNET. So my conclusion is that the VNET is there, and so Network Watcher already enabled. leaves DEF for answer.
upvoted 9 times
...
...
holytoni
1 year, 10 months ago
I think its AEF. As the machine has an unmanaged disk, therefore a storage account should already be there.
upvoted 2 times
...
_punky_
3 years, 1 month ago
Checked! This ans is correct.
upvoted 5 times
...
...
jackAttew_1
Highly Voted 3 years, 2 months ago
Answer is correct so AEF. 1.Create a VM with a network security group 2.Enable Network Watcher and register the Microsoft.Insights provider 3.Enable a traffic flow log for an NSG, using Network Watcher's NSG flow log capability 4.Download logged data 5.View logged data https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-portal
upvoted 36 times
yeanlingmedal71
2 years, 10 months ago
D, E, F - options are changed
upvoted 5 times
...
...
Bravo_Dravel
Most Recent 1 month ago
Selected Answer: DEF
Correct
upvoted 1 times
...
ozansenturk
1 month, 2 weeks ago
Selected Answer: DEF
An Azure account with an active subscription. Create an account for free. Insights provider. For more information, see Register Insights provider. A network security group. If you need to create a network security group, see Create, change, or delete a network security group. An Azure storage account. If you need to create a storage account, see Create a storage account using the Azure portal. https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-portal
upvoted 1 times
...
sca88
3 months, 1 week ago
Selected Answer: DEF
https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-overview
upvoted 1 times
...
[Removed]
5 months, 1 week ago
To record all successful and failed connection attempts to VM1, you would need to utilize Azure Network Watcher, specifically enabling flow logs, which provide detailed information about the traffic to and from your virtual machines. Here’s what you should do: A. Enable Azure Network Watcher in the East US Azure region. This is necessary to use the features of Azure Network Watcher, including flow logs. F. Enable Azure Network Watcher flow logs. Flow logs will capture the connection attempts to and from the VM, providing the information you need about successful and failed connections. E. Register the Microsoft.Insights resource provider. This provider needs to be registered to enable diagnostics and monitoring features, which includes the functionality for flow logs. Correct answers: A. Enable Azure Network Watcher in the East US Azure region. F. Enable Azure Network Watcher flow logs. E. Register the Microsoft.Insights resource provider.
upvoted 2 times
...
[Removed]
5 months, 4 weeks ago
Selected Answer: DEF
DEF are correct
upvoted 1 times
...
adilkhan
8 months, 2 weeks ago
AEF is correct
upvoted 1 times
...
23169fd
9 months, 1 week ago
Correct Answer D, E,F. A is not correct because it is automatically enabled. Option E will include Azure monitor and Log Analytucs. Option D will ensure the logs are stored. Option F for capture traffic.
upvoted 2 times
...
23169fd
9 months, 1 week ago
Correct answer: A E F
upvoted 1 times
...
tashakori
11 months, 2 weeks ago
A, E and F is correct
upvoted 1 times
...
Wojer
1 year ago
https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-tutorial
upvoted 1 times
...
ITpower
1 year ago
the answer for this ABF not AEF and not DEF cuz option E: is used for the monitoring the subscription i mean option E is a step to enable Azure Monitor, which is a comprehensive solution for collecting, analyzing, and acting on telemetry from Azure resources. in our case is the network connection flow. Already tested
upvoted 1 times
...
jeru81
1 year ago
Selected Answer: AEF
You have an Azure subscription named Subscription1 that has the following providers registered: STORAGE Why D?
upvoted 3 times
58b2872
1 month, 2 weeks ago
The one mentioned in the question is not STORAGE ACCOUNT for logs....
upvoted 1 times
...
...
MatAlves
1 year, 1 month ago
Answer = EDF (in this order) Full list of steps: 1. Create a virtual network = already exist (can't create VM without it) 2. Create a virtual machine with a network security group associated to its network interface (already exist) 3. Register Microsoft.insights provider 5. Create a storage account 6. Enable flow logging for a network security group using Network Watcher flow logs 7. Download logged data 8. View logged data https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-tutorial
upvoted 5 times
...
clg003
1 year, 4 months ago
Selected Answer: DEF
"By default, Network Watcher is automatically enabled." The only reason you would have to enable it is if you had disabled it. So A is not the answer. The question states you need to record the data and since there are no disks on the VM you must create storage. Network security group flow logging is a feature of Azure Network Watcher that allows you to log information about IP traffic flowing through a network security group. First step of flow logging is registering insights. Register-AzResourceProvider -ProviderNamespace 'Microsoft.Insights'
upvoted 8 times
...
ajdann
1 year, 4 months ago
Selected Answer: AEF
https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-tutorial
upvoted 1 times
ajdann
1 year, 4 months ago
DEF******
upvoted 2 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago