Find a practice exam
Flexible search understands AI-901, ai901, ai 901, 901, ai, network plus, and saa c03.
No matching practice exams yet.
Free AZ-104 practice test
Know why every answer is right or wrong.
What AZ-104 covers: Manage Azure identities and governance (30%) • Deploy and manage Azure compute resources (21%) • Implement and manage storage (19%)
New set every day. Start today's questions before they rotate.
AZ-104
Microsoft Azure Administrator (AZ-104)
What you get immediately
- A real AZ-104 question first, not a wall of copy
- Correct answer plus per-choice explanation
- Source link for follow-up study
- Free daily set, then full-bank Pro when you want more
Which network rule type allows traffic from specific subnets within Azure Virtual Networks?
A. Incorrect: Resource instance rules allow specific Azure resource instances, not whole subnets.
B. Incorrect: IP network rules allow public IP address ranges rather than selected virtual network subnets.
C. Correct: Virtual network rules are the storage firewall rule type that allows selected subnets.
D. Incorrect: Trusted service exceptions allow selected Microsoft services to bypass the firewall, not arbitrary subnets.
Which Azure VM feature lets you run post-deployment configuration tasks like Custom Script or DSC on a virtual machine?
A. Incorrect: Azure Policy evaluates and enforces rules; it does not run per-VM setup tasks.
B. Correct: VM extensions handle post-deployment configuration and software tasks on Azure VMs.
C. Incorrect: NSGs filter network traffic and do not configure the VM guest.
D. Incorrect: Availability sets improve VM resiliency placement, not guest configuration.
Which Azure service provides Layer 4 TCP and UDP load balancing across backend virtual machines?
A. Correct: Azure Load Balancer is the Layer 4 load-balancing service for TCP and UDP traffic.
B. Incorrect: Traffic Manager is a DNS-based traffic distribution service rather than a Layer 4 load balancer.
C. Incorrect: Application Gateway is primarily a Layer 7 web traffic load balancer.
D. Incorrect: Front Door is a global application delivery service rather than a Layer 4 VM load balancer.
You're 3 questions in. Want the full bank?
Unlock the full question set, timed exam mode, practice mode, saved progress, previous tests, and readiness scoring.
125 more questions, timed exam mode, and saved history are waiting in the full unlock.
Pro is active. Use the full bank, Exam mode, and saved box scores when you want deeper review.
Which Azure service should you review when you want recommendations to reduce subscription costs based on resource usage and configuration?
A. Correct: Azure Advisor surfaces cost recommendations for subscriptions and resources.
B. Incorrect: Azure Site Recovery is used for disaster recovery rather than cost optimization recommendations.
C. Incorrect: Azure Bastion provides secure remote access to VMs, not cost recommendations.
D. Incorrect: Azure Container Registry stores container images and does not provide subscription-wide cost guidance.
Which Azure Site Recovery action lets you validate disaster recovery without interrupting the production workload?
A. Correct: Test failover is designed to validate disaster recovery without interrupting production.
B. Incorrect: Planned failover is used when you are intentionally moving the workload and can shut down the source cleanly.
C. Incorrect: Commit is used after a failover succeeds and you are ready to finalize it.
D. Incorrect: Reprotect re-establishes replication after failover and is not the validation step itself.
Which Azure Storage redundancy option replicates data to a secondary region but does not provide read access to that secondary endpoint unless failover occurs?
A. Correct: GRS replicates to a secondary region without exposing read access to that secondary endpoint by default.
B. Incorrect: RA-GRS adds read access to the secondary endpoint.
C. Incorrect: RA-GZRS also includes read access to the secondary endpoint.
D. Incorrect: ZRS keeps replicas within one region rather than using a secondary region.
Which Azure Container Instances feature lets a container access persistent data outside the container's writable layer?
A. Incorrect: Environment variables pass configuration values but do not provide persistent storage.
B. Incorrect: Restart policy controls how the container behaves after exit, not where data is stored.
C. Correct: Volume mounts give the container access to data outside its local writable filesystem.
D. Incorrect: Metrics report usage; they do not make data persistent.
Which default NSG inbound rule allows traffic from resources in the same virtual network?
A. Correct: AllowVNetInBound is the default inbound rule for traffic from the same virtual network.
B. Incorrect: DenyAllInBound blocks remaining inbound traffic after higher-priority allow rules are evaluated.
C. Incorrect: AllowInternetOutBound is an outbound rule, not an inbound virtual network rule.
D. Incorrect: AllowAzureLoadBalancerInBound permits Azure load balancer probe traffic, not general virtual network traffic.
Which Microsoft Entra object should you use to organize users for shared access and app assignment?
A. Incorrect: Management groups organize Azure subscriptions, not Entra users.
B. Correct: Entra groups are the built-in way to organize identities for shared assignments and access control.
C. Incorrect: Resource groups organize Azure resources, not users or devices.
D. Incorrect: Subscriptions are billing and administration boundaries, not identity containers.
What does Azure Monitor bring together to provide a single observability experience for your cloud resources?
A. Incorrect: It focuses on security and operational aspects rather than observability data.
B. Incorrect: It lists resource types instead of the specific data Azure Monitor integrates for monitoring purposes.
C. Correct: It includes metrics, logs, traces, and events which are the core components Azure Monitor uses to provide a unified view of cloud resources.
D. Incorrect: Cost management and governance are separate capabilities and are not the telemetry data types Azure Monitor unifies.
You've reached the free preview.
Go beyond sample questions with the full source-backed bank, objective practice, exam mode, saved progress, and readiness scoring.
135 verified questions are ready behind the full unlock.
Pro is active. Use the full bank, readiness score, and saved exams when you want deeper reps.
Keep studying AZ-104 in the app
You finished the free web set. The app gives you a larger rotating bank, weak-domain drills, readiness tracking, and longer mobile review.
Unlock the full AZ-104 bank.
Get the full source-backed bank, timed exam mode, practice mode, saved progress, previous tests, and readiness scoring for this exam.
You've answered 0/10 free questions today.
Locked: 125 more questions in the full bank.
Locked: exam simulation mode and end-of-exam review.
Today's free set refreshes soon. Upgrade to continue with the full bank.
Unlock this exam, or compare the career path and bundle options when you want a broader guided route.
Build a AZ-104 session
Choose the question count, question set, mode, and timer for your full-bank practice.
Tell dotCreds what you are aiming for.
Set a target once. We will keep the next study action visible before every Pro session.
Answer more questions to start your readiness trend on this browser.
Box scores, domain breakdowns, and full answer explanations for Pro exam attempts on this browser.
7-day score keeper
Answer questions today and this will become a rolling 7-day scorecard.
Keep today’s practice moving
Guest progress saves automatically on this device. Add an email later when you want a magic link that keeps your daily AZ-104 practice in sync across browsers.
Guest progress saves on this device automatically
135 verified questions are currently in the live bank. Questions updated at May 13, 2026, 1:14 AM CDT. The daily set rotates at 10:00 AM local time, and each explanation links back to the source used to write it. Use the web set for quick practice, then switch to the app when available for larger banks and deeper review.
AZ-104 lines up with hands-on Azure administration roles where the day job involves managing identities, compute, storage, networking, and governance.
- Role examples: Azure administrator, cloud operations engineer, systems administrator, and platform support engineer.
- Where it shows up: cloud administration, infrastructure operations, identity management, and platform support.
- On-the-job payoff: you own the day-to-day Azure environment instead of just recommending services.
- Typical next step: It pairs naturally with AZ-305 when you move from administration into architecture decisions.
AZ-104 usually rewards clean service-selection logic, role clarity, and matching the scenario to the right Microsoft capability.
- Current emphasis in this bank: Manage Azure identities and governance (30%).
- A lot of misses happen when the answer sounds like the right Microsoft product family but does not actually fit the workload, admin scope, or governance constraint in the prompt.
- Best official starting point: Microsoft Certified: Azure Administrator Associate.
The fastest path is to turn this exam into a repeatable pattern-recognition loop instead of a one-time cram session.
- Start with the free daily set closed-book so you can see which parts of the cloud and it lane still feel weak.
- Use every explanation as a checkpoint for why the right answer fits the scenario and why the other answer choices do not.
- Open the official Microsoft source when a concept keeps missing so you fix the gap at the source instead of rereading generic notes.
- Use the nearby cert pages when you need broader context around the same job path or technology stack.
The usual misses happen when learners recognize keywords but do not slow down enough to match the scenario to the exact decision the exam is testing.
- Reading for one familiar keyword and skipping the deeper clue that tells you which cloud and it concept actually fits.
- Memorizing isolated terms without checking why the right answer wins over the other answer choices in the same scenario.
- Ignoring the official Microsoft source after a miss and hoping the next question will feel easier on its own.
- Studying this page in isolation when one nearby cert page could clear up the broader pattern much faster.
The fastest path is simple: answer the set, review the reasoning, then use the score history and source links to decide what to hit next.
- Answer the free set first without looking anything up so the score reflects what is actually sticking.
- Read every explanation, especially the wrong answer choices, so the weaker options stop looking plausible next time.
- Open the linked source when a concept feels weak, then come back and repeat the question flow while the wording is fresh.
- Use the 7-day score keeper, related cert links, and comparison pages to decide what to study next instead of guessing.
- Move into the app when you want the full bank, timed reps, readiness tracking, and a steadier mobile study loop.
Use these official Microsoft resources alongside the daily practice set. They cover the provider's own exam page, study guide, or prep material.
Need adjacent Microsoft practice pages too? Microsoft practice hub.
How are AZ-104 questions generated?
dotCreds builds AZ-104 practice questions from Microsoft Learn documentation and product references, with official or primary sources preferred first. The questions are written for realistic study practice, not copied from exam dumps.
How are explanations sourced?
Each question includes a source-backed explanation and a link to the documentation or reference used to validate the answer. If an official page is too broad, dotCreds uses a reputable answer-level reference instead of pretending a generic page proves the answer.
What score do I get?
The page tracks today's answered count and accuracy for the 10-question daily set, then saves a 7-day score history on this device so you can see your recent practice trend.
Why use this site?
The site is the fastest way to start AZ-104 practice without installing anything. It is built for daily recall, quick weak-topic discovery, and source-backed explanations you can review immediately.
Why use the app when available?
The web page is the quick free sampler. If a dotCreds app is available for AZ-104, the app is better for larger banks, focused weak-domain drills, longer review sessions, and mobile study routines.