Top 25 Interview Questions With Answers For AZ-104T00-A

1. What is Microsoft Azure and how does it help businesses?

Microsoft Azure is a cloud computing platform and service offered by Microsoft that provides a wide range of services such as virtual machines, databases, networking, and storage. It allows businesses to build, deploy, and manage applications through Microsoft-managed data centers across the globe. Azure helps organizations reduce capital costs, scale resources as needed, improve availability, and increase business agility. With Azure, companies can avoid the cost of physical infrastructure and only pay for what they use, making it a cost-effective and scalable solution.

2. What are the main types of services provided in Microsoft Azure?

Azure services are typically categorized into the following types:

• IaaS (Infrastructure as a Service): Provides virtual machines, networking, and storage that can be managed and controlled by users.
• PaaS (Platform as a Service): Offers tools and services for developers to build and deploy applications without managing underlying infrastructure.
• SaaS (Software as a Service): Provides fully functional software applications delivered over the internet (e.g., Microsoft 365).
• Serverless Computing: Enables users to run code without managing infrastructure; automatically scales with demand (e.g., Azure Functions).

Each service type helps businesses focus more on development and operations, while Azure manages the backend.

3. What is an Azure Resource Group and why is it important?

An Azure Resource Group is a logical container that holds all the related resources for an Azure solution—such as virtual machines, storage accounts, virtual networks, and databases. It allows administrators to manage and monitor resources collectively rather than individually.

Key benefits include:

• Unified management: Apply permissions, policies, and monitoring at the group level.
• Resource lifecycle control: Resources in the same group can be deployed, updated, and deleted together.
• Cost tracking: Helps in analyzing and controlling spending for specific applications or departments.

By organizing resources logically, Azure Resource Groups improve efficiency, security, and cost management.

4. What is Azure Active Directory (Azure AD) and how is it used in Azure administration?

Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management (IAM) service. It helps employees of an organization sign in and access internal and external resources such as Microsoft 365, the Azure portal, and thousands of SaaS applications. As an Azure administrator, managing user identities, securing access with multi-factor authentication (MFA), and configuring single sign-on (SSO) are some of the core activities involving Azure AD.

5. Explain the concept of Resource Groups in Azure.

In Azure, a Resource Group is a container that holds related resources for an Azure solution. These resources can include virtual machines, storage accounts, virtual networks, and more. Grouping resources allows you to manage and monitor them collectively. It also enables easier role-based access control (RBAC), deployment automation, and cost tracking.

6. What is the difference between Azure Storage Account types: Blob, File, Queue, and Table?

Azure offers different storage types for different use cases. Blob Storage is for storing large unstructured data like images or videos. File Storage provides fully managed file shares in the cloud. Queue Storage is used for message queuing between application components, while Table Storage is a NoSQL key-value store for structured, non-relational data.

7. What are the key responsibilities of an Azure Administrator?

• Managing Azure subscriptions and resources
• Implementing storage solutions (Blob, File, Disk)
• Configuring and managing virtual networks
• Deploying and managing Azure virtual machines
• Monitoring and backing up Azure resources
• Implementing identity solutions with Azure AD

8. What is the use of Azure Monitor and what can it track?

• Collects metrics and logs from Azure services
• Helps in tracking performance and health of resources
• Provides analytics through queries and visual dashboards
• Enables alerts and automation for anomalies
• Integrates with tools like Log Analytics and Application Insights

9. List common tools used for Azure resource management.

• Azure Portal (web UI for management)
• Azure CLI (Command-line interface for scripting tasks)
• PowerShell (Automation and advanced scripting)
• Azure PowerShell Module
• Azure Resource Manager (ARM) templates
• Azure Cloud Shell

10. Compare Azure Virtual Network (VNet) and Azure VPN Gateway.

12. What is Azure Role-Based Access Control (RBAC) and how does it work?

Azure RBAC is a system that provides fine-grained access management for Azure resources. It allows you to assign roles to users, groups, and applications at a specific scope such as a subscription, resource group, or resource level. Each role defines a set of permissions that determine what actions can be performed. For example, the "Reader" role can view resources, but not modify them, while the "Contributor" role can create and manage resources, excluding RBAC management.

13. How does Azure Backup work for VMs and other services?

Azure Backup provides a reliable solution to protect your data without the need for on-prem infrastructure. It can be used to back up virtual machines, SQL databases, files, and folders. The backup data is stored in Recovery Services Vaults, and it offers point-in-time recovery, long-term retention, and encryption. It supports application-consistent backups and automates recovery through Azure policies.

14. List the types of storage redundancy offered in Azure.

• LRS (Locally Redundant Storage) – Replicates data within a single datacenter
• GRS (Geo-Redundant Storage) – Replicates data to a secondary region
• ZRS (Zone-Redundant Storage) – Replicates data across availability zones
• RA-GRS (Read-Access Geo-Redundant Storage) – Same as GRS, with read access to the secondary

15. What are Azure Availability Sets?

• Ensures high availability of VMs
• Distributes VMs across multiple fault and update domains
• Fault domains protect against hardware failures
• Update domains ensure that not all VMs are updated simultaneously
• Recommended for critical workloads that require high uptime

16. Explain Azure Policy and its role in governance.

Azure Policy helps enforce organizational standards and assess compliance across resources. It allows you to create, assign, and manage policies that audit or enforce rules. For example, you can restrict resource creation in specific regions or enforce naming conventions. Azure Policy works in real-time and ensures that future resource deployments comply with defined rules, helping in effective governance.

17. What is the difference between Azure Managed Disks: Standard HDD, Standard SSD, Premium SSD, and Ultra Disk?

18. How do you secure an Azure Storage Account?

• Enable firewall rules and virtual network access
• Use shared access signatures (SAS) for granular access
• Enable Azure Defender for Storage
• Enforce HTTPS-only traffic
• Implement Private Endpoints to access storage over private IP

19. What are the key benefits of using Azure Resource Manager (ARM)?

• Declarative templates for consistent deployments
• Role-based access control (RBAC) integrated at resource level
• Supports tagging for cost and resource management
• Enables dependency mapping in templates
• Consolidated deployment of multiple resources

20. Describe the Azure Virtual Machine Scale Sets (VMSS).

Azure VMSS is a service that lets you deploy and manage a group of identical, load-balanced VMs. With VMSS, you can automatically increase or decrease the number of VM instances based on demand or a defined schedule. It ensures high availability and allows autoscaling for large-scale services, eliminating the need to manage individual VMs manually.

21. What are NSGs and how do they control traffic in Azure?

Network Security Groups (NSGs) act as virtual firewalls for your Azure resources. They contain inbound and outbound security rules that allow or deny traffic based on protocols, ports, and IP addresses. NSGs can be associated with subnets or individual network interfaces. By controlling traffic at multiple levels, NSGs ensure network segmentation and security.

22. What are the different types of Azure Virtual Machines?

• General Purpose (e.g., B, D series): Balanced CPU and memory
• Compute Optimized (F series): High CPU-to-memory ratio
• Memory Optimized (E series): Ideal for memory-intensive apps
• Storage Optimized (L series): High disk throughput
• GPU (NC, ND series): For rendering and AI workloads
• High Performance Compute (H series): Ideal for scientific modeling

23. How can you monitor Azure VMs effectively?

• Use Azure Monitor and Log Analytics
• Enable Diagnostics Settings for performance counters
• Set up Alerts for CPU, memory, and disk thresholds
• Analyze logs via Kusto Query Language (KQL)
• Use Azure Advisor for performance recommendations

24. Explain Azure Cost Management and its capabilities.

Azure Cost Management helps organizations track cloud usage and manage expenses across Azure resources. It provides cost analysis, budgeting, and forecasting features. You can set budgets and receive alerts when spending approaches predefined limits. Azure Cost Management supports cost attribution using tags and provides exportable data for external analysis.

25. What is the difference between Public IP and Private IP in Azure?