Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsAZ-204Exam Questions

Microsoft · Free Practice Questions · Last reviewed May 2026

AZ-204 Exam Questions and Answers

30real exam-style questions organised by domain, each with the correct answer highlighted and a plain-English explanation of why it's right — and why the others are wrong.

50 exam questions
100 min time limit
Pass: 700/1000 / 1000
5 exam domains
OverviewDomain BlueprintStudy GuideAll QuestionsSample by Domain
1. Develop Azure compute solutions2. Develop for Azure storage3. Implement Azure security4. Connect to and consume Azure services and third-party services5. Monitor, troubleshoot, and optimize Azure solutions
1

Domain 1: Develop Azure compute solutions

All Develop Azure compute solutions questions
Q1
mediumFull explanation →

You are implementing an Azure Durable Functions application that processes orders. The function must call three external APIs (payment gateway, inventory system, and shipping calculator) in parallel, then aggregate the results once all three have completed. Which Durable Functions pattern should you use?

A

Function chaining

B

Fan-out/Fan-in

Fan-out calls multiple activity functions in parallel, and fan-in waits for all to complete before aggregating results.

C

Monitor

D

Human interaction

Why: The Fan-out/Fan-in pattern is designed exactly for this scenario: it triggers multiple function tasks in parallel (fan-out) and then aggregates their results once all complete (fan-in). In Durable Functions, this is implemented using `CallActivityAsync` in a loop with `Task.WhenAll` to wait for all parallel activities to finish, allowing the orchestrator to collect and process the combined results.
Q2
easyFull explanation →

A company uses Azure Functions with a consumption plan. The function processes messages from a queue. During peak hours, the function takes longer to execute, and some messages are processed twice. What is the most likely cause?

A

The function timeout is set too low.

B

The queue message visibility timeout is shorter than the function processing time.

Correct. If the visibility timeout expires, the message becomes visible again and can be processed by another instance, resulting in duplicates.

C

The function uses blob output binding incorrectly.

D

The function app is using a premium plan instead of consumption.

Why: In Azure Functions with a consumption plan, the queue message visibility timeout determines how long a message is invisible to other consumers after being dequeued. If the function's processing time exceeds this visibility timeout, the message becomes visible again and can be picked up by another function instance, leading to duplicate processing. This is the most likely cause of messages being processed twice during peak hours when execution times increase.
Q3
mediumFull explanation →

You are deploying a Node.js application to Azure Web Apps for Containers. The application needs to read configuration settings from Azure App Configuration. What is the recommended method to securely connect the app to the configuration store?

A

Store connection string in environment variables.

B

Use Key Vault references in App Settings.

C

Use managed identity.

Correct. Managed identity provides secure authentication without secrets.

D

Hardcode the connection string.

Why: Option C is correct because using a managed identity allows the Node.js application running in Azure Web Apps for Containers to authenticate to Azure App Configuration without storing any secrets. Managed identities provide an automatically managed service principal in Azure AD, enabling secure, code-free access to the configuration store via Azure AD authentication, which is the recommended approach for production workloads.
Q4
mediumFull explanation →

You are implementing an order processing system using Azure Durable Functions. The function must send notifications to multiple channels (email, SMS, push) in parallel and wait for all to complete before sending a confirmation. Which Durable Functions feature should you utilize?

A

Orchestration trigger with fan-out/fan-in pattern

Correct. The orchestrator can call multiple activity functions in parallel using Task.WhenAll, then aggregate results before proceeding.

B

Entity trigger

C

Activity trigger with retry policy

D

Timer trigger

Why: The fan-out/fan-in pattern in Durable Functions allows you to invoke multiple activity functions in parallel (fan-out) and then wait for all of them to complete (fan-in) using `Task.WhenAll`. This is exactly what is needed to send notifications to email, SMS, and push simultaneously and then proceed only after all have finished, making option A correct.
Q5
mediumFull explanation →

You are deploying a sensitive configuration to Azure Container Instances. The configuration must be encrypted at rest and not visible in the container logs. What should you use?

A

Environment variables in the container group

B

Azure Key Vault with managed identity and secret volumes

Correct. This approach ensures secrets are encrypted in Key Vault, mounted as volumes, and not exposed in logs.

C

Azure Files volume mounted into the container

D

ConfigMap in a Kubernetes cluster

Why: Azure Key Vault with managed identity and secret volumes is the correct choice because it allows you to mount secrets as files into the container without exposing them in environment variables or logs. The secrets are encrypted at rest in Key Vault and are only accessible via a managed identity assigned to the container group, ensuring the configuration remains secure and invisible in container logs.
Q6
easyFull explanation →

A company deploys a web application to Azure App Service. They want to deploy a new version of the app with zero downtime and the ability to quickly roll back if needed. Which deployment feature should they use?

A

Auto-scaling

B

Deployment slots

Deployment slots enable staging, warm-up, and swapping with immediate rollback, providing zero-downtime deployments.

C

Traffic Manager

D

Application Insights

Why: Deployment slots are separate, live environments within Azure App Service that allow you to stage a new version of your app, perform validation, and then swap it into production with zero downtime. The swap operation ensures all traffic is redirected instantly, and if issues arise, you can immediately swap back to the previous slot for a quick rollback.

Want more Develop Azure compute solutions practice?

Practice this domain
2

Domain 2: Develop for Azure storage

All Develop for Azure storage questions
Q1
easyFull explanation →

A company stores archival data in Azure Blob Storage. The data is accessed only a few times per year, and retrieval can take up to 15 hours. Which blob access tier minimizes storage costs while meeting these requirements?

A

Hot tier

B

Cool tier

C

Archive tier

Archive tier offers the lowest storage cost and supports retrieval within 1-15 hours, fitting the scenario.

D

Premium tier

Why: The Archive tier is the correct choice because it is designed for data that is rarely accessed (a few times per year) and has a retrieval latency of up to 15 hours, which matches the requirement. It offers the lowest storage cost among Azure Blob Storage tiers, making it optimal for long-term archival data where infrequent access and delayed retrieval are acceptable.
Q2
mediumFull explanation →

You are building a serverless application that needs to react to insertions and updates in an Azure Cosmos DB container. You want to process these changes using an Azure Function. Which trigger should you configure for the function?

A

Cosmos DB trigger

The Cosmos DB trigger uses the change feed to respond to inserts and updates in the container.

B

Blob trigger

C

Event Grid trigger

D

Service Bus trigger

Why: A Cosmos DB trigger is the correct choice because it is specifically designed to react to changes in a Cosmos DB container by leveraging the change feed. The Azure Function runtime polls the change feed for inserts and updates, invoking the function with batches of documents as they occur. This provides a native, serverless integration without needing additional services.
Q3
mediumFull explanation →

You are developing an application that writes logs to Azure Blob Storage. Each log entry is small (less than 1 KB) and you need to store millions of entries per day. You want to minimize storage costs and maximize write throughput. Which blob type should you use?

A

Block blobs with a high block size.

B

Append blobs.

Correct. Append blobs are designed for frequent append operations and are ideal for logging.

C

Page blobs.

D

Block blobs with a low block size.

Why: Append blobs are optimized for append operations, making them ideal for logging scenarios where each log entry is appended to the blob. They provide high throughput for write-heavy, sequential append workloads and are cost-effective because they use the same block blob pricing but avoid the overhead of managing individual blocks for each small entry.
Q4
hardFull explanation →

You need to upload large files (up to 100 GB) to Azure Blob Storage from a web application. The upload must be resilient to network failures and support pausing/resuming. Which approach should you use?

A

Upload the blob as a single PUT operation.

B

Use block blob with multiple blocks and parallel upload.

Correct. Block blobs support chunked upload with retry and resume capability.

C

Use append blob.

D

Use AzCopy from the server.

Why: Option B is correct because block blobs support uploading large files (up to ~4.75 TB) by splitting the file into multiple blocks, uploading them in parallel for speed, and committing the block list atomically. This approach provides resilience to network failures (individual blocks can be retried) and supports pausing/resuming by tracking which blocks have been uploaded.
Q5
easyFull explanation →

You need to store millions of small log entries (each <1 KB) per day from an IoT device. The logs are rarely read. Which storage solution is most cost-effective?

A

Azure Blob Storage Block Blob

Correct. Block blobs support high-volume storage with low-cost tiers (Cool/Archive) and can handle billions of objects.

B

Azure SQL Database

C

Azure Table Storage

D

Azure Files

Why: Azure Blob Storage Block Blob is the most cost-effective solution for storing millions of small log entries (<1 KB) that are rarely read because it offers extremely low storage costs per GB, supports high-throughput ingestion, and is optimized for large-scale, append-oriented workloads. Block blobs can be stored in the 'Cool' or 'Archive' access tier to further reduce costs, and they can be efficiently batched into larger blocks (up to 100 MB per block) to minimize transaction costs.
Q6
easyFull explanation →

You are developing an application that writes log entries to Azure Blob Storage. Each log entry is approximately 500 bytes, and you expect to generate millions of entries per day. The logs are rarely read, and when they are read, you need to retrieve ranges of logs sequentially. Which blob type should you use to minimize storage costs and maximize write throughput?

A

Block blobs

B

Append blobs

Append blobs are specifically designed for append operations, providing high write throughput and low cost per write. They are ideal for streaming log data where new entries are continuously added.

C

Page blobs

D

Azure Files shares

Why: Append blobs are optimized for append operations, making them ideal for write-heavy, sequential logging scenarios. Each append operation adds data to the end of the blob, achieving high write throughput without the overhead of managing block lists. Since logs are rarely read and accessed sequentially, append blobs minimize storage costs compared to block blobs (which require block management overhead) and page blobs (which are designed for random access and are more expensive).

Want more Develop for Azure storage practice?

Practice this domain
3

Domain 3: Implement Azure security

All Implement Azure security questions
Q1
mediumFull explanation →

You have multiple Azure virtual machines that need to access the same Azure Key Vault to retrieve certificates. You want to minimize administrative overhead while ensuring each VM can authenticate without managing credentials. Which identity type should you use?

A

System-assigned managed identity on each VM

B

User-assigned managed identity assigned to each VM

A single user-assigned identity can be assigned to all VMs. You grant Key Vault access once, reducing overhead.

C

Service principal with client secret stored in each VM

D

Storage account key

Why: Option B is correct because a user-assigned managed identity can be created once and then assigned to multiple Azure VMs, allowing all of them to authenticate to the same Key Vault without storing any credentials. This minimizes administrative overhead compared to managing separate system-assigned identities or service principals, as the identity is independent of any single VM's lifecycle and can be reused across resources.
Q2
hardFull explanation →

A developer accidentally deleted a secret from Azure Key Vault. Soft-delete is enabled with a retention period of 90 days. After 60 days, you attempt to recover the secret. What should you do?

A

Run the Azure CLI command: az keyvault secret recover

This command restores the secret while within the soft-delete retention window (60 days out of 90).

B

Enable purge protection on the Key Vault first, then recover the secret.

C

Recover is not possible because the retention period of 90 days has not elapsed.

D

Run the Azure CLI command: az keyvault secret undelete

Why: Option A is correct because when soft-delete is enabled on Azure Key Vault, deleted secrets are retained for the specified retention period (90 days in this case). Since only 60 days have passed, the secret is still in a soft-deleted state and can be recovered using the `az keyvault secret recover` command, which restores the secret to an active state.
Q3
mediumFull explanation →

A company stores sensitive data in an Azure Storage account. They need to restrict access based on the client's IP address and require that clients use a valid SAS token. Which mechanism should they use?

A

Microsoft Entra ID authentication.

B

Shared Key.

C

SAS token with IP ACL.

Correct. A SAS token can specify an allowed IP address range.

D

Firewall and virtual networks.

Why: A SAS token with an IP ACL (access control list) allows you to restrict access to a specific client IP address or range of IP addresses while also requiring a valid SAS token for authentication. This meets both requirements: IP-based restriction and SAS token validation. The IP ACL is specified as part of the SAS token's signed IP (sip) parameter, which enforces that requests must originate from the allowed IP range.
Q4
easyFull explanation →

You are developing an application that stores user secrets. You need to ensure that the secrets are encrypted at rest and rotated automatically. Which Azure service should you integrate?

A

Azure Storage.

B

Azure Key Vault.

Correct. Key Vault is designed for secret management with encryption and rotation capabilities.

C

Azure Security Center.

D

Microsoft Entra ID.

Why: Azure Key Vault is the correct choice because it provides centralized management of secrets, keys, and certificates with built-in encryption at rest using FIPS 140-2 Level 2 validated hardware security modules (HSMs). It also supports automatic rotation of secrets through integration with Azure Event Grid and Azure Functions, enabling you to schedule or trigger key rotation policies without manual intervention.
Q5
easyFull explanation →

You have an Azure Function app that needs to retrieve a secret from Azure Key Vault at runtime. You want to avoid storing any credentials in code or configuration. Which mechanism should you use?

A

Service principal with client secret

B

Managed identity

Correct. Managed identity allows the Function app to authenticate to Azure Key Vault without any stored credentials.

C

Access key

D

Shared access signature (SAS)

Why: Managed identity (B) is the correct mechanism because it allows the Azure Function app to authenticate to Azure Key Vault without storing any credentials in code or configuration. Azure automatically manages the identity and provides a token from Azure AD that the function can use to access the vault, eliminating the need for secrets or keys in the application.
Q6
hardFull explanation →

A developer deleted a secret from Azure Key Vault with soft-delete and purge protection enabled (retention 90 days). After 50 days, the secret is needed again. What is the correct recovery method?

A

Purge the secret and then restore from a backup

B

Recover the secret using Azure CLI 'az keyvault secret recover'

Correct. Soft-delete allows recovery within the retention period using the recover command.

C

Recreate the secret with the same name

D

Use an Azure Resource Manager template to undelete the secret

Why: Option B is correct because Azure Key Vault with soft-delete and purge protection enabled retains deleted secrets for the specified retention period (90 days in this case). Since only 50 days have passed, the secret is still in a soft-deleted state and can be recovered using the 'az keyvault secret recover' command, which restores the secret to its original state without data loss.

Want more Implement Azure security practice?

Practice this domain
4

Domain 4: Connect to and consume Azure services and third-party services

All Connect to and consume Azure services and third-party services questions
Q1
mediumFull explanation →

A retail system uses Azure Service Bus to process orders. Each order has multiple messages (e.g., payment, shipping, confirmation) that must be processed in sequence. You need to guarantee that all messages belonging to the same order are handled by the same consumer in order. Which Service Bus feature should you use?

A

Sessions

Sessions ensure FIFO ordering and guarantee that messages with the same session ID are processed by a single consumer.

B

Scheduled messages

C

Dead-letter queue

D

Auto-forwarding

Why: Sessions in Azure Service Bus enable ordered, first-in-first-out (FIFO) processing of related messages. By setting the SessionId property to the order ID, all messages for that order are grouped into a session, ensuring a single consumer processes them sequentially. This guarantees that payment, shipping, and confirmation messages for the same order are handled in order and by the same consumer.
Q2
hardFull explanation →

You manage an API in Azure API Management. You need to cache API responses such that different responses are returned based on the product subscription key used by the caller. Which set of policies should you implement?

A

Set a 'cache-lookup' policy in the inbound section and a 'cache-store' policy in the outbound section, using the subscription key as a cache vary-by parameter.

This is the correct pattern: lookup cache on request, store on response, varying by subscription key.

B

Set a 'cache-store' policy in the inbound section and a 'cache-lookup' policy in the outbound section.

C

Set both 'cache-lookup' and 'cache-store' policies in the inbound section.

D

Set only a 'cache-store' policy in the backend section.

Why: Option A is correct because caching API responses based on the subscription key ensures that each caller receives a cached response unique to their subscription. The 'cache-lookup' policy in the inbound section checks the cache before forwarding the request, and the 'cache-store' policy in the outbound section stores the response after it is generated. By specifying the subscription key as a vary-by parameter, the cache key includes the subscription key, so different keys produce different cached entries.
Q3
easyFull explanation →

A company uses Azure Logic Apps to integrate with a third-party REST API. The API has a rate limit of 100 requests per minute. You need to ensure that the Logic App respects this limit. Which connector feature should you configure?

A

Retry policy.

B

Concurrency control.

Correct. Concurrency control limits the number of in-flight requests, helping to stay within rate limits.

C

Swagger connector.

D

API Management.

Why: Concurrency control in Azure Logic Apps limits the number of concurrent runs of a workflow. By setting the concurrency limit to 1, you ensure that only one instance of the Logic App executes at a time, effectively serializing requests and preventing the app from exceeding the third-party API's rate limit of 100 requests per minute. This is the correct feature to throttle throughput to match external constraints.
Q4
mediumFull explanation →

You are building an API that needs to send notifications to multiple subscribers. Each subscriber has a different callback URL, and you need to ensure each notification is sent exactly once and retried on failure. Which Azure service should you use?

A

Azure Event Grid.

Correct. Event Grid delivers events to multiple subscribers with retry and exactly-once semantics.

B

Azure Service Bus.

C

Azure Notification Hubs.

D

Azure Queue Storage.

Why: Azure Event Grid is the correct choice because it is a fully managed event routing service that uses a publish-subscribe model with built-in retry logic and exactly-once delivery semantics. It supports multiple subscribers with distinct callback URLs (webhooks) and automatically retries delivery on failure, making it ideal for sending notifications to multiple endpoints with guaranteed delivery.
Q5
mediumFull explanation →

You manage an API in Azure API Management. The API response varies depending on the caller's subscription key. You need to cache responses per subscription key to reduce backend load. Which policy configuration should you use?

A

Set cache key to include the subscription key

Correct. Using a policy like <cache-lookup vary-by-key="@(context.Subscription.Id)" /> caches different responses per subscription.

B

Use a global cache with no variation

C

Disable caching and rely on the backend

D

Use rate limiting policy

Why: Option A is correct because Azure API Management's caching policy allows you to customize the cache key using the `@(context.Subscription.Id)` expression. By setting the cache key to include the subscription key, each caller's responses are cached separately based on their unique subscription, ensuring that variations in the API response per subscription key are preserved while reducing backend load.
Q6
mediumFull explanation →

You have an order processing system using Azure Service Bus. Each order generates multiple messages that must be processed in order and by the same consumer. Which Service Bus feature ensures this?

A

Message sessions

Correct. Sessions guarantee ordered, first-in-first-out (FIFO) delivery and that messages in a session are handled by a single consumer.

B

Topics and subscriptions

C

Dead-letter queues

D

Auto-forwarding

Why: Message sessions in Azure Service Bus enable ordered, sequential processing of related messages by a single consumer. When messages belong to the same session, they are guaranteed to be delivered in order and are locked to a single consumer until the session is complete, ensuring that all messages for a given order are processed by the same consumer without interleaving.

Want more Connect to and consume Azure services and third-party services practice?

Practice this domain
5

Domain 5: Monitor, troubleshoot, and optimize Azure solutions

All Monitor, troubleshoot, and optimize Azure solutions questions
Q1
mediumFull explanation →

An e-commerce application emits a high volume of telemetry data to Azure Application Insights. You need to reduce the cost of data ingestion while preserving statistical accuracy for performance metrics. Which sampling technique should you use?

A

Adaptive sampling

Adaptive sampling dynamically tunes the sampling rate to keep data volume manageable while preserving statistical validity.

B

Fixed-rate sampling with a 1% rate

C

Ingestion sampling

D

Head-based sampling

Why: Adaptive sampling is the correct choice because it automatically adjusts the sampling rate based on the volume of telemetry data, ensuring that during low-traffic periods all data is retained for statistical accuracy, while during high-traffic periods it reduces the rate to control costs. This technique is specifically designed for high-volume scenarios like e-commerce telemetry, where preserving statistical accuracy for performance metrics (e.g., request durations, failure rates) is critical, and it avoids the manual tuning required by fixed-rate sampling.
Q2
easyFull explanation →

You need to monitor the real-time CPU utilization of an Azure virtual machine. Which Azure Monitor feature is designed for this purpose?

A

Metrics

Metrics provide real-time numerical values such as CPU usage, ideal for monitoring performance.

B

Logs

C

Alerts

D

Workbooks

Why: Azure Monitor Metrics is the correct feature because it collects and stores numeric time-series data from Azure resources, including CPU utilization, at near-real-time intervals (typically every 1 minute for Azure VMs). Metrics are lightweight, low-latency, and designed for real-time monitoring and alerting, making them ideal for tracking CPU usage without the overhead of log ingestion.
Q3
hardFull explanation →

You have an Azure App Service web app that experiences intermittent slowness. You enable Application Insights and notice that the "Failed Requests" metric is low, but "Server Response Time" is high for a subset of requests. You want to identify the specific code path causing the delay. Which feature should you use?

A

Live Metrics.

B

Snapshot Debugger.

C

Profiler.

Correct. Profiler traces requests and identifies slow code paths.

D

Availability tests.

Why: C is correct because the Application Insights Profiler captures detailed call stacks and execution timing for slow requests, allowing you to pinpoint the exact code path causing high server response time. Unlike other features, Profiler is specifically designed for performance troubleshooting by tracing request execution at the code level.
Q4
mediumFull explanation →

An Azure Function processes events from Event Hubs. You need to monitor the number of events that were successfully processed and those that were dropped due to processing errors. Which approach should you use?

A

Custom metrics in Application Insights.

Correct. You can use the Application Insights SDK to log custom events or metrics for processed and dropped events.

B

Event Hubs metrics.

C

Stream Analytics job.

D

Log Analytics query on function logs.

Why: Custom metrics in Application Insights allow you to track business-specific counters like successfully processed events and dropped events directly from your Azure Function code. By using the `TelemetryClient.TrackMetric()` API within the function's event processing logic, you can increment counters for success and failure scenarios, giving you precise, real-time monitoring of processing outcomes. This approach is more granular than built-in metrics because it reflects your application's custom error handling, not just infrastructure-level throughput.
Q5
mediumFull explanation →

Your e-commerce application sends telemetry to Application Insights. You need to reduce ingestion costs while preserving the ability to detect trends in performance metrics. Which sampling type should you configure?

A

Fixed-rate sampling

B

Adaptive sampling

Correct. Adaptive sampling dynamically adjusts to keep the telemetry volume within a budget while preserving statistical accuracy for trends.

C

Ingestion sampling

D

Head-based sampling

Why: Adaptive sampling is the correct choice because it automatically adjusts the volume of telemetry data collected based on the application's activity level, ensuring that performance trends are preserved while reducing ingestion costs. Unlike fixed-rate sampling, adaptive sampling dynamically increases or decreases the sampling rate to maintain a target volume, making it ideal for e-commerce applications with variable traffic patterns.
Q6
easyFull explanation →

You need to monitor the CPU utilization of an Azure VM in real-time and set up an alert when it exceeds 90%. Which Azure Monitor feature should you use?

A

Log Analytics Workspace

B

Metrics Explorer

Correct. Metrics Explorer provides near real-time platform metrics and supports creating metric alerts.

C

Application Insights

D

Azure Monitor for VMs

Why: Metrics Explorer is the correct Azure Monitor feature for real-time monitoring of CPU utilization on an Azure VM because it provides near real-time metric collection (typically every 1 minute) and supports alerting based on threshold conditions. It allows you to chart performance counters like Percentage CPU and configure metric alerts that trigger when the value exceeds 90%.

Want more Monitor, troubleshoot, and optimize Azure solutions practice?

Practice this domain

Frequently asked questions

How many questions are on the AZ-204 exam?

The AZ-204 exam has 50 questions and must be completed in 100 minutes. The passing score is 700/1000.

What types of questions appear on the AZ-204 exam?

Scenario questions on developing Azure solutions covering compute, Blob storage, Cosmos DB, authentication, message-based services, and monitoring. Some questions are performance-based (PBQs), asking you to complete tasks in a simulated environment.

How are AZ-204 questions organised by domain?

The exam covers 5 domains: Develop Azure compute solutions, Develop for Azure storage, Implement Azure security, Connect to and consume Azure services and third-party services, Monitor, troubleshoot, and optimize Azure solutions. Questions are weighted by domain — higher-weight domains appear more on your actual exam.

Are these the actual AZ-204 exam questions?

No. These are original exam-style practice questions written against the official Microsoft AZ-204 exam objectives. They are not copied from the real exam. Courseiva focuses on genuine understanding, not memorisation of braindumps.

Ready to practice all 60 AZ-204 questions?

Courseiva tracks your accuracy per domain and routes you toward weak areas automatically. Free, no account required.

Browse all AZ-204 questionsTake a timed practice test