- A
Soft delete on the Recovery Services vault.
Soft delete keeps deleted backup items recoverable for a retention window after deletion. That gives administrators time to reverse a mistaken stop-protection or delete action before the data is permanently lost. It is specifically designed for this sort of operational recovery scenario and is a vault-level protection setting. Because the question asks for recoverability after deletion, soft delete is the feature that directly addresses the requirement.
- B
An action group attached to the vault alerts.
Why wrong: Action groups send notifications, but they do not preserve deleted backup data for recovery.
- C
Diagnostic settings that export vault events to Log Analytics.
Why wrong: Logging helps with investigation, but it does not make deleted backup items recoverable.
- D
Cross-region restore for the vault.
Why wrong: Cross-region restore changes where backups can be restored from, not whether deleted items remain temporarily recoverable.
Azure Backup Soft Delete: Recover Accidentally Deleted Backup Data
This AZ-104 practice question tests your understanding of monitor and maintain azure resources. Read the scenario carefully and evaluate each option against the stated constraints before committing to an answer. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.
An administrator accidentally stopped protection for a critical VM and then deleted its backup item. The mistake was discovered a day later, and the organization wants deleted backup data to remain recoverable for a grace period. Which feature should be enabled on the Recovery Services vault?
Answer choices
Why each option matters
Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.
Correct answer & explanation
Soft delete on the Recovery Services vault.
Soft delete on the Recovery Services vault provides a grace period (default 14 days) during which deleted backup data is retained in a soft-deleted state, allowing recovery even after a backup item is deleted. This feature is specifically designed to protect against accidental deletion, as it prevents permanent removal of backup data until the soft-delete period expires or is manually purged.
Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Answer analysis
Option-by-option breakdown
For each option: why learners choose it and why it is or isn't the right answer here.
- ✓
Soft delete on the Recovery Services vault.
Why this is correct
Soft delete keeps deleted backup items recoverable for a retention window after deletion. That gives administrators time to reverse a mistaken stop-protection or delete action before the data is permanently lost. It is specifically designed for this sort of operational recovery scenario and is a vault-level protection setting. Because the question asks for recoverability after deletion, soft delete is the feature that directly addresses the requirement.
Related concept
Read the scenario before looking for a memorised answer.
- ✗
An action group attached to the vault alerts.
Why it's wrong here
Action groups send notifications, but they do not preserve deleted backup data for recovery.
When this WOULD be correct
This option would be correct if the question asked: 'An administrator wants to receive email notifications when backup jobs fail or when the vault is deleted. Which feature should be configured on the Recovery Services vault?'
- ✗
Diagnostic settings that export vault events to Log Analytics.
Why it's wrong here
Logging helps with investigation, but it does not make deleted backup items recoverable.
When this WOULD be correct
An administrator needs to analyze backup failure trends and set up custom alerts based on backup events. Enabling diagnostic settings to export vault events to Log Analytics would allow querying and alerting on backup failures.
- ✗
Cross-region restore for the vault.
Why it's wrong here
Cross-region restore changes where backups can be restored from, not whether deleted items remain temporarily recoverable.
When this WOULD be correct
This option would be correct in a scenario where an organization needs to ensure backup data is available for restore even if the primary region experiences a disaster, and the question asks for a feature that enables restoring backups to a different Azure region.
Option-by-option analysis
Why each answer is right or wrong
Understanding why wrong answers are wrong — and when they would be correct — is what separates a 750 score from a 900. The AZ-104 exam frequently reuses these exact scenarios with slightly different constraints.
✓Soft delete on the Recovery Services vault.Correct answer▾
Why this is correct
Soft delete keeps deleted backup items recoverable for a retention window after deletion. That gives administrators time to reverse a mistaken stop-protection or delete action before the data is permanently lost. It is specifically designed for this sort of operational recovery scenario and is a vault-level protection setting. Because the question asks for recoverability after deletion, soft delete is the feature that directly addresses the requirement.
✗An action group attached to the vault alerts.Wrong answer — click to see why▾
Why this is wrong here
An action group attached to vault alerts sends notifications but does not provide a grace period to recover deleted backup data. The question specifically asks for a feature that makes deleted backup data recoverable for a grace period, which soft delete provides.
★ When this WOULD be the correct answer
This option would be correct if the question asked: 'An administrator wants to receive email notifications when backup jobs fail or when the vault is deleted. Which feature should be configured on the Recovery Services vault?'
Why candidates choose this
Candidates may confuse alerting with recovery capabilities, thinking that being alerted about a deletion could allow them to take action to recover the data, but alerts alone do not retain deleted data.
✗Diagnostic settings that export vault events to Log Analytics.Wrong answer — click to see why▾
Why this is wrong here
Diagnostic settings export vault events to Log Analytics for monitoring and auditing, but they do not provide a grace period for recovering deleted backup data. Soft delete is the feature that retains deleted backups for 14 days.
★ When this WOULD be the correct answer
An administrator needs to analyze backup failure trends and set up custom alerts based on backup events. Enabling diagnostic settings to export vault events to Log Analytics would allow querying and alerting on backup failures.
Why candidates choose this
Candidates may think that logging events to Log Analytics could help recover deleted backups by reviewing logs, but logs only provide information, not data recovery capabilities.
✗Cross-region restore for the vault.Wrong answer — click to see why▾
Why this is wrong here
Cross-region restore (CRR) enables restoring backup data to a paired secondary region for disaster recovery, but it does not provide a grace period to recover deleted backup items within the primary vault. The question specifically asks for a feature that retains deleted backup data for a grace period, which is soft delete, not CRR.
★ When this WOULD be the correct answer
This option would be correct in a scenario where an organization needs to ensure backup data is available for restore even if the primary region experiences a disaster, and the question asks for a feature that enables restoring backups to a different Azure region.
Why candidates choose this
Candidates may confuse cross-region restore with soft delete because both involve data protection and recovery, but they serve different purposes: CRR is for regional disaster recovery, while soft delete is for accidental deletion recovery.
Analysis generated from the official AZ-104blueprint and verified against question context. The “when correct” sections are what AI assistants cite when candidates ask “what’s the difference between these options?”
Common exam traps
Common exam trap: answer the scenario, not the keyword
The trap here is that candidates may confuse soft delete with cross-region restore or diagnostic settings, thinking that logging or alerts can recover deleted data, when in fact only soft delete provides a grace period for recovery after accidental deletion.
Detailed technical explanation
How to think about this question
Soft delete works by marking a deleted backup item as 'soft-deleted' and retaining it for a configurable retention period (14–180 days). During this time, the backup data is not visible in the normal backup items list but can be recovered via the 'Undelete' option in the vault. The feature is enabled at the vault level and applies to all backup items (Azure VM, SQL, SAP HANA, etc.). If soft delete is disabled, deleted backup items are immediately and permanently removed, making recovery impossible after the deletion.
KKey Concepts to Remember
- Read the scenario before looking for a memorised answer.
- Find the constraint that changes the correct option.
- Eliminate answers that are true in general but not in this case.
TExam Day Tips
- Watch for words such as best, first, most likely and least administrative effort.
- Review why wrong options are wrong, not only why the correct option is correct.
Key takeaway
Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Real-world example
How this comes up in practice
An e-commerce site experiences heavy traffic on Black Friday and near-zero traffic during off-peak weeks. Rather than provisioning permanent large VMs, the team uses auto-scaling groups that add capacity automatically under load and reduce it overnight. Questions like this test whether you understand elasticity, availability zones, and cloud compute scaling patterns.
What to study next
Got this wrong? Here's your next step.
Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.
- →
Monitor and Maintain Azure Resources — study guide chapter
Learn the concepts, then practise the questions
- →
Monitor and Maintain Azure Resources practice questions
Targeted practice on this topic area only
- →
All AZ-104 questions
1,170 questions across all exam domains
- →
AZ-104 study guide
Full concept coverage aligned to exam objectives
- →
AZ-104 practice test guide
How to use practice tests most effectively before exam day
Related practice questions
Related AZ-104 practice-question pages
Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.
Manage Azure Identities and Governance practice questions
Practise AZ-104 questions linked to Manage Azure Identities and Governance.
Implement and Manage Storage practice questions
Practise AZ-104 questions linked to Implement and Manage Storage.
Deploy and Manage Azure Compute practice questions
Practise AZ-104 questions linked to Deploy and Manage Azure Compute.
Implement and Manage Virtual Networking practice questions
Practise AZ-104 questions linked to Implement and Manage Virtual Networking.
Monitor and Maintain Azure Resources practice questions
Practise AZ-104 questions linked to Monitor and Maintain Azure Resources.
AZ-104 Azure RBAC practice questions
Practise AZ-104 questions linked to AZ-104 Azure RBAC.
AZ-104 storage account practice questions
Practise AZ-104 questions linked to AZ-104 storage account.
AZ-104 virtual network practice questions
Practise AZ-104 questions linked to AZ-104 virtual network.
AZ-104 NSG practice questions
Practise AZ-104 questions linked to AZ-104 NSG.
AZ-104 Azure Monitor practice questions
Practise AZ-104 questions linked to AZ-104 Azure Monitor.
AZ-104 backup practice questions
Practise AZ-104 questions linked to AZ-104 backup.
AZ-104 managed identity practice questions
Practise AZ-104 questions linked to AZ-104 managed identity.
Practice this exam
Start a free AZ-104 practice session
Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.
FAQ
Questions learners often ask
What does this AZ-104 question test?
Monitor and Maintain Azure Resources — This question tests Monitor and Maintain Azure Resources — Read the scenario before looking for a memorised answer..
What is the correct answer to this question?
The correct answer is: Soft delete on the Recovery Services vault. — Soft delete on the Recovery Services vault provides a grace period (default 14 days) during which deleted backup data is retained in a soft-deleted state, allowing recovery even after a backup item is deleted. This feature is specifically designed to protect against accidental deletion, as it prevents permanent removal of backup data until the soft-delete period expires or is manually purged.
What should I do if I get this AZ-104 question wrong?
Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.
What is the key concept behind this question?
Read the scenario before looking for a memorised answer.
About these practice questions
Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →
Same concept, more angles
5 more ways this is tested on AZ-104
These questions test the same concept from different angles. Work through them to make sure you can recognise it however the exam phrases it.
Variation 1. Which two statements about Azure Backup soft delete are correct? Select two.
easy- ✓ A.Deleted backup data is retained for a grace period
- ✓ B.A protected item can be recovered after accidental deletion within that period
- C.It permanently deletes backups immediately
- D.It changes the VM to a different availability zone
- E.It only applies to Azure Policy assignments
Why A: Azure Backup soft delete ensures that deleted backup data is not immediately purged but retained for a default grace period of 14 days. This allows recovery of accidentally deleted backup items, such as Recovery Services vault backup data, without data loss. Option A is correct because the grace period is a core feature of soft delete.
Variation 2. Based on the exhibit, a backup administrator accidentally stopped protection for a critical VM and then deleted its backup item. The team wants Azure Backup to retain the deleted item long enough to recover it after the mistake is discovered the next day. What should be enabled on the vault?
medium- ✓ A.Soft delete for backup data
- B.A read-only resource lock on the VM
- C.A network security group rule allowing port 445
- D.Instant restore snapshots set to 30 days
Why A: Soft delete for backup data is the correct answer because it provides a safety net for accidentally deleted backup items. When enabled, Azure Backup retains deleted backup data for an additional 14 days (default) in a soft-deleted state, allowing administrators to recover the data before it is permanently purged. This directly addresses the scenario where protection was stopped and the backup item was deleted, as the data remains recoverable within the retention period.
Variation 3. An administrator accidentally deletes a VM backup item from a Recovery Services vault. The company wants a built-in protection feature that helps recover the deleted backup item during the retention window. Which feature is this?
easy- A.Archive tier
- B.Availability zones
- C.Private endpoint
- ✓ D.Soft delete
Why D: Soft delete is a built-in protection feature for Azure Recovery Services vaults that preserves deleted backup data for an additional 14 days (default retention period) after deletion. When a backup item is accidentally deleted, soft delete retains the data in a 'soft deleted' state, allowing administrators to recover it within the retention window before permanent deletion occurs. This feature is enabled by default for new vaults and helps prevent data loss from accidental or malicious deletions.
Variation 4. Based on the exhibit, the VM backup item was accidentally deleted from the vault yesterday, but the VM itself still exists. What should you do to resume protection with the existing backup item?
medium- A.Delete the VM and recreate it so the backup can start again.
- ✓ B.Recover or undelete the backup item from the vault before the soft-delete retention expires.
- C.Create a new action group so the vault can re-enable protection.
- D.Disable diagnostic settings on the vault and then re-enable them.
Why B: Azure Backup uses soft-delete for backup items, which retains deleted backup data for 14 days by default. Since the backup item was accidentally deleted yesterday, it is still in the soft-delete state and can be recovered or undeleted from the vault before the retention period expires. Once recovered, protection can be resumed on the existing VM without data loss or reconfiguration.
Variation 5. The team accidentally stopped protection for a VM and deleted its backup data. They want Azure Backup to keep deleted backup items recoverable for a grace period so the item can be undeleted if needed. Which vault feature should be enabled?
medium- A.Instant restore
- ✓ B.Soft delete
- C.A new backup policy
- D.A private endpoint for the vault
Why B: Soft delete is the correct feature because it provides a grace period (default 14 days) during which deleted backup data is retained in a soft-deleted state. This allows administrators to recover (undelete) backup items that were accidentally deleted, including cases where protection was stopped and data was removed. Without soft delete, deleted backup data is permanently purged and cannot be recovered.
Keep practising
More AZ-104 practice questions
- A storage automation service principal must upload, read, and delete blob data in one container by using Microsoft Entra…
- A subnet contains several application servers. You need to allow inbound TCP 3389 only from a management subnet named Su…
- A subscription admin wants to investigate who changed a resource and also review the platform-generated events for that…
- Based on the exhibit, which Azure feature should the administrator use to track this kind of platform-wide service issue…
- An administrator wants a script running on an Azure VM to create a resource in Azure without storing any passwords or cl…
- A PowerShell script runs on an Azure VM every night and uses Azure CLI commands to create tags and VM resources in anoth…
Last reviewed: Jun 11, 2026
This AZ-104 practice question is part of Courseiva's free Microsoft certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the AZ-104 exam.
Question Discussion
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
Sign in to join the discussion.