Question 1mediummultiple choice
Full question →AZ-104 · topic practice
AZ Identity practice questions
Use this page to practise AZ-104 AZ Identity practice questions. The goal is not to memorise dumps, but to understand the concept, review the explanation and improve your exam readiness.
What the exam tests
What to know about AZ Identity
AZ Identity questions test whether you can apply the concept in context, not just recognise a definition.
How the topic appears in realistic exam-style scenarios.
Which detail in the question changes the correct answer.
How to eliminate plausible but wrong options.
How to connect the question back to the wider exam objective.
Practice set
AZ Identity questions
20 questions · select your answer, then reveal the explanation
Question 2hardmultiple choice
Full question →You are deploying a stateless web application on Azure virtual machines. The solution must automatically add and remove instances based on CPU demand and allow all instances to be managed as one logical group. Which Azure compute feature should you deploy?
Question 3hardmulti select
Full question →You are deploying a Windows Server VM for an internal app. The VM must support Secure Boot and vTPM later, its OS disk must survive host moves, and the team wants the lowest-cost managed disk tier that still behaves like a normal writable OS disk. Which two choices should you make? Select two.
Question 4mediummultiple choice
Full question →You need to deploy several identical virtual machines and ensure that the failure of a single Azure host does not affect all of them. Which feature should you use?
Question 5mediummultiple choice
Full question →You need to connect VNet-Hub and VNet-Spoke so that resources in both virtual networks can communicate privately over the Microsoft backbone. Both virtual networks are in the same region. What should you configure?
Question 6hardmultiple choice
Full question →A team is creating a new workload subnet in a spoke virtual network. The subnet must support 41 VM NICs, 2 internal load balancer frontend IP configurations, 3 private endpoint IPs, and 4 spare IPs for near-term growth. Azure reserves 5 IP addresses in every subnet. What is the smallest IPv4 subnet size that satisfies the requirement?
Question 7mediummultiple choice
Full question →A team is creating a new spoke VNet that will later be peered to an existing hub VNet and connected to on-premises networks. The proposed address space for the spoke is 10.60.1.0/24. The hub already uses 10.60.0.0/16. What should the administrator do before deploying the spoke?
Question 8mediummultiple choice
Full question →You need to view recommendations about underutilized virtual machines, security improvements, and cost-saving opportunities in Azure. Which service should you use?
Question 9hardmultiple choice
Full question →You need to collect performance counters and event logs from multiple Azure virtual machines and query the data centrally by using Kusto Query Language. Which Azure resource should you deploy?
Question 10hardmultiple choice
Full question →A virtual machine is already protected by Azure Backup. The current policy runs daily at 23:00 and keeps daily recovery points for 30 days. The business now wants the same schedule but wants new daily recovery points retained for 90 days. No new vault or re-registration should occur. What should the administrator do?
Question 11mediummulti select
Full question →A team wants to monitor average CPU on a small set of Linux VMs and OS disk free space, but they want the lowest telemetry ingestion cost possible. Which two actions should they take? Select two.
Question 12easymultiple choice
Full question →A developer wants to publish an internet-facing web application from source code. The solution must support built-in HTTPS, deployment slots for testing, and autoscale. The team does not want to manage servers. Which Azure service should the administrator recommend?
Question 13mediummultiple choice
Full question →You need to ensure that a user can view cost data for Azure resources but cannot create or modify those resources. Which built-in role should you assign at the required scope?
Question 14mediummultiple choice
Full question →A VM has both a default route from a VPN gateway and a user-defined route to an on-premises firewall. Traffic is still not reaching the expected next hop. The administrator wants to see the exact routes currently applied to the VM NIC. Which tool should be used?
Question 15mediummultiple choice
Full question →A team is creating a subnet for 48 small Linux VMs, two internal load balancer frontend IPs, and one Azure Bastion host. Azure reserves five IP addresses in every subnet. Which subnet prefix is the smallest that will still meet the requirement?
Question 16mediummultiple choice
Full question →A team needs to run a Linux container for 15 to 20 minutes at a time, triggered by an external system. They do not want to manage servers, clusters, or a web framework. Which Azure service is the best fit?
Question 17mediummultiple choice
Full question →You need to deploy 20 identical Azure virtual machines for a web application and automatically scale the number of instances based on CPU demand. Which Azure feature should you use?
Question 18easymultiple choice
Full question →A team wants to keep Azure platform logs for a storage account in a central location and analyze them with queries. The logs should be queryable together with other Azure resource logs. What destination should the administrator choose for the diagnostic setting?
Question 19mediummatching
Full question →A team is troubleshooting inbound access to Azure VMs. Match each NSG concept on the left with the most accurate behavior or troubleshooting implication on the right.
Answer choices are not available in this preview. Open the full question page for the complete review.
Question 20mediummultiple choice
Full question →You need to allow SSH access to only one Linux VM in a subnet that contains several application servers. The other VMs in the subnet must remain inaccessible from the internet. What is the best configuration?
Watch out for
Common AZ Identity exam traps
- ▸Answering from memory before reading the full scenario.
- ▸Missing a constraint such as cost, availability, security, scope or command context.
- ▸Choosing a broad answer when the question asks for the most specific fix.
- ▸Ignoring why the wrong options are tempting.
Free account
Track your progress over time
Create a free account to save your results and see which topics improve across sessions.
Focused AZ Identity sessions
Start a AZ Identity only practice session
Every question in these sessions is drawn from the AZ Identity domain — nothing else.
Related practice questions
Related AZ-104 topic practice pages
Move into related areas when this topic feels solid.
AZ-104 Azure RBAC practice questions
Practise AZ-104 questions linked to AZ-104 Azure RBAC.
AZ-104 storage account practice questions
Practise AZ-104 questions linked to AZ-104 storage account.
AZ-104 virtual network practice questions
Practise AZ-104 questions linked to AZ-104 virtual network.
AZ-104 NSG practice questions
Practise AZ-104 questions linked to AZ-104 NSG.
AZ-104 Azure Monitor practice questions
Practise AZ-104 questions linked to AZ-104 Azure Monitor.
AZ-104 backup practice questions
Practise AZ-104 questions linked to AZ-104 backup.
AZ-104 managed identity practice questions
Practise AZ-104 questions linked to AZ-104 managed identity.
AZ-104 load balancer practice questions
Practise AZ-104 questions linked to AZ-104 load balancer.
AZ-104 Azure Policy practice questions
Practise AZ-104 questions linked to AZ-104 Azure Policy.
AZ-104 virtual machine practice questions
Practise AZ-104 questions linked to AZ-104 virtual machine.
Frequently asked questions
- What does the AZ-104 exam test about AZ Identity?
- AZ Identity questions test whether you can apply the concept in context, not just recognise a definition.
- How should I use these practice questions?
- Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
- Can I practise just AZ Identity questions in a focused session?
- Yes — the session launcher on this page draws every question from the AZ Identity domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
- Where can I practise other AZ-104 topics?
- Use the topic links above to move to related areas, or go back to the AZ-104 question bank to see all topics.
- Are these real exam questions or dumps?
- These are original practice questions written to test the same concepts the AZ-104 exam covers. They are not copied from any real exam or dump site.
Track your progress
A free account saves results across sessions and highlights which topics need work.
Sign up freeExam traps to avoid
- ▸Answering from memory before reading the full scenario.
- ▸Missing a constraint such as cost, availability, security, scope or command context.
- ▸Choosing a broad answer when the question asks for the most specific fix.
- ▸Ignoring why the wrong options are tempting.