AZ-204 Practice Test 1 – 50 Questions and Answers (Azure Developer)

AZ-204 Practice Test 1: 50 Questions and Answers for Azure Developer

Practice AZ-204 questions covering Azure compute, Azure storage, application security, monitoring, troubleshooting, optimization, and service integration. Select your answers, review the explanations, and track your progress in the Learning Dashboard.

Exam: AZ-204Questions: 50Recommended score: 70%+Time: 90 minutes

Before you start

This practice test includes single-choice, multiple-response, and true/false questions. When a question requires more than one answer, the question text tells you exactly how many answers to choose.

AZ-204 practice test questions

Question 1: You need to run a containerized workload that scales based on HTTP traffic and does not require managing Kubernetes infrastructure. Which Azure service should you use?

The correct answer is Azure Container Apps.

Azure Container Apps provides a managed container runtime built on Kubernetes without exposing cluster management to the developer. It supports automatic scaling based on HTTP traffic, events, or KEDA triggers. The service enables scale-to-zero, which reduces costs for idle workloads. Developers can deploy container images without handling nodes, upgrades, or control planes. This model aligns well with microservices and event-driven architectures commonly tested in AZ-204.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 2: You need to ensure that an Azure App Service web application automatically increases the number of instances during peak traffic hours and reduces them afterward. What should you configure?

The correct answer is Autoscale rules in the App Service Plan.

Autoscale rules allow the platform to adjust the number of instances based on metrics such as CPU usage, memory consumption, or HTTP request count. These rules can also be scheduled to scale during known peak hours. Scaling is applied at the App Service Plan level, affecting all apps within the plan. This removes the need for manual intervention during traffic spikes. Autoscaling is a fundamental PaaS capability frequently tested in the AZ-204 exam.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 3: Azure Container Instances support running Windows and Linux containers without requiring orchestration services.

The correct answer is true.

Azure Container Instances allows you to run containers directly without managing orchestration platforms like Kubernetes. It supports both Linux and Windows container workloads. ACI is often used for simple, short-lived, or burst workloads. It provides fast startup times and per-second billing. This makes it suitable for scenarios such as batch jobs and automation tasks.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 4: Which features are provided by Azure App Service Web Apps? Choose 2 answers.

The correct answers are Deployment slots and Built-in authentication and authorization.

Azure App Service includes native integration with identity providers such as Azure AD, Google, and Facebook. Deployment slots allow safe deployment practices like blue-green or canary releases. The underlying operating system is fully managed by Microsoft. Developers do not have access to kernel-level configuration or OS patching. This abstraction supports rapid development while maintaining platform security.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 5: You need to securely store and version Docker images for use by Azure Kubernetes Service. Which service should you use?

The correct answer is Azure Container Registry.

Azure Container Registry is a private registry designed to store container images securely. It integrates natively with Azure Kubernetes Service for image pulls. ACR supports image tagging, versioning, and repository management. Authentication can be handled using Azure AD or managed identities. This enables secure and centralized container image distribution.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 6: Azure Functions can be triggered by HTTP requests, timers, and events from Azure services.

The correct answer is true.

Azure Functions supports multiple trigger types including HTTP triggers, timer triggers, and event-based triggers. Examples include Service Bus messages, Event Grid events, and Blob storage updates. This flexibility allows developers to build event-driven and serverless applications. Functions scale automatically based on demand. These characteristics are core to Azure Functions questions in AZ-204.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 7: Which scenarios are suitable for Azure Container Instances? Choose 3 answers.

The correct answers are Burst batch processing jobs, Simple automation tasks, and Short-lived container workloads.

Azure Container Instances is optimized for quick startup and execution without orchestration overhead. It works well for containers that do not require service discovery or complex networking. Stateful and long-running microservices are better suited for orchestrators like AKS. ACI provides cost efficiency through per-second billing. These distinctions are frequently evaluated in the exam.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 8: You need to implement blue-green deployment for a web application hosted on Azure App Service. What should you configure?

The correct answer is Deployment slots.

Deployment slots allow multiple versions of an application to run within the same App Service. You can validate changes in a staging slot before swapping to production. Slot swaps are near-instant and reduce downtime. Configuration settings can be marked as slot-specific. This approach supports safe and repeatable deployments.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 9: Azure App Service requires you to manually scale the underlying virtual machines.

The correct answer is false.

Azure App Service provides built-in autoscaling capabilities. Scaling can be configured based on metrics such as CPU usage or request count. The platform abstracts the underlying virtual machines from the developer. This reduces operational responsibility for infrastructure management. Autoscaling is a key benefit of the PaaS model.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 10: Which Azure service allows you to run containerized applications with Dapr integration without managing Kubernetes clusters?

The correct answer is Azure Container Apps.

Azure Container Apps includes native support for Dapr APIs. This enables features such as service invocation, state management, and pub/sub messaging. The service hides Kubernetes complexity from developers. It is well-suited for modern distributed applications. This combination of simplicity and extensibility is a key exam concept.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 11: Which capabilities are supported by Azure Functions Premium plan? Choose 2 answers.

The correct answers are Always-on instances and VNet integration.

The Premium plan allows Azure Functions to run without cold starts. It supports integration with virtual networks for accessing private resources. Execution timeout limits are increased compared to the Consumption plan. Scaling is managed automatically by the platform. These features are often tested when comparing hosting plans.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 12: Azure Kubernetes Service requires you to manage worker node operating system updates manually.

The correct answer is false.

Azure Kubernetes Service manages node OS updates through upgrade processes. Node pools can be upgraded with rolling updates to minimize downtime. Azure provides tools to automate cluster and node maintenance. While planning is required, manual patching is not. This distinction is important when comparing AKS with self-managed Kubernetes.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 13: You need to host a REST API with automatic scaling and minimal infrastructure management. Which service is the best choice?

The correct answer is Azure App Service Web Apps.

App Service provides a fully managed platform for hosting APIs. It includes autoscaling, load balancing, and built-in monitoring. Developers focus on code rather than infrastructure. Security and deployment features are integrated into the platform. This makes it a common choice for API workloads.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 14: Which triggers can be used with Azure Functions? Choose 3 answers.

The correct answers are HTTP trigger, Blob storage trigger, and Timer trigger.

Azure Functions supports a wide range of built-in triggers. These triggers enable event-driven execution based on time, HTTP requests, or data changes. SQL Server Agent and VM lifecycle triggers are not native Function triggers. Using the correct trigger type is critical for solution design. This topic is heavily covered in AZ-204.

Related Microsoft Learn topic

Develop Azure compute solutions

Question 15: You need to store unstructured data such as images and videos and make them accessible via HTTP and HTTPS. Which Azure storage service should you use?

The correct answer is Azure Blob Storage.

Azure Blob Storage is optimized for storing large amounts of unstructured data. It supports direct access over HTTP and HTTPS, making it ideal for media files. Blob containers can be configured for private or public access depending on security requirements. It integrates with Azure CDN for global distribution and performance optimization. Blob Storage is a core service frequently referenced in AZ-204 scenarios.

Related Microsoft Learn topic

Develop for Azure storage

Question 16: Azure Blob Storage supports lifecycle management rules that can automatically move blobs between hot, cool, and archive tiers.

The correct answer is true.

Azure Blob Storage provides lifecycle management policies for cost optimization. These rules can move blobs between access tiers based on last access or modification time. Archive tier is designed for infrequently accessed data with long retrieval times. Lifecycle rules reduce manual management of storage costs. Understanding tiering strategies is essential for storage-related exam questions.

Related Microsoft Learn topic

Develop for Azure storage

Question 17: Which features are supported by Azure Blob Storage? Choose 3 answers.

The correct answers are Immutable blob storage, Blob versioning, and Server-side encryption.

Immutable blob storage enforces write-once, read-many retention for compliance scenarios. Blob versioning keeps previous versions when blobs are modified or deleted. Server-side encryption protects stored data at rest using Microsoft-managed or customer-managed keys. Azure Blob Storage does not provide relational indexing or ACID transactions across multiple blobs.

Related Microsoft Learn topic

Develop for Azure storage

Question 18: You need to store key-value data with fast lookups and minimal schema requirements. Which Azure storage option should you choose?

The correct answer is Azure Table Storage.

Azure Table Storage is a NoSQL key-value storage service. It is designed for fast access using partition and row keys. The schema is flexible, allowing different entities to have different properties. It is highly scalable and cost-effective. These characteristics make it suitable for large datasets with simple query patterns.

Related Microsoft Learn topic

Develop for Azure storage

Question 19: Azure Queue Storage is commonly used to decouple application components and enable asynchronous processing.

The correct answer is true.

Azure Queue Storage enables reliable message-based communication between application components. It supports asynchronous processing by allowing producers and consumers to operate independently. Messages are stored durably until they are processed. This improves application resilience and scalability. Queue-based patterns are a frequent topic in AZ-204 storage questions.

Related Microsoft Learn topic

Develop for Azure storage

Question 20: Which authentication methods can be used to access Azure Storage resources? Choose 3 answers.

The correct answers are Shared Access Signatures (SAS), Storage account access keys, and Azure AD identities.

Azure AD provides role-based access control and is recommended for most secure scenarios. SAS tokens allow limited, time-bound access to storage resources. Access keys provide full control and must be protected carefully. Username and password authentication is not supported. Understanding these access models is critical for secure storage design.

Related Microsoft Learn topic

Develop for Azure storage

Question 21: You need to allow temporary read-only access to a specific blob without exposing the storage account key. What should you use?

The correct answer is Shared Access Signature.

SAS tokens provide granular, time-limited access to storage resources. They can restrict permissions such as read-only access to a single blob. This avoids sharing the storage account access keys. SAS is commonly used for external or client-side access scenarios. Proper SAS usage is frequently tested in the exam.

Related Microsoft Learn topic

Develop for Azure storage

Question 22: Azure File Storage can be mounted by Azure Virtual Machines using the SMB protocol.

The correct answer is true.

Azure File Storage supports the SMB protocol for file sharing. It allows multiple virtual machines to access shared files concurrently. This makes it suitable for lift-and-shift scenarios or shared configuration storage. Azure Files can also be integrated with on-premises environments. These use cases differentiate it from Blob Storage.

Related Microsoft Learn topic

Develop for Azure storage

Question 23: You need to guarantee that a blob cannot be modified or deleted for a defined retention period to meet compliance requirements. Which feature should you use?

The correct answer is Immutable blob storage.

Immutable storage enforces write-once, read-many (WORM) policies. It prevents modification or deletion of data for a specified retention period. This feature is designed for regulatory and compliance scenarios. Soft delete and versioning do not provide strict immutability guarantees. Compliance-focused storage questions are common in AZ-204.

Related Microsoft Learn topic

Develop for Azure storage

Question 24: You need to securely store application secrets such as connection strings and certificates and control access using Azure AD. Which service should you use?

The correct answer is Azure Key Vault.

Azure Key Vault is designed to securely store secrets, keys, and certificates. It integrates with Azure Active Directory for authentication and authorization. Access policies or RBAC can be used to control who or what can retrieve secrets. Applications can access Key Vault without storing credentials by using managed identities. This service is a core security component frequently tested in AZ-204.

Related Microsoft Learn topic

Implement Azure security

Question 25: Managed identities eliminate the need to store credentials in application code when accessing Azure resources.

The correct answer is true.

Managed identities provide an automatically managed identity in Azure AD. Applications use this identity to authenticate to Azure services without embedded secrets. Azure handles credential rotation automatically. This significantly reduces the risk of credential leakage. Managed identities are a best practice and commonly appear in exam scenarios.

Related Microsoft Learn topic

Implement Azure security

Question 26: Which Azure services can directly integrate with Azure Key Vault using managed identities? Choose 2 answers.

The correct answers are Azure App Service and Azure Functions.

Both services support managed identities for authenticating to Azure Key Vault. This allows applications to retrieve secrets securely at runtime. Azure Virtual Network and DNS do not authenticate to Key Vault directly. Azure DevOps Pipelines uses service connections rather than managed identities. Understanding service-to-service authentication is critical for secure application design.

Related Microsoft Learn topic

Implement Azure security

Question 27: You need to grant an application read-only access to secrets stored in Azure Key Vault. What should you configure?

The correct answer is Key Vault access policy or RBAC role.

Azure Key Vault supports fine-grained access control for secrets, keys, and certificates. You can assign permissions such as read-only access. This ensures the application cannot modify or delete secrets. Access is enforced through Azure AD authentication. Proper permission scoping is an important security concept in AZ-204.

Related Microsoft Learn topic

Implement Azure security

Question 28: Azure App Service supports TLS configuration to enforce HTTPS-only communication.

The correct answer is true.

Azure App Service allows enforcing HTTPS-only access to applications. TLS versions and certificate bindings can be configured. This ensures encrypted communication between clients and the application. HTTPS enforcement is a basic but critical security measure. Transport security topics are frequently included in exam questions.

Related Microsoft Learn topic

Implement Azure security

Question 29: Which capabilities are provided by Azure Active Directory when securing applications? Choose 3 answers.

The correct answers are Authentication and authorization, Role-based access control, and Conditional access policies.

Azure AD provides identity-based access management for applications and users. RBAC enables assigning permissions based on roles. Conditional access enforces policies such as MFA or location-based restrictions. Azure AD does not perform network packet inspection. These identity features are central to Azure security architecture.

Related Microsoft Learn topic

Implement Azure security

Question 30: You need to allow an Azure Function to access a storage account without using access keys. What should you use?

The correct answer is Managed identity with RBAC.

Managed identities allow Azure Functions to authenticate to Azure Storage using Azure AD. RBAC roles such as Storage Blob Data Reader can be assigned. This avoids using long-lived access keys. Azure automatically manages credential rotation. This approach is recommended for secure application access.

Related Microsoft Learn topic

Implement Azure security

Question 31: A Shared Access Signature can be configured with an expiration time and limited permissions.

The correct answer is true.

Shared Access Signatures provide delegated access to Azure Storage resources. They can be scoped to specific permissions such as read or write. SAS tokens include an expiration time to limit exposure. They are commonly used for temporary or external access. Correct SAS usage is often tested in security scenarios.

Related Microsoft Learn topic

Implement Azure security

Question 32: You need to ensure that traffic between an Azure Web App and a backend API is encrypted in transit. What should you configure?

The correct answer is TLS/HTTPS for the application endpoints.

TLS ensures data is encrypted while in transit between services. Azure Web Apps support HTTPS bindings and certificate configuration. This protects sensitive data from interception. Azure Policy and storage encryption address different security concerns. Transport-level encryption is a foundational security requirement.

Related Microsoft Learn topic

Implement Azure security

Question 33: You need to collect application logs, request traces, and performance metrics for an Azure App Service application. Which service should you use?

The correct answer is Azure Application Insights.

Application Insights is designed to collect telemetry such as request rates, response times, failures, and dependencies. It provides distributed tracing and application-level logging. Developers can query data using Kusto Query Language for detailed analysis. The service integrates natively with Azure App Service and Azure Functions. Monitoring application behavior is a key objective in the AZ-204 exam.

Related Microsoft Learn topic

Monitor, troubleshoot, and optimize Azure solutions

Question 34: Azure Monitor can collect metrics and logs from Azure resources and route them to multiple destinations.

The correct answer is true.

Azure Monitor is the central service for collecting metrics and logs in Azure. It aggregates platform metrics, resource logs, and application telemetry. Data can be routed to Log Analytics workspaces, Event Hubs, or storage accounts. This enables flexible monitoring and integration with external tools. Understanding Azure Monitor’s role is essential for troubleshooting scenarios.

Related Microsoft Learn topic

Monitor, troubleshoot, and optimize Azure solutions

Question 35: Which capabilities are provided by Azure Application Insights? Choose 2 answers.

The correct answers are Distributed tracing and Live metrics stream.

Live metrics allow real-time visibility into application performance. Distributed tracing helps track requests across multiple services and dependencies. These features assist in diagnosing performance bottlenecks. Application Insights focuses on application behavior rather than infrastructure security. These monitoring capabilities are commonly referenced in AZ-204 questions.

Related Microsoft Learn topic

Monitor, troubleshoot, and optimize Azure solutions

Question 36: You need to reduce response time for frequently accessed data in a web application. Which optimization technique should you implement?

The correct answer is Implement caching.

Caching stores frequently accessed data closer to the application or user. This reduces repeated calls to backend services or databases. It improves response time and lowers resource consumption. Azure services such as Azure Cache for Redis are commonly used for this purpose. Performance optimization through caching is a recurring exam topic.

Related Microsoft Learn topic

Monitor, troubleshoot, and optimize Azure solutions

Question 37: You need to publish events from an application so that multiple subscribers can react independently. Which Azure service should you use?

The correct answer is Azure Event Grid.

Azure Event Grid is designed for event-based architectures with multiple subscribers. It uses a push model to notify subscribers when events occur. Event Grid supports filtering and routing based on event types. It integrates with many Azure services and custom webhooks. This pattern enables loose coupling between publishers and consumers.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 38: Azure Service Bus supports both queue-based and publish-subscribe messaging patterns.

The correct answer is true.

Azure Service Bus provides queues for point-to-point communication. It also provides topics and subscriptions for publish-subscribe scenarios. Messages are stored durably until they are consumed. This ensures reliable message delivery. Understanding messaging patterns is fundamental for integration questions.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 39: Which features are provided by Azure Service Bus? Choose 3 answers.

The correct answers are Dead-letter queues, Message sessions, and Guaranteed message ordering.

Service Bus ensures reliable and ordered message delivery. Dead-letter queues capture messages that cannot be processed successfully. Message sessions enable FIFO processing and stateful workflows. These features support enterprise messaging scenarios. They differentiate Service Bus from lighter messaging services.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 40: You need to expose a REST API and secure it using OAuth 2.0 with minimal custom code. Which service should you use?

The correct answer is Azure API Management.

API Management provides a gateway for publishing and securing APIs. It supports OAuth 2.0, OpenID Connect, and subscription keys. Policies can be applied for rate limiting and transformation. It reduces the need for custom authentication logic. API Management is frequently tested in integration scenarios.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 41: Azure Event Grid guarantees message delivery by persisting events until they are processed.

The correct answer is false.

Azure Event Grid uses a push-based delivery model. Events are retried for a limited time but are not persisted indefinitely. For guaranteed delivery, services like Azure Service Bus should be used. Event Grid is optimized for reactive event notifications. Understanding these delivery guarantees is important for architectural decisions.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 42: Which authentication methods are supported by Azure API Management? Choose 2 answers.

The correct answers are OAuth 2.0 and Client certificates.

0. Azure API Management supports OAuth 2.0 for token-based authentication. Client certificates can be used for mutual TLS authentication. These mechanisms secure API access at the gateway level. Storage keys and SAS are unrelated to API authentication. API security is a key topic in AZ-204.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 43: You need to process messages asynchronously with guaranteed delivery and support for transactions. Which service should you choose?

The correct answer is Azure Service Bus.

Service Bus provides durable messaging with transaction support. It guarantees message delivery even during failures. It supports queues and topics for different messaging patterns. Event Hubs is optimized for telemetry ingestion, not transactional messaging. This distinction is commonly tested.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 44: Azure Event Hubs is primarily designed for high-throughput telemetry and streaming data ingestion.

The correct answer is true.

Azure Event Hubs is optimized for ingesting large volumes of events. It is commonly used for telemetry, logging, and streaming scenarios. Event Hubs supports partitioning for scalability. It integrates with analytics services like Azure Stream Analytics. This service differs significantly from Service Bus.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 45: Which scenarios are suitable for Azure Event Hubs? Choose 2 answers.

The correct answers are IoT telemetry ingestion and Website clickstream analytics.

Event Hubs is designed for large-scale event ingestion. It handles high throughput and low latency requirements. Transactional workflows are better suited for Service Bus. Request-response APIs require different communication models. Choosing the correct messaging service is essential for scalability.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 46: You need to call a third-party REST API from an Azure Function and handle transient failures. What should you implement?

The correct answer is Retry logic with exponential backoff.

Transient failures are common when calling external services. Exponential backoff reduces load during repeated failures. Azure Functions supports retry policies through configuration. This improves resilience without complex code. Reliable integration is a core AZ-204 objective.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 47: Azure Logic Apps can orchestrate workflows that integrate Azure services and external systems.

The correct answer is true.

Azure Logic Apps is a workflow automation service. It provides connectors for Azure services and third-party systems. Logic Apps supports conditional logic, retries, and error handling. It enables low-code integration solutions. This service is often compared with Azure Functions in exams.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 48: Which capabilities are provided by Azure Logic Apps? Choose 3 answers.

The correct answers are Built-in connectors, Workflow orchestration, and Automatic retry policies.

Logic Apps simplifies integration using prebuilt connectors. It supports long-running workflows with state management. Automatic retries improve reliability. VM image creation and kernel monitoring are unrelated. Logic Apps is commonly tested for integration scenarios.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 49: You need to expose multiple backend APIs through a single endpoint with request throttling. Which service should you configure?

The correct answer is Azure API Management.

API Management acts as a facade for backend APIs. It supports request throttling and quota enforcement. Policies can be applied consistently across APIs. This centralizes governance and security. These capabilities are core to API Management exam questions.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Question 50: Azure Service Bus messages can be processed more than once and applications should be designed to be idempotent.

The correct answer is true.

Service Bus provides at-least-once delivery guarantees. Duplicate message processing can occur in failure scenarios. Applications should be designed to handle idempotency. This ensures correctness even when retries happen. Message processing semantics are frequently tested.

Related Microsoft Learn topic

Connect to and consume Azure services and third-party services

Comments