Microsoft Certified: Azure Administrator Associate (AZ-104) Practice Test

This certification is designed for IT professionals who actively administer Azure cloud environments, typically with a minimum of six months of hands-on Azure experience. Target job roles include Azure Administrator, Cloud Engineer, Azure Systems Administrator, Cloud Support Engineer, and Cloud Operations Analyst. It is particularly suited to professionals transitioning from on-premises infrastructure roles (sysadmins, network admins) into cloud-focused positions, as well as those already working in Azure who want to formalize and validate their skills.

Candidates pursuing advancement into cloud security (AZ-500), DevOps (AZ-400), or Solutions Architect (AZ-305) roles will also find AZ-104 a required or strongly recommended stepping stone, as it establishes the administrative foundation those advanced certifications build upon.

There are no mandatory prerequisite certifications for AZ-104 — it does not require passing AZ-900 (Azure Fundamentals) first, though completing that exam is helpful for those new to Azure concepts. Microsoft recommends at least six months of practical experience administering Azure resources before attempting the exam.

Candidates should have hands-on familiarity with the Azure portal, Azure CLI, and PowerShell for managing resources, as well as working knowledge of Azure Resource Manager templates and Bicep files. A background in traditional IT infrastructure — including networking concepts (DNS, routing, NSGs, load balancing), server administration, operating systems, and virtualization — is strongly recommended, as many exam scenarios assume this foundational knowledge. Experience with Microsoft Entra ID (formerly Azure Active Directory) for identity and access management is also expected.

The AZ-104 exam is proctored and delivered through Pearson VUE, either at a testing center or via online proctoring. Candidates are given 100 minutes to complete the assessment. The exam may include interactive lab-based components (e.g., tasks performed in a live or simulated Azure environment) in addition to standard multiple-choice, case study, drag-and-drop, and scenario-based questions; the exact number of questions varies per administration and is not published by Microsoft.

A score of 700 out of 1000 is required to pass. Scoring is scaled, meaning it does not correspond directly to a raw percentage of correct answers. If a candidate fails on the first attempt, a retake is permitted after 24 hours; subsequent retake waiting periods vary per Microsoft's retake policy. The certification is valid for one year and can be renewed at no cost by passing an online renewal assessment on Microsoft Learn.

• 1.Manage Azure identities and governance (20–25%): Covers managing Microsoft Entra users and groups (creating users/groups, managing properties and licenses, configuring self-service password reset), managing access to Azure resources via built-in roles and role assignments at different scopes, and managing Azure subscriptions and governance through Azure Policy, resource locks, tagging, resource groups, management groups, subscription management, and cost management using Azure Advisor and budgets.
• 2.Implement and manage storage (15–20%): Covers configuring access to storage (SAS tokens, stored access policies, access keys, Azure Storage firewalls, identity-based access for Azure Files), configuring and managing storage accounts (redundancy, object replication, encryption, Azure Storage Explorer, AzCopy), and configuring Azure Files and Blob Storage (file shares, blob containers, storage tiers, soft delete, lifecycle management, snapshots, and blob versioning).
• 3.Deploy and manage Azure compute resources (20–25%): Covers automating resource deployment using ARM templates and Bicep files, creating and configuring virtual machines (disk encryption, availability zones/sets, VM Scale Sets, disk and size management), provisioning and managing containers via Azure Container Registry, Container Instances, and Container Apps, and creating and configuring Azure App Service (App Service plans, scaling, TLS certificates, custom DNS, deployment slots, backup, and networking settings).
• 4.Implement and manage virtual networking (15–20%): Covers configuring and managing virtual networks and subnets, VNet peering, public IP addresses, user-defined routes, and troubleshooting network connectivity. Also includes configuring secure access via NSGs, application security groups, Azure Bastion, service endpoints, and private endpoints for PaaS services, plus configuring Azure DNS, internal and public load balancers, and troubleshooting load balancing.
• 5.Monitor and maintain Azure resources (10–15%): Covers monitoring Azure resources using Azure Monitor (metrics, log settings, log queries, alert rules, action groups, and Insights for VMs, storage, and networks), using Azure Network Watcher and Connection Monitor, and implementing backup and recovery using Azure Backup, Recovery Services vaults, Azure Backup vaults, backup policies, Azure Site Recovery for regional failover, and interpreting backup reports and alerts.

• Use the official Microsoft Learn AZ-104 learning paths (free, self-paced) as your primary study resource — they are structured to match the exam domains exactly and include hands-on sandbox exercises at no cost.
• Take the free official Practice Assessment on Microsoft Learn (assessmentId=21) before and after studying each domain. It mirrors the style, wording, and difficulty of real exam questions and provides explanations for correct answers.
• Spin up a free Azure trial account and complete hands-on tasks for every major topic: create VNets, configure NSGs, deploy VMs, set up storage accounts with SAS tokens, configure Azure Monitor alerts, and practice ARM/Bicep deployments. Hands-on experience is critical for the interactive lab components.
• Study the official AZ-104 Study Guide on Microsoft Learn (aka.ms/AZ104-StudyGuide) to review the precise skills measured and sub-objectives. Pay particular attention to the two highest-weighted domains — Manage Azure identities and governance and Deploy and manage Azure compute resources — which together account for 40–50% of the exam.
• Use the Azure Exam Sandbox (aka.ms/examdemo) to familiarize yourself with question types before exam day, especially interactive/lab-based items, so the format does not slow you down during the real exam.
• Watch the Exam Readiness Zone video series on Microsoft Learn (search 'AZ-104 Exam Readiness Zone') for expert tips on each of the five exam domains, including common pitfalls and key concepts to focus on.
• When studying virtual networking, practice troubleshooting scenarios in Azure Network Watcher — real exam questions frequently test your ability to diagnose connectivity issues, evaluate effective NSG security rules, and configure Azure Bastion and private endpoints correctly.

Earning the AZ-104 certification opens access to a strong and growing job market, with Azure administrator roles reporting U.S. salaries generally in the range of $88,000–$161,000 annually depending on experience, location, and employer. Certified professionals typically see a 15–20% salary premium over non-certified peers in equivalent roles. Common job titles held by AZ-104 holders include Azure Administrator, Cloud Engineer, Azure Systems Administrator, and Cloud Operations Analyst, with experienced professionals moving into hybrid roles such as Cloud Security Analyst or progressing toward Solutions Architect and DevOps Engineer tracks.

Microsoft Azure holds approximately 20% of the global cloud market and is the dominant platform in enterprise, government, healthcare, and financial services sectors, creating consistent demand for certified administrators. The AZ-104 also serves as a direct prerequisite or recommended foundation for higher-level Microsoft certifications including AZ-500 (Azure Security Engineer Associate), AZ-400 (DevOps Engineer Expert), and AZ-305 (Azure Solutions Architect Expert). Compared to AWS Certified SysOps Administrator and Google Associate Cloud Engineer, AZ-104 is particularly competitive in enterprise-heavy industries where Microsoft's ecosystem — including Microsoft 365, Active Directory, and hybrid cloud via Azure Arc — is deeply embedded.