Practice Entra ID Questions Now

Start a timed practice session focusing on Microsoft Entra ID Management topics from the AZ-104 question bank.

AZ-104 Entra ID Question Bank (15 Questions)

Browse all 15 practice questions covering Microsoft Entra ID Management for the AZ-104 certification exam. Answers are intentionally hidden on this page so you can self-test first before checking results in quiz mode.

Question 1Manage Azure identities and governance
An administrator creates a new Azure AD user account. The user reports they cannot sign in to the Azure portal. The administrator verifies that the account is enabled and the password is correct. What is the most likely cause?
AThe user is not assigned the Global Administrator role
BMulti-Factor Authentication (MFA) is enforced but not yet configured for the user
CThe user account was created in the wrong subscription
DThe user does not have a valid Azure AD Premium P2 licence
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 2Manage Azure identities and governance
What is the maximum number of Azure AD (Microsoft Entra ID) tenants you can create with a single Azure account?
A1
B5
C20
DNo set limit
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 3Manage Azure identities and governance
Which PowerShell module is used to manage Azure AD (Microsoft Entra ID) objects?
AAz.Accounts
BAz.Resources
CMicrosoft.Graph PowerShell (or AzureAD module)
DAz.Network
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 4Manage Azure identities and governance
What is the purpose of Azure AD 'role-assignable groups'?
AGroups that can only be assigned RBAC roles on Azure resources
BSecurity groups that can be assigned Azure AD directory roles, providing role assignment to all group members simultaneously
CGroups that auto-assign roles based on user attributes
DGroups that can only have one role assigned at a time
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 5Manage Azure identities and governance
Which Azure AD feature allows you to group users and assign permissions to the group rather than to each user individually?
AConditional Access Policies
BAzure AD Groups
CEnterprise Applications
DService Principals
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 6Manage Azure identities and governance
A Global Administrator wants to ensure that all users in the organization must use MFA. Which Azure AD feature enforces this most broadly?
AIndividual MFA settings per user
BConditional Access Policy requiring MFA for all users
CAzure AD Identity Protection user risk policy
DSecurity defaults
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 7Manage Azure identities and governance
Which Azure AD feature allows users to reset their own passwords without administrator intervention?
AAzure AD MFA
BSelf-Service Password Reset (SSPR)
CConditional Access
DAzure AD Password Protection
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 8Manage Azure identities and governance
A company wants all new users in Azure AD to be automatically assigned to a specific group. Which Azure AD feature supports this?
AManual group membership
BAzure AD Dynamic Group with membership rules based on user attributes
CConditional Access group policies
DAzure AD Connect sync rules
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 9Manage Azure identities and governance
Which Azure AD feature can analyze whether users' access rights are still appropriate and enable periodic recertification?
APIM eligible roles
BAzure AD Access Reviews
CConditional Access
DMicrosoft Compliance Manager
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 10Manage Azure identities and governance
Which Azure AD feature prevents users from setting passwords found in known breached password lists?
APassword expiration policies
BAzure AD Password Protection (global banned password list)
CConditional Access sign-in risk policy
DSSPR authentication methods
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 11Manage Azure identities and governance
How can an Azure AD administrator bulk create users?
AOnly one at a time through the portal
BImport a CSV file through the Azure portal bulk create feature
CUsing the Azure mobile app
DThrough Azure Cost Management
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 12Manage Azure identities and governance
Which Azure AD security feature can automatically require users to re-authenticate if their session is detected as compromised?
APassword Protection
BIdentity Protection user risk policy
CPIM eligible role activation
DConditional Access sign-in frequency policy
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 13Manage Azure identities and governance
Which Azure AD feature enables users to manage their own group memberships and register applications without administrator approval?
ASelf-service password reset
BAzure AD Self-Service Group Management
CConditional Access
DAzure AD B2C
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 14Manage Azure identities and governance
Which Azure PowerShell command lists all users in Azure AD?
AGet-AzADUser
BGet-AzureADUser
CGet-MgUser (Microsoft Graph module)
DList-AzUser
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz
Question 15Manage Azure identities and governance
Which Azure AD feature controls which applications users can access and adds an additional layer of sign-on requirements (like app-level MFA)?
AApplication registrations
BConditional Access with app-based conditions
CAzure AD Enterprise Application user assignment and access policies
DAzure RBAC application roles
Answer hidden for practice.
Use the interactive quiz to reveal the correct answer and explanation.
Start AZ-104 Quiz

Key Entra ID Concepts for AZ-104

entra idazure adusersgroupslicensesadministrative unitsexternal identitiesbulk operations

AZ-104 Entra ID Exam Tips

Microsoft Entra ID Management questions in AZ-104 are typically scenario-based. Focus on day-to-day Azure administration, identity, network, compute, storage, and monitoring. Priority concepts: entra id, azure ad, users, groups, licenses, administrative units.

What AZ-104 Expects

Anchor your answer in prioritize operationally practical configurations and least-privilege administration.
Entra ID scenarios for AZ-104 are frequently mapped to Domain 1 (20-25%), so read the objective carefully before picking controls or architecture.
Expect multi-topic scenarios where Entra ID interacts with identity, networking, governance, or monitoring patterns rather than appearing as an isolated question.
When two options are both technically valid, prefer the choice that best aligns with the exam's operational scope (Associate) and vendor best practices.

High-Value Entra ID Concepts

Know the core Entra ID building blocks cold: entra id, azure ad, users, groups.
Review the edge-case features and limits for licenses, administrative units; these details are commonly used to differentiate answer choices.
Practice service-integration reasoning: how Entra ID pairs with RBAC, Governance in real deployment patterns.
For AZ-104, explain why the chosen Entra ID design meets reliability, security, and cost expectations better than the alternatives.

Common AZ-104 Traps

Watch for forgetting scope inheritance and RBAC precedence.
Questions in Manage Azure Identities and Governance often include distractors that look correct for Entra ID but violate least-privilege, compliance, or availability requirements.
Avoid picking options purely by feature name; validate data path, failure handling, and governance impact before answering.
If the prompt hints at automation or repeatability, eliminate manual-only operational answers first.

Fast Review Checklist

Can you compare at least two Entra ID implementation paths and justify which one best fits the scenario?
Can you map the chosen answer back to Manage Azure Identities and Governance (20-25%) outcomes for AZ-104?
Can you explain security and access boundaries for Entra ID without relying on default-open assumptions?
Can you describe how Entra ID integrates with RBAC and Governance during failure, scaling, and monitoring events?

Exam Domains Covering Entra ID

Domain 1Manage Azure Identities and Governance20-25%

Related Resources

🎯 Free AZ-104 Mock Exam RBAC Questions Governance Questions

More AZ-104 Study Resources

← AZ-104 Study Hub 30-Day Study Plan Full Practice Exam

👤 Microsoft Entra ID Management - AZ-104 Practice Questions