You need to add VM1 and VM2 to the backend poo! of LB1.

Microsoft AZ-104 Question Answer

You need to add VM1 and VM2 to the backend poo! of LB1. What should you do first?

Create a new NSG and associate the NSG to VNET1/Subnet1.

Connect VM2 to VNET1/Subnet1.

Redeploy VM1 and VM2 to the same availability zone.

Redeploy VM1 and VM2 to the same availability set.

Explanation:

In Azure, Load Balancers distribute network traffic across multiple virtual machines (VMs) to ensure high availability and reliability. To add virtual machines to the backend pool of an Azure Load Balancer, the following key conditions must be met according to the Microsoft Azure Administrator documentation:

All VMs in the backend pool must be connected to the same virtual network (VNet) as the Load Balancer.

The Load Balancer (in this case, LB1) is configured for internal load balancing on VNET1/Subnet1 as per the technical requirements of the case study.

The backend pool can include network interfaces (NICs) from VMs within the same region and VNet.

Step-by-step analysis:

From the case study data:

Location

Connected to

IP Address

VM1

West US

VNET1/Subnet1

10.0.1.4

VM2

West US

VNET1/Subnet2

10.0.2.4

LB1

Internal Basic Load Balancer

Connected to VNET1/Subnet1

—

Observation:

VM1 is already connected to VNET1/Subnet1, where the internal Load Balancer LB1 is also deployed.

VM2, however, is connected to VNET1/Subnet2, which is a different subnet within the same virtual network.

According to Microsoft Learn (“Configure backend pools in Azure Load Balancer”):

“All network interfaces in the backend pool must be within the same virtual network as the load balancer. You cannot add VMs connected to different VNets or subnets not associated with the load balancer’s front-end configuration.”

Therefore, before you can add VM2 to the backend pool, you must ensure that its network interface is attached to VNET1/Subnet1, the same subnet used by LB1.

Only after this step will both VMs (VM1 and VM2) be eligible for inclusion in LB1’s backend pool.

Incorrect Option Analysis:

A. Create a new NSG and associate the NSG to VNET1/Subnet1.

❌ Not required. Network Security Groups control traffic filtering, not backend pool configuration.

C. Redeploy VM1 and VM2 to the same availability zone.

❌ Availability Zones only matter for redundancy and failover, not for backend pool eligibility in a basic internal load balancer.

D. Redeploy VM1 and VM2 to the same availability set.

❌ Basic Load Balancers can distribute traffic across VMs in the same availability set, but both VMs must already reside in the same VNet/Subnet first.

Final Verified Answer:

✅ B. Connect VM2 to VNET1/Subnet1

Reference (Microsoft Official Documentation):

Microsoft Learn: Configure the backend pool for Azure Load Balancer

Microsoft Learn: Azure Load Balancer overview

Microsoft Learn: Create and configure an internal load balancer

Microsoft Learn: Virtual network and subnet requirements for load balancing

Microsoft AZ-104 View All Questions