AzureAZ-104

Azure Backup and Site Recovery Explained for AZ-104

Backup and disaster recovery are not the same problem, even though both involve restoring after something goes wrong. Backup protects against data loss from accidental deletion, corruption, or ransomware: you restore a previous version of the data. Disaster recovery protects against the loss of an entire environment, typically a whole region or datacenter: you fail over to a replica running in another location. Azure Backup handles the first problem. Azure Site Recovery (ASR) handles the second. The AZ-104 exam tests Recovery Services vaults, backup policies, retention, soft delete, ASR replication concepts, and the relationship between RPO, RTO, and the tools used to meet them.

7 min

3 sections · 8 exam key points

Azure Backup and Recovery Services vaults

Azure Backup stores backup data in a Recovery Services vault, a storage entity that holds both Azure Backup and Azure Site Recovery data. Creating a vault in a specific region and subscription is the first step before protecting any resource. The vault stores backup copies and applies backup policies that define the schedule and retention.

Backup policies define two things: how often to back up (hourly, daily, weekly) and how long to retain each backup (daily points for 7 days, weekly points for 4 weeks, monthly points for 12 months, yearly points for N years). Longer retention requires more storage. You can apply different policies to different VMs within the same vault depending on their recovery point objective requirements. Azure Backup supports Azure VMs, SQL Server in Azure VMs, SAP HANA in Azure VMs, Azure Files shares, blobs, and on-premises workloads via the MARS agent.

Soft delete in Azure Backup retains deleted backup data for an additional 14 days after you stop protecting a workload and delete its backup. During those 14 days, the backup data appears as soft-deleted and can be recovered. This protects against scenarios where ransomware or a malicious actor deletes backups to prevent recovery. Soft delete is enabled by default on Recovery Services vaults and should not be disabled in production environments.

Azure Site Recovery and disaster recovery concepts

Recovery Point Objective (RPO) is the maximum acceptable amount of data loss measured in time: if your RPO is 1 hour, you can tolerate losing up to 1 hour of transactions. Recovery Time Objective (RTO) is the maximum acceptable downtime: if your RTO is 4 hours, your business can tolerate being down for up to 4 hours during a disaster. These two metrics drive every disaster recovery design decision: a lower RPO requires more frequent replication, and a lower RTO requires more pre-provisioned infrastructure at the recovery site.

Azure Site Recovery replicates VMs from a primary location to a secondary location continuously. For Azure-to-Azure scenarios (replicating VMs from one region to another), ASR replicates disk changes in near-real-time, maintaining a crash-consistent recovery point every 5 minutes and an application-consistent recovery point hourly. When you initiate a failover, ASR starts the VM replicas in the target region using the latest recovery point. Failover can be planned (graceful, no data loss) or unplanned (immediate, possible minimal data loss based on replication lag).

Failback brings workloads back to the primary region after the disaster is resolved. ASR supports failback for Azure-to-Azure replication. Recovery plans in ASR define the order in which VMs are started during failover, with the ability to add manual steps, custom scripts, and Azure Automation runbooks between VM groups. A recovery plan ensures that database servers start before application servers, which start before web servers.

How to choose the correct answer

Recovery Services vault: required for both Azure Backup and Azure Site Recovery data. Region-specific.

Backup policy: frequency (hourly/daily) and retention (daily, weekly, monthly, yearly points).

Soft delete: 14-day retention of deleted backup data. Protects against accidental or malicious deletion.

RPO: maximum data loss tolerance in time. ASR provides 5-minute crash-consistent recovery points for Azure VMs.

RTO: maximum acceptable downtime. Lower RTO requires pre-staged infrastructure in the secondary region.

ASR failover types: planned (no data loss, graceful), unplanned (immediate, small possible loss).

Recovery plan: ordered multi-VM failover with scripted steps. Ensures correct startup sequence.

MARS agent: backs up on-premises Windows machines to Azure Recovery Services vault.

Azure Backup vs Azure Site Recovery

Capability	Azure Backup	Azure Site Recovery
Purpose	Protect against data loss, corruption	Protect against site/region failure
Recovery type	Restore specific backup points	Failover entire VM to secondary region
RPO	Depends on backup frequency (hours)	Minutes (continuous replication)
RTO	Hours (restore from backup)	Minutes to hours (fail over pre-replicated VMs)
Storage	Backup vault storage (GRS optional)	Replicated disks in target region
Scenario	Accidental deletion, ransomware	Datacenter or region outage

Key exam facts — AZ-104

Recovery Services vault: holds Backup and ASR data. Create before protecting any resource.
Backup policy: defines backup schedule and retention duration at each tier (daily, weekly, monthly, yearly).
Soft delete: 14 additional days of data retention after backup deletion. Enabled by default.
ASR: crash-consistent recovery point every 5 minutes, application-consistent hourly for Azure VMs.
Planned failover: graceful, zero data loss. Unplanned failover: immediate, possible minimal data loss.
RPO and RTO: RPO = data loss tolerance. RTO = downtime tolerance. Both drive architecture decisions.
Recovery plan: defines VM failover order, groups, and automation steps for orchestrated DR.
Azure Backup for VMs: snapshot-based, application-consistent, stored in vault with GRS by default.

Common exam traps

Azure Backup and Azure Site Recovery both protect against regional disasters.

Azure Backup stores backup copies in the same vault region (with optional geo-redundant replication of the vault storage). It is designed for point-in-time restoration of data, not for keeping a running replica ready for failover. Azure Site Recovery continuously replicates VMs to a secondary region and can fail over in minutes. For regional disaster recovery with short RTO, ASR is the correct service.

A shorter RPO always requires more storage but nothing else.

A shorter RPO requires more frequent recovery points, which does use more storage. But it also requires more frequent application-consistent snapshots, which can briefly quiesce applications during creation, and faster replication to the secondary location. Very short RPOs (minutes) may require synchronous replication, which adds latency to every write operation at the primary site.

Disabling soft delete on an Azure Backup vault is a safe way to immediately free up storage.

Disabling soft delete removes a critical protection layer. If backup data is deleted (accidentally, or by ransomware that has compromised admin credentials), soft delete is the last line of defense that allows recovery within 14 days. Disabling it means that deleted backups are immediately and permanently unrecoverable. The correct approach to manage backup storage costs is to adjust retention policies, not to disable soft delete.

Practice this topic

AZ-104practice questions

Test yourself on Backup & Site Recovery

JT Exams routes you to questions in your exact weak areas — automatically, after every session.

Free practice test Start 7-Day Free Trial

No credit card · Cancel anytime