Microsoft AZ-700 Practice Test - Questions Answers, Page 10

You have an Azure subscription that contains a user named Admin1 and a resource group named RG1.

RG1 contains an Azure Network Watcher instance named NW1.

You need to ensure that Admin1 can place a lock on NW1. The solution must use the principle of least privilege. Which role should you assign to Admin1?

You have an Azure virtual network that contains two subnets named Subnet1 and Subnet2. Subnet1 contains a virtual machine named VM1. Subnet2 contains a virtual machine named VM2. You have two network security groups (NSGs) named NSG1 and NSG2. NSG1 has 100 inbound security rules and is associated to VM1. NSG2 has 200 inbound security rules and is associated to Subnet1. VM2 cannot connect to VM1.

You suspect that an NSG rule blocks connectivity.

You need to identify which rule blocks the connection. The issue must be resolved as quickly as possible. Which Azure Network Watcher feature should you use?

You have an Azure Front Door instance that has a single frontend named Frontend1 and an Azure Web Application Firewall (WAF) policy named Policy1. Policy1 redirects requests that have a header containing "string1" to https:// www.contoso.com/redirect1. Policy1 is associated to Frontend1.

You need to configure additional redirection settings. Requests to Frontend1 that have a header containing "string2" must be redirected to https://www.contoso.com/redirect2. Which three actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

HOTSPOT

You have the network security groups (NSGs) shown in the following table.

In NSG1, you create inbound rules as shown in the following table.

You have the Azure virtual machines shown in the following table.

NSG2 has only the default rules configured.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You have an Azure subscription that contains the virtual networks shown in the following table.

You plan to deploy an Azure firewall named AF1 to RG1 in the West US Azure region.

To which virtual networks can you deploy AF1?

HOTSPOT

You have an Azure subscription that contains a single virtual network and a virtual network gateway. You need to ensure that administrators can use Point-to-Site (P2S) VPN connections to access resources in the virtual network. The connections must be authenticated by Azure Active Directory (Azure AD).

What should you configure? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You need to use Traffic Analytics to monitor the usage of applications deployed to Azure virtual machines. Which Azure Network Watcher feature should you implement first?

HOTSPOT

You have two Azure subscriptions named Subscription1 and Subscription2.

There are no connections between the virtual networks in two subscriptions.

You configure a private link service as shown in the privatelinkservice1 exhibit. (Click the privatelinkservice1 tab.)

You create a load balancer name in Subscription1 and configure the backend pool shown in the lb1 exhibit. (Click tie 1b1 tab.)

You create a private endpoint in Subscription2 as shown in the privateendpoint4 exhibit. (Click the privateendpoint4)

For each of the following statements, select YES if the statement is true. Otherwise. select No.

HOTSPOT

You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2. You have the NAT gateway shown in the NATgateway1 exhibit, (Click the NATgateway1 tab)

You have the virtual machine shown in the VM1 exhibit, (Click the VM1 tab)

Subnet1 is configured as shown in the Subnet1 exhibit, (Click the Subnet1 tab)

For each of the following statements, select Yes if the statement is true. Otherwise, select No