Microsoft AZ-700 Practice Test - Questions Answers, Page 20
Question list
List of questions
Related questions
DRAG DROP
You have an Azure subscription that contains a virtual machine named VM1. VM1 contains a NIC named NIC1 and a public IP address named PIP1.PIP1 is assigned to NIC1.
You plan to deploy four Network Virtual Appliances (NVAs).
You need to ensure that all the inbound traffic from the internet to PIP1 is inspected by the NVAs. The solution must ensure that the NVA deployment is highly available.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
HOTSPOT
You have an Azure subscription that contains a dual-stack virtual network named VNet1. VNet1 has the following IP address spaces:
* IPv4:192.168.0.0/24
* IPv6: fd0adbftdeca: deed: y48
You plan to deploy an Azure VPN gateway and multiple virtual machines to VNet1.
You need to configure the subnet masks for VNet1. The solution must meet the following requirements:
* Maximize the number of usable IP addresses.
* Support the deployment of the VPN gateway and the virtual machines.
Which subnet mask should you use for each address space? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
HOTSPOT
You have an on-premises network.
You have an Azure subscription that contains the resources shown in the following table.
You need to ensure that on-premises devices can communicate with Azure resources that are connected to Subnet4.
What should you do on each resource? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
DRAG DROP
Your on-premises network contains two subnets named Subnet1 and Subnet2. Subnet2 contains a Hyper-V host that contains two virtual machines named VM1 and VM2. VM1 and VM2 are connected to Subnet2.
You have an Azure virtual network named VNet1 that contains GatewaySubnet and a subnet named VSubnet1. VNet1 is connected to the on-premises network by using a Site-to-Site (S2S) VPN connection.
You plan to migrate VM1 to VNet1 and maintain the existing IP address of VM1. VM2 will remain on Subnet2.
You need to prepare the environment to ensure that VM1 can communicate with VM2 once the migration is complete.
Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.'
HOTSPOT
You have an Azure subscription that contains an Azure Firewall policy named FWPolicy1. You need to configure FWPolicy1 to meet the following requirements
* Allow traffic based on the FQDN of the destination.
* Allow TCP traffic based on the source.
Which types of rules should you use for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
HOTSPOT
You have art Azure subscription that contains the resources shown in the following table.
You need to restrict access to storage1 and sqI1 by using service endpoints. The solution must meet the following requirements:
* Allow access from Subnet1 to SQIDB1
* Implement service endpoint policies to restrict access to supported resources.
* Allow access from Subnet1 to storage1 and the read-only replica of storage1 in the paired Azure region.
What is the minimum number of service endpoints and service endpoint policies you should create? To answer, select the appropriate options m the answer area.
NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription. The subscription contains multiple Azure SQL Database resources and a virtual network named VNet1 that has five subnets. All the subnets are associated with a network security group (NSG) named NSG1. NSG1 blocks all outbound traffic, unless specifically allowed by a rule.
Each subnet contains 50 virtual machines. Multiple virtual machines host instances of SQL Server on Virtual Machines and will be configured to replicate with the Azure SQL Database resources.
You need to configure a new outbound rule in NSG1 to allow the SQL Server on Virtual Machines instances to connect to the Azure SQL Database resources. The solution must meet the following requirements:
* Minimize modifications to NSG1 when additional instances of SQL Server on Virtual Machines are deployed.
* Ensure that only SQL Server on Virtual Machines instances can connect to the Azure SQL Database resources.
How should you configure each setting for the new outbound rule? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains 100 network security groups (NSGs).
You need to ensure that you log the application of specific NSG rules.
Which type of log should you configure?
You are planning an Azure deployment that will contain three virtual networks in the East US Azure region as shown in the following table.
A Site-to-Site VPN will connect Vnet1 to your company's on-premises network.
You need to recommend a solution that ensures that the virtual machines on all the virtual networks can communicate with the on-premises network- The solution must minimize costs.
What should you recommend for Vnet2 and Vnet3?
HOTSPOT
You have an Azure subscription that contains a virtual machine named VM1 and a virtual network named Vnet1. Vnet1 contains three subnets named Subnet1, Subnet2 and GatewaySubnet. VM1 is connected to Subnet 1.
You plan to deploy a new virtual machine named VM2 that will perform network traffic routing and inspection.
You need to ensure that all the traffic from VM1 to the internet will be routed through VM2.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question