Microsoft AZ-700 Practice Test - Questions Answers, Page 21
Question list
List of questions
Related questions
You have an Azure subscription that contains the resources shown in the following table.
You need to ensure that the virtual machines can access storage1, storage2, and DB1 by using service endpoints.
What is the minimum number of service endpoints you should create?
DRAG DROP
You have two Azure subscriptions named Sub1 and Sub2 that contain the resources shown in the following table.
VNet1 and VNet2 are NOT connected.
You plan to create an Azure Private Link service named Link1 that will be used to connect VNet1 and VNet2. You need to ensure that Link1 meets the following requirements:
* Ensures that VM1 can connect only to a web app hosted on VM2
* Prevents VM1 from connecting to the other resources that are connected to VNet2
Which additional resources should you create for each virtual network? To answer, drag the appropriate resources to the correct virtual networks. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
DRAG DROP
You have an Azure subscription that contains the resources shown in the following table.
You discover that users connect directly to App1.
You need to meet The following requirements:
* Administrators must only access App1 by using a private endpoint.
* All user connections to App1 must be routed through FD1.
* The downtime of connections to App1 must be minimized.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.
You have an instance of Azure Web Application Firewall (WAF) on Azure Front Door.
You plan to create a WAF rule that will block high rates of requests from a single IP address.
You need to query Log Analytics to identify the optimal threshold for the rule.
Which table should you query in Log Analytics?
You have the Azure subscriptions shown in the following table.
Each virtual network contains 20 internet-accessible resources that are assigned public IP addresses.
You need to implement Azure DDoS Network Protection to protect the resources. The solution must minimize costs.
What is the minimum number of DDoS Network Protection plans you should deploy?
HOTSPOT
You plan to implement an Azure Virtual WAN named VWAN1 that will contain a hub named Hub1. VWAN1 will include the virtual networks shown in the following table.
You need to ensure that hosts connected to VNet1 can communicate with hosts connected to VNet3.
How should you configure the routing tables for VWAN1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
HOTSPOT
You have an Azure subscription that contains the resources shown in the following table.
Each virtual network contains 20 virtual machines and a subnet that has an IP address space of /24.
You need to ensure that you can access the virtual machines from the internet by using Azure Bastion.
What is the minimum number of bastion subnets you should deploy, and what is the smallest supported IP address space for each bastion subnet? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
OTSPOT
You have an Azure subscription that contains the resources shown in the following table.
You need to ensure that network traffic is routed over the Azure backbone network for the following scenarios:
* Traffic from SQIMI1 to storage1
* Traffic from domain joined servers on VNet2 to storage1
The solution must minimize costs.
What should you configure for each scenario? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an on-premises network named Site1.
You have an Azure subscription that contains a storage account named storage1 and a virtual network named VNet1. VNet1 contains a subnet named Subnet1. A private endpoint for storage1 is connected to Subnet1 Site1 is connected to VNet1 by using a Site-to-Site (S2S) VPN.
You need to control access to storage1 from Site1 by using network security groups (NSGs).
What should you do first?
You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains a subnet named Subnet1.
You plan to add a private endpoint to Subnet1.
You need to ensure that you can route traffic between the private endpoint and the Azure Private Link service by using a user-defined route.
What should you do first on Subnet1?
Question