ExamGecko
Search Search Login
Home Home / Microsoft / AZ-700

Microsoft AZ-700 Practice Test - Questions Answers, Page 23

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You have an Azure subscription that contains the route tables and routes shown in the following table. The subscription contains the subnets shown in the following table. The subscription contains the virtual machines shown in the following table. There is a Site-to-Site VPN connection to each local network gateway. For each of the following statements, select Yes of the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT You have art Azure subscription that contains the resources shown in the following table. You need to restrict access to storage1 and sqI1 by using service endpoints. The solution must meet the following requirements: * Allow access from Subnet1 to SQIDB1 * Implement service endpoint policies to restrict access to supported resources. * Allow access from Subnet1 to storage1 and the read-only replica of storage1 in the paired Azure region. What is the minimum number of service endpoints and service endpoint policies you should create? To answer, select the appropriate options m the answer area. NOTE: Each correct selection is worth one point.
You have two Azure App Service instances that host the web apps shown the following table. You deploy an Azure application gateway that has one public frontend IP address and two backend pools. You need to publish all the web apps to the application gateway. Requests must be routed based on the HTTP host headers. What is the minimum number of listeners and routing rules you should configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2. You have the NAT gateway shown in the NATgateway1 exhibit, (Click the NATgateway1 tab) You have the virtual machine shown in the VM1 exhibit, (Click the VM1 tab) Subnet1 is configured as shown in the Subnet1 exhibit, (Click the Subnet1 tab) For each of the following statements, select Yes if the statement is true. Otherwise, select No
HOTSPOT You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2. You have the NAT gateway shown in the NATgateway1 exhibit. You have the virtual machine shown in the VM1 exhibit. Subnet1 is configured as shown in the Subnet1 exhibit. For each of the following statements, select Yes of the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You need to connect Vnet2 and Vnet3. The solution must meet the virtual networking requirements and the business requirements. Which two actions should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
HOTSPOT You have an Azure subscription that contains an app named Appl. App1 is hosted on the Azure App Service instances shown in the following table. You need to implement Azure Traffic Manager to meet the following requirements: • App1 traffic must be assigned equally to each App Service instance in each Azure region. • App1 traffic from North Europe must be routed to the Appl instances in the North Europe region. • App1 traffic from North America must be routed to the Appl instances in the East US Azure region.
You have an Azure subscription that contains a user named Admin1 and a resource group named RG1. RG1 contains an Azure Network Watcher instance named NW1. You need to ensure that Admin1 can place a lock on NW1. The solution must use the principle of least privilege. Which role should you assign to Admin1?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled. You configure the application gateway to direct traffic to the URL of the application gateway. You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error. You need to ensure that the URL is accessible through the application gateway. Solution: You create a WAF policy exclusion for request headers that contain 137.135.10.24. Does this meet the goal?
You need to configure the default route in Vnet2 and Vnet3. The solution must meet the virtual networking requirements. What should you use to configure the default route?

Question 221

Report
Export
Collapse

HOTSPOT

You have an on-premises network that includes the sites shown in the following table.

Each site is connected to the Internet by a firewall. All sites are connected to an SD-WAN. Each site is configured to propagate routes by using BGP.

You have an Azure subscription that includes a virtual network named Vnet1 that contains a Virtual Network Gateway named Gateway 1.

You create a local network gateway with the configuration shown in the gateway exhibit (Click the Gateway tab.)

You create a Site-to-Site (S2S) connection with the configuration shown in connection exhibit. (Click the Connection tab)

For each of the following statements, select Yes if the statement is true Otherwise, select No.

NOTE: Each correct selection is worth one point.


Question 221
Correct answer: Question 221

Question 222

Report
Export
Collapse

HOTSPOT

You have an Azure subscription that contains multiple virtual machine scale sets and multiple Azure load balancers. The load balancers balance traffic across the scale sets.

You plan to deploy Azure Front Door to load balance traffic across the load balancers.

You need to identify which Front Door SKU to configure, and what to use to route the traffic to the load balancers. The solution must minimize costs.

What should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 222
Correct answer: Question 222

Question 223

Report
Export
Collapse

You have an Azure subscription.

You plan to implement Azure Virtual WAN as shown in the following exhibit.

What is the minimum number of route tables that you should create?

A.
1
A.
1
Answers
B.
2
B.
2
Answers
C.
4
C.
4
Answers
D.
6
D.
6
Answers
Suggested answer: B

Question 224

Report
Export
Collapse

DRAG DROP

You have a computer named CLIENT! that runs Windows 11 and has the Azure VPN Client installed.

You have an Azure virtual network gateway named VPNGW1.

You need to ensure that you can connect CLIENT1 to VPNGW1. The solution must support Microsoft Entra authentication.

Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.


Question 224
Correct answer: Question 224

Question 225

Report
Export
Collapse

You have an on-premises datacenter named Site1 that contains a firewall named FW1. FW1 connects to the internet.

You have an Azure subscription that contains the resources shown in the following table.

You plan to connect Site1 to Hub1 by using a site-to-site connection.

You need to configure the site-to-site connection to FW1.

What should you create in VWAN1?

A.
a VPN site
A.
a VPN site
Answers
B.
a virtual network connection
B.
a virtual network connection
Answers
C.
a network virtual appliance (NVA)
C.
a network virtual appliance (NVA)
Answers
D.
a User VPN configuration
D.
a User VPN configuration
Answers
Suggested answer: A

Question 226

Report
Export
Collapse

SIMULATION

Task 1

You need to ensure that virtual machines on VNET1 and VNET2 are included automatically in a DNS zone named contoso.azure. The solution must ensure that the virtual machines on VNET1 and VNET2 can resolve the names of the virtual machines on either virtual network.

A.
See the Explanation below for step by step instructions
A.
See the Explanation below for step by step instructions
Answers
Suggested answer: A

Explanation:

To achieve the task of ensuring that virtual machines on VNET1 and VNET2 are included automatically in a DNS zone namedcontoso.azure, and that they can resolve the names of the virtual machines on either virtual network, you can follow these steps:

Step-by-Step Solution

Step 1: Create a Private DNS Zone

Navigate to the Azure Portal.

Search for ''Private DNS zones''in the search bar and select it.

Click on ''Create''.

Enter the DNS zone nameascontoso.azure.

Select the appropriate subscriptionand resource group.

Click on ''Review + create''and then''Create''.

Step 2: Link VNET1 and VNET2 to the DNS Zone

Go to the newly created DNS zone(contoso.azure).

Select ''Virtual network links''from the left-hand menu.

Click on ''Add''.

Enter a namefor the link (e.g.,VNET1-link).

Select the subscriptionandvirtual network (VNET1).

Enable auto-registrationto ensure that VMs are automatically registered in the DNS zone.

Click on ''OK''.

Repeat the processfor VNET2.

Step 3: Configure DNS Settings for VNET1 and VNET2

Navigate to VNET1in the Azure Portal.

Select ''DNS servers''under the ''Settings'' section.

Ensure that the DNS server is set to ''Default (Azure-provided)''.

Repeat the processfor VNET2.

Step 4: Verify Name Resolution

Deploy a virtual machinein VNET1 and another in VNET2.

Connect to the virtual machinesusing Remote Desktop Protocol (RDP) or Secure Shell (SSH).

Test name resolutionby pinging the VM in VNET2 from the VM in VNET1 using its hostname (e.g.,ping <VM-name>.contoso.azure).

Explanation:

Private DNS Zone: This allows you to manage and resolve domain names in a private network without exposing them to the public internet.

Virtual Network Links: Linking VNET1 and VNET2 to the DNS zone ensures that VMs in these networks can register their DNS records automatically.

Auto-registration: This feature automatically registers the DNS records of VMs in the linked virtual networks, simplifying management.

DNS Settings: Using Azure-provided DNS ensures that the VMs can resolve each other's names without additional configuration.

By following these steps, you ensure that virtual machines on VNET1 and VNET2 are included automatically in the DNS zonecontoso.azureand can resolve each other's names seamlessly.

Question 227

Report
Export
Collapse

SIMULATION

Task 2

You need to ensure that you can deploy Azure virtual machines to the France Central Azure region. The solution must ensure that virtual machines in the France Central region are in a network segment that has an IP address range of 10.5.1.0/24.

A.
See the Explanation below for step by step instructions
A.
See the Explanation below for step by step instructions
Answers
Suggested answer: A

Explanation:

To deploy Azure virtual machines to the France Central region and ensure they are in a network segment with an IP address range of 10.5.1.0/24, follow these steps:

Step-by-Step Solution

Step 1: Create a Virtual Network in France Central

Navigate to the Azure Portal.

Search for ''Virtual networks''in the search bar and select it.

Click on ''Create''.

Enter the following details:

Subscription: Select your subscription.

Resource Group: Select an existing resource group or create a new one.

Name: Enter a name for the virtual network (e.g.,VNet-FranceCentral).

Region: SelectFrance Central.

Click on ''Next: IP Addresses''.

Step 2: Configure the Address Space and Subnet

In the IP Addresses tab, enter the address space as10.5.1.0/24.

Click on ''Add subnet''.

Enter the following details:

Subnet name: Enter a name for the subnet (e.g.,Subnet-1).

Subnet address range: Enter10.5.1.0/24.

Click on ''Add''.

Click on ''Review + create''and then''Create''.

Step 3: Deploy Virtual Machines to the Virtual Network

Navigate to the Azure Portal.

Search for ''Virtual machines''in the search bar and select it.

Click on ''Create''and then''Azure virtual machine''.

Enter the following details:

Subscription: Select your subscription.

Resource Group: Select the same resource group used for the virtual network.

Virtual machine name: Enter a name for the VM.

Region: SelectFrance Central.

Image: Select the desired OS image.

Size: Select the appropriate VM size.

Click on ''Next: Disks'', configure the disks as needed, and then click on''Next: Networking''.

In the Networking tab, select the virtual network (VNet-FranceCentral) and subnet (Subnet-1) created earlier.

Complete the remaining configuration stepsand click on''Review + create''and then''Create''.

Explanation:

Virtual Network: A virtual network in Azure allows you to create a logically isolated network that can host your Azure resources.

Address Space: The address space10.5.1.0/24ensures that the VMs are in a specific network segment.

Subnet: Subnets allow you to segment the virtual network into smaller, manageable sections.

Region: Deploying the virtual network and VMs in the France Central region ensures that the resources are physically located in that region.

By following these steps, you can ensure that your Azure virtual machines in the France Central region are deployed within the specified IP address range of 10.5.1.0/24.

Question 228

Report
Export
Collapse

SIMULATION

Task 3

You need to ensure that hosts on VNET1 and VNET2 can communicate. The solution must minimize latency between the virtual networks.

A.
See the Explanation below for step by step instructions
A.
See the Explanation below for step by step instructions
Answers
Suggested answer: A

Explanation:

To ensure that hosts on VNET1 and VNET2 can communicate with minimal latency, you can useVirtual Network Peering. This method connects the two virtual networks directly through the Microsoft backbone network, ensuring low-latency and high-bandwidth communication.

Step-by-Step Solution

Step 1: Set Up Virtual Network Peering

Navigate to the Azure Portal.

Search for ''Virtual networks''and select VNET1.

In the left-hand menu, select''Peerings''under the ''Settings'' section.

Click on ''Add''to create a new peering.

Enter the following details:

Name: Enter a name for the peering (e.g.,VNET1-to-VNET2).

Peer virtual network: Select VNET2.

Allow virtual network access: Ensure this is enabled.

Allow forwarded traffic: Enable if needed.

Allow gateway transit: Enable if needed.

Click on ''Add''.

Step 2: Configure Peering on VNET2

Navigate to VNET2in the Azure Portal.

In the left-hand menu, select''Peerings''under the ''Settings'' section.

Click on ''Add''to create a new peering.

Enter the following details:

Name: Enter a name for the peering (e.g.,VNET2-to-VNET1).

Peer virtual network: Select VNET1.

Allow virtual network access: Ensure this is enabled.

Allow forwarded traffic: Enable if needed.

Allow gateway transit: Enable if needed.

Click on ''Add''.

Explanation:

Virtual Network Peering: This feature connects two virtual networks in the same or different regions, allowing resources in both networks to communicate with each other as if they were part of the same network.The traffic between peered virtual networks uses the Microsoft backbone infrastructure, ensuring low latency and high bandwidth12.

Allow Virtual Network Access: This setting ensures that the virtual networks can communicate with each other.

Allow Forwarded Traffic: This setting allows traffic forwarded from a network security appliance in the peered virtual network.

Allow Gateway Transit: This setting allows the peered virtual network to use the gateway in the local virtual network.

By following these steps, you can ensure that hosts on VNET1 and VNET2 can communicate with minimal latency, leveraging the high-speed Microsoft backbone network.

Question 229

Report
Export
Collapse

SIMULATION

Task 4

You need to ensure that the owner of VNET3 receives an alert if an administrative operation is performed on the virtual network.

A.
See the Explanation below for step by step instructions
A.
See the Explanation below for step by step instructions
Answers
Suggested answer: A

Explanation:

To ensure that the owner of VNET3 receives an alert whenever an administrative operation is performed on the virtual network, you can set up anActivity Log Alertin Azure Monitor. Here's how you can do it:

Step-by-Step Solution

Step 1: Create an Activity Log Alert

Navigate to the Azure Portal.

Search for ''Monitor''and select it.

In the Monitor blade, select''Alerts''from the left-hand menu.

Click on ''New alert rule''.

Step 2: Configure the Alert Rule

Select the Scope:

Click on''Select resource''.

Choose''Virtual Network''as the resource type.

SelectVNET3from the list of virtual networks.

Define the Condition:

Click on''Add condition''.

In the''Signal type''dropdown, select''Activity Log''.

Choose''Administrative''as the category.

Select the specific operations you want to monitor (e.g.,Microsoft.Network/virtualNetworks/writefor any write operations on the virtual network).

Set the Alert Details:

Enter anamefor the alert rule (e.g.,VNET3 Admin Operations Alert).

Provide adescriptionif needed.

Configure the Action Group:

Click on''Add action group''.

Enter anamefor the action group.

Select theaction type(e.g., Email/SMS/Push/Voice).

Enter thedetailsof the recipient (e.g., the email address of the owner of VNET3).

Review and Create:

Review the alert rule settings.

Click on''Create alert rule''.

Explanation:

Activity Log Alerts: These alerts notify you when specific operations are performed on your Azure resources. By setting up an alert for administrative operations, you ensure that any changes to VNET3 are promptly reported.

Action Groups: These define the actions to take when an alert is triggered. You can configure notifications via email, SMS, or other methods to ensure the owner of VNET3 is informed immediately.

Administrative Operations: Monitoring these operations helps in tracking changes and maintaining the security and integrity of your virtual network.

By following these steps, you can ensure that the owner of VNET3 receives timely alerts for any administrative operations performed on the virtual network, helping to maintain oversight and security.

Question 230

Report
Export
Collapse

SIMULATION

Task 5

You need to archive all the metrics of VNET1 to an existing storage account.

A.
See the Explanation below for step by step instructions
A.
See the Explanation below for step by step instructions
Answers
Suggested answer: A

Explanation:

To archive all the metrics of VNET1 to an existing storage account, you can use Azure Monitor's diagnostic settings. Here's how you can do it:

Step-by-Step Solution

Step 1: Navigate to VNET1 in the Azure Portal

Open the Azure Portal.

Search for ''Virtual networks''and selectVNET1from the list.

Step 2: Configure Diagnostic Settings

In the VNET1 blade, select''Diagnostic settings''under the ''Monitoring'' section.

Click on ''Add diagnostic setting''.

Step 3: Set Up the Diagnostic Setting

Enter a namefor the diagnostic setting (e.g.,VNET1-Metrics-Archive).

Select the metricsyou want to archive. You can choose from various metrics likeTotalBytesReceived,TotalBytesSent, etc.

Under ''Destination details'', select''Archive to a storage account''.

Choose the existing storage accountwhere you want to archive the metrics.

Configure the retention periodif needed.

Step 4: Save the Configuration

Review your settingsto ensure everything is correct.

Click on ''Save''to apply the diagnostic setting.

Explanation:

Diagnostic Settings: These allow you to collect and route metrics and logs from your Azure resources to various destinations, including storage accounts, Log Analytics workspaces, and Event Hubs.

Metrics: Metrics provide numerical data about the performance and health of your resources. Archiving these metrics helps in long-term analysis and compliance.

Storage Account: Using an existing storage account ensures that the metrics are stored securely and can be accessed for future analysis.

By following these steps, you can ensure that all the metrics of VNET1 are archived to your existing storage account, enabling you to monitor and analyze the performance and health of your virtual network over time.

Total 236 questions
Go to page: of 24
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms