ExamGecko
Search Search Login
Home Home / Microsoft / AZ-700

Microsoft AZ-700 Practice Test - Questions Answers, Page 6

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You have an Azure subscription that contains the route tables and routes shown in the following table. The subscription contains the subnets shown in the following table. The subscription contains the virtual machines shown in the following table. There is a Site-to-Site VPN connection to each local network gateway. For each of the following statements, select Yes of the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT You have art Azure subscription that contains the resources shown in the following table. You need to restrict access to storage1 and sqI1 by using service endpoints. The solution must meet the following requirements: * Allow access from Subnet1 to SQIDB1 * Implement service endpoint policies to restrict access to supported resources. * Allow access from Subnet1 to storage1 and the read-only replica of storage1 in the paired Azure region. What is the minimum number of service endpoints and service endpoint policies you should create? To answer, select the appropriate options m the answer area. NOTE: Each correct selection is worth one point.
You have two Azure App Service instances that host the web apps shown the following table. You deploy an Azure application gateway that has one public frontend IP address and two backend pools. You need to publish all the web apps to the application gateway. Requests must be routed based on the HTTP host headers. What is the minimum number of listeners and routing rules you should configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
HOTSPOT You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2. You have the NAT gateway shown in the NATgateway1 exhibit, (Click the NATgateway1 tab) You have the virtual machine shown in the VM1 exhibit, (Click the VM1 tab) Subnet1 is configured as shown in the Subnet1 exhibit, (Click the Subnet1 tab) For each of the following statements, select Yes if the statement is true. Otherwise, select No
HOTSPOT You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2. You have the NAT gateway shown in the NATgateway1 exhibit. You have the virtual machine shown in the VM1 exhibit. Subnet1 is configured as shown in the Subnet1 exhibit. For each of the following statements, select Yes of the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You need to connect Vnet2 and Vnet3. The solution must meet the virtual networking requirements and the business requirements. Which two actions should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
HOTSPOT You have an Azure subscription that contains an app named Appl. App1 is hosted on the Azure App Service instances shown in the following table. You need to implement Azure Traffic Manager to meet the following requirements: • App1 traffic must be assigned equally to each App Service instance in each Azure region. • App1 traffic from North Europe must be routed to the Appl instances in the North Europe region. • App1 traffic from North America must be routed to the Appl instances in the East US Azure region.
You have an Azure subscription that contains a user named Admin1 and a resource group named RG1. RG1 contains an Azure Network Watcher instance named NW1. You need to ensure that Admin1 can place a lock on NW1. The solution must use the principle of least privilege. Which role should you assign to Admin1?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled. You configure the application gateway to direct traffic to the URL of the application gateway. You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error. You need to ensure that the URL is accessible through the application gateway. Solution: You create a WAF policy exclusion for request headers that contain 137.135.10.24. Does this meet the goal?
You need to configure the default route in Vnet2 and Vnet3. The solution must meet the virtual networking requirements. What should you use to configure the default route?

Question 51

Report
Export
Collapse

Your company has offices in Montreal, Seattle, and Paris. The outbound traffic from each office originates from a specific public IP address. You create an Azure Front Door instance named FD1 that has Azure Web Application Firewall (WAF) enabled. You configure a WAF policy named Policy1 that has a rule named Rule1. Rule1 applies a rate limit of 100 requests for traffic that originates from the office in Montreal.

You need to apply a rate limit of 100 requests for traffic that originates from each office.

What should you do?

A.
Modify the rate limit threshold of Rule1.
A.
Modify the rate limit threshold of Rule1.
Answers
B.
Create two additional associations.
B.
Create two additional associations.
Answers
C.
Modify the conditions of Rule1.
C.
Modify the conditions of Rule1.
Answers
D.
Modify the rule type of Rule1.
D.
Modify the rule type of Rule1.
Answers
Suggested answer: A

Explanation:


Question 52

Report
Export
Collapse

You have an Azure virtual network named Vnet1.

You need to ensure that the virtual machines in Vnet1 can access only the Azure SQL resources in the East US Azure region. The virtual machines must be prevented from accessing any Azure Storage resources. Which two outbound network security group (NSG) rules should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A.
a deny rule that has a source of VirtualNetwork and a destination of Sql
A.
a deny rule that has a source of VirtualNetwork and a destination of Sql
Answers
B.
an allow rule that has the IP address range of Vnet1 as the source and destination of Sql.EastUS
B.
an allow rule that has the IP address range of Vnet1 as the source and destination of Sql.EastUS
Answers
C.
a deny rule that has a source of VirtualNetwork and a destination of 168.63.129.0/24
C.
a deny rule that has a source of VirtualNetwork and a destination of 168.63.129.0/24
Answers
D.
a deny rule that has the IP address range of Vnet1 as the source and destination of Storage
D.
a deny rule that has the IP address range of Vnet1 as the source and destination of Storage
Answers
Suggested answer: C, D

Explanation:


Question 53

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure subscription that contains the following resources:

A virtual network named Vnet1

A subnet named Subnet1 in Vnet1

A virtual machine named VM1 that connects to Subnet1

Three storage accounts named storage1, storage2, and storage3

You need to ensure that VM1 can access storage1. VM1 must be prevented from accessing any other storage accounts. Solution: You configure the firewall on storage1 to only accept connections from Vnet1.

Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Question 54

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure subscription that contains the following resources:

A virtual network named Vnet1

A subnet named Subnet1 in Vnet1

A virtual machine named VM1 that connects to Subnet1

Three storage accounts named storage1, storage2, and storage3

You need to ensure that VM1 can access storage1. VM1 must be prevented from accessing any other storage accounts. Solution: You create a network security group (NSG) and associate the NSG to Subnet1.

Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Question 55

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure subscription that contains the following resources:

A virtual network named Vnet1

A subnet named Subnet1 in Vnet1

A virtual machine named VM1 that connects to Subnet1

Three storage accounts named storage1, storage2, and storage3

You need to ensure that VM1 can access storage1. VM1 must be prevented from accessing any other storage accounts. Solution: You create a network security group (NSG). You configure a service tag for Microsoft.Storage and link the tag to Subnet1. Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Question 56

Report
Export
Collapse

You have an Azure virtual network named Vnet1 that has one subnet. Vnet1 is in the West Europe Azure region. You deploy an Azure App Service app named App1 to the West Europe region.

You need to provide App1 with access to the resources in Vnet1. The solution must minimize costs.

What should you do first?

A.
Create a private link.
A.
Create a private link.
Answers
B.
Create a new subnet.
B.
Create a new subnet.
Answers
C.
Create a NAT gateway.
C.
Create a NAT gateway.
Answers
D.
Create a gateway subnet and deploy a virtual network gateway.
D.
Create a gateway subnet and deploy a virtual network gateway.
Answers
Suggested answer: D

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnet

Question 57

Report
Export
Collapse

You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. The subscription contains the following resources:

An Azure App Service app named App1

An Azure DNS zone named contoso.com

An Azure private DNS zone named private.contoso.com A virtual network named Vnet1 You create a private endpoint for App1. The record for the endpoint is registered automatically in Azure DNS. You need to provide a developer with the name that is registered in Azure DNS for the private endpoint. What should you provide?

A.
app1.contoso.onmicrosoft.com
A.
app1.contoso.onmicrosoft.com
Answers
B.
app1.private.contoso.com
B.
app1.private.contoso.com
Answers
C.
app1.privatelink.azurewebsites.net
C.
app1.privatelink.azurewebsites.net
Answers
D.
app1.contoso.com
D.
app1.contoso.com
Answers
Suggested answer: C

Question 58

Report
Export
Collapse

You have Azure App Service apps in the West US Azure region as shown in the following table.

You need to ensure that all the apps can access the resources in a virtual network named Vnet1 without forwarding traffic through the internet. How many integration subnets should you create?

A.
0
A.
0
Answers
B.
1
B.
1
Answers
C.
3
C.
3
Answers
D.
4
D.
4
Answers
E.
6
E.
6
Answers
Suggested answer: C

Explanation:

One integration subnet is required per App Service Plan regardless of how many apps are running in the App Service Plan.

Reference: https://docs.microsoft.com/en-us/azure/app-service/overview-vnet-integration

Question 59

Report
Export
Collapse

HOTSPOT

You need to recommend a configuration for the ExpressRoute connection from the Boston datacenter. The solution must meet the hybrid networking requirements and business requirements. What should you recommend? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 59
Correct answer: Question 59

Explanation:

https://docs.microsoft.com/en-us/azure/expressroute/about-fastpath

Question 60

Report
Export
Collapse

HOTSTOP

You need to connect an on-premises network and an Azure environment. The solution must use ExpressRoute and support failing over to a Site-to-Site VPN connection if there is an ExpressRoute failure. What should you configure? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question 60
Correct answer: Question 60

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/expressroute/expressroute-howto-coexist-resource-manager

Total 236 questions
Go to page: of 24
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms