New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Microsoft AZ-700 Dumps Questions Answers

Page: 1 / 14
Total 258 questions

Designing and Implementing Microsoft Azure Networking Solutions Questions and Answers

Question 1

Task 9

You need to ensure that subnet4-3 can accommodate 507 hosts.

Options:

Buy Now
Question 2

Task 11

You are preparing to connect your on-premises network to VNET4 by using a Site-to-Site VPN. The on-premises endpoint of the VPN will be created on a firewall named Firewall 1.

The on-premises network has the following configurations:

• Internal address range: 10.10.0.0/16.

• Firewall 1 internal IP address: 10.10.1.1.

• Firewall1 public IP address: 131.107.50.60.

BGP is NOT used.

You need to create the object that will provide the IP addressing configuration of the on-premises network to the Site-to-Site VPN. You do NOT need to create a virtual network gateway to complete this task.

Options:

Question 3

Task 5

You need to ensure that requests for wwwjelecloud.com from any of your Azure virtual networks resolve to frontdoor1.azurefd.net.

Options:

Question 4

Task 4

You need to ensure that connections to the storage34280945 storage account can be made by using an IP address in the 10.1.1.0/24 range and the name storage34280945.pnvatelinlcblob.core.windows.net.

Options:

Question 5

Task 1

You need to ensure that virtual machines on VNET1 and VNET2 are included automatically in a DNS zone named contoso.azure. The solution must ensure that the virtual machines on VNET1 and VNET2 can resolve the names of the virtual machines on either virtual network.

Options:

Question 6

Task 11

You need to ensure that only hosts on VNET1 can access the slcnage42150372 storage account. The solution must ensure that access occurs over the Azure backbone network.

Options:

Question 7

Task 7

You need to ensure that hosts on VNET2 can access hosts on both VNET1 and VNET3. The solution must prevent hosts on VNET1 and VNET3 from communicating through VNET2.

Options:

Question 8

Task 3

You plan to implement an Azure application gateway in the East US Azure region. The application gateway will have Web Application Firewall (WAF) enabled.

You need to create a policy that can be linked to the planned application gateway. The policy must block connections from IP addresses in the 131.107.150.0/24 range. You do NOT need to provision the application gateway to complete this task.

Options:

Question 9

Task 8

You need to ensure that the storage34280945 storage account will only accept connections from hosts on VNET1

Options:

Question 10

Task 9

You plan to use VNET4 for an Azure API Management implementation.

You need to configure a policy that can be used by an Azure application gateway to protect against known web attack vectors. The policy must only allow requests that originate from IP addresses in Canada. You do NOT need to create the application gateway to complete this task.

Options:

Question 11

Task 6

You need to ensure that all hosts deployed to subnet3-2 connect to the internet by using the same static public IP address. The solution must minimize administrative effort when adding hosts to the subnet.

Options:

Question 12

Task 6

You have two servers that are each hosted by a separate service provider in New York and Germany. The server hosted in New York is accessible by using a host name of ny.contoso.com. The server hosted in Germany is accessible by using a host name of de.contoso.com.

You need to provide a single host name to access both servers. The solution must ensure that traffic originating from Germany is routed to de contoso.com. All other traffic must be routed to ny.contoso.com.

Options:

Question 13

Task 10

You need to configure VNET1 to log all events and metrics. The solution must ensure that you can query the events and metrics directly from the Azure portal by using KQL.

Options:

Question 14

Task 1

You plan to deploy a firewall to subnetl-2. The firewall will have an IP address of 10.1.2.4.

You need to ensure that traffic from subnetl-1 to the IP address range of 192.168.10.0/24 is routed through the firewall that will be deployed to subnetl-2. The solution must be achieved without using dynamic routing protocols.

Options:

Question 15

Task 7

You plan to deploy 100 virtual machines to subnet4-1. The virtual machines will NOT be assigned a public IP address. The virtual machines will call the same API. which is hosted by a third party. The virtual machines will make more than 10,000 calls per minute to the API.

You need to minimize the risk of SNAT port exhaustion. The solution must minimize administrative effort.

Options:

Question 16

Task 2

You need to create an Azure Firewall instance named FW1 that meets the following requirements:

• Has an IP address from the address range of 10.1.255.0/24

• Uses a new Premium firewall policy named FW-pohcy1

• Routes traffic directly to the internet

Options:

Question 17

Task 3

You need to ensure that hosts on VNET1 and VNET2 can communicate. The solution must minimize latency between the virtual networks.

Options:

Question 18

Task 8

You plan to deploy an appliance to subnet3-2- The appliance will perform packet inspection and will have an IP address of 10.3.2.100.

You need to ensure that all traffic to the internet from subnet3-1 is forwarded to the appliance for inspection.

Options:

Question 19

You need to configure the default route in Vnet2 and Vnet3. The solution must meet the virtual networking requirements.

What should you use to configure the default route?

Options:

A.

a user-defined route assigned to GatewaySubnet in Vnet2 and Vnet3

B.

a user-defined route assigned to GatewaySubnet in Vnet1

C.

BGP route exchange

D.

route filters

Question 20

You need to configure the default route on Vnet2 and Vnet3. The solution must meet the virtual networking requirements.

What should you use to configure the default route?

Options:

A.

route filters

B.

BGP route exchange

C.

a user-defined route assigned to GatewaySubnet in Vnet1

D.

a user-defined route assigned to GatewaySubnet in Vnet2 and Vnet3

Question 21

You need to provide connectivity to storage1. The solution must meet the PaaS networking requirements and the business requirements.

What should you include in the solution?

Options:

A.

a service endpoint

B.

Azure Front Door

C.

a private endpoint

D.

Azure Traffic Manager

Question 22

You need to implement outbound connectivity for VMScaleSet1. The solution must meet the virtual networking requirements and the business requirements.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

T

Options:

Question 23

You need to provide access to storage2. The solution must meet the PaaS networking requirements and the business requirements.

Which connectivity method should you use?

Options:

A.

a service endpoint

B.

a private endpoint

C.

Azure Firewall

D.

Azure Front Door

Question 24

You need to connect Vnet2 and Vnet3. The solution must meet the virtual networking requirements and the business requirements.

Which two actions should you include in the solution? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Options:

A.

On the peerings from Vnet2 and Vnet3, select Use remote gateways.

B.

On the peering from Vnet1, select Allow forwarded traffic.

C.

On the peering from Vnet1, select Use remote gateways.

D.

On the peering from Vnet1, select Allow gateway transit.

E.

On the peerings from Vnet2 and Vnet3, select Allow gateway transit.

Question 25

You need to recommend a configuration for the ExpressRoute connection from the Boston datacenter. The solution must meet the hybrid networking requirements and business requirements.

What should you recommend? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 26

You need to prepare Vnet1 for the deployment of an ExpressRoute gateway. The solution must meet the hybrid connectivity requirements and the business requirements.

Which three actions should you perform in sequence for Vnet1? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Options:

Question 27

You need to restrict traffic from VMScaleSet1 to VMScaleSet2. The solution must meet the virtual networking requirements.

What is the minimum number of custom NSG rules and NSG assignments required? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 28

You need to implement a P2S VPN for the users in the branch office. The solution must meet the hybrid networking requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 29

You need to implement name resolution for the cloud.liwareinc.com. The solution must meet the networking requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 30

What should you implement to meet the virtual network requirements for the virtual machines that connect to Vnet4 and Vnet5?

Options:

A.

a private endpoint

B.

a virtual network peering

C.

a private link service

D.

a routing table

E.

a service endpoint

Question 31

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Options:

Question 32

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Options:

Question 33

In which NSGs can you use ASG1 and to which virtual machine network interfaces can you associate ASG1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 34

You are implementing the Virtual network requirements for Vnet6.

What is the minimum number of subnets and service endpoints you should create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 35

Which virtual machines can VM1 and VM4 ping successfully? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 36

You need to meet the network security requirements for the NSG flow logs.

Which type of resource do you need, and how many instances should you create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 37

Your on-premises network contains a VPN device.

You have an Azure subscription that contains a virtual network and a virtual network gateway.

You need to create a Site-to-Site VPN connection that has a custom cryptographic policy.

How should you complete the PowerShell script? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 38

You have an internal Basic Azure Load Balancer named LB1 That has two frontend IP addresses. The backend pool of LB1 contains two Azure virtual machines named VM1 and VM2.

You need to configure the rules on LB1 as shown in the following table.

What should you do for each rule?

Options:

A.

Enable Floating IP.

B.

Disable Floating IP.

C.

Set Session persistence to Enabled.

D.

Set Session persistence to Disabled

Question 39

You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2. Both subnets contain virtual machines. You create a NAT gateway named NATgateway1 as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

Options:

Question 40

You have an Azure subscription that contains the resources shown in the following table.

Gateway1 provides access to App1 by using a URL of

You create a new web app named App2.

You need to configure Gateway1 to enable minimize administrative effort.

What should you configure on Gateway1?

Options:

A.

a backend pool and a routing

B.

a listener and a routing rule

C.

a listener, a backend pool, and a rule

D.

a listener and a backend pool

Question 41

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.

You configure the application gateway to direct traffic to the URL of the application gateway.

You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.

You need to ensure that the URL is accessible through the application gateway.

Solution: You create a WAF policy exclusion request headers that contain 137.135.10.24.

Does this meet the goat?

Options:

A.

Yes

B.

No

Question 42

You have an Azure subscription that contains the resources shown in the following table.

You need to ensure that network traffic is routed over the Azure backbone network for the following scenarios:

• Traffic from SQIMI1 to storage1

• Traffic from domain joined servers on VNet2 to storage1

The solution must minimize costs.

What should you configure for each scenario? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 43

You have an Azure application gateway configured for a single website that is available at

The application gateway contains one backend pool and one rule. The backend pool contains two backend servers. Each backend server has an additional website that is available on port 8080.

You need to ensure that if port 8080 is unavailable on a backend server, all the traffic for is redirected to the other backend server.

What should you do?

Options:

A.

Create a health probe.

B.

Add a new rule.

C.

Add a new listener.

D.

Change the port on the listener.

Question 44

You have two on-premises datacenters.

You have an Azure subscription that contains four virtual networks named VNet1 VNet2, VNet3, and VNet4

You create an Azure virtual WAN named VWAN1. VWAN1 contains a single virtual hub that is connected to both on-premises datacenters and all the virtual networks in a full mesh topology.

You create a route table named RT1.

You need to configure VWAN1 to meet the following requirements:

• Connectivity between VNet1 and VNet2 and both on-premises datacenters must be allowed.

• Connectivity between VNet3 and VNet4 and both on-premises datacenters must be allowed.

• VNet1 and VNet2 must be isolated from VNet3 and VNet4.

How should you configure routing for VNet1 and VNet2 and for both on-premises datacenters? To answer, drag the appropriate route tables and route table propagation to the correct requirements. Each route table and route table propagation may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Options:

Question 45

You have an Azure subscription that contains the resources is shown in the following table.

You need to ensure that the apps hosted on VM1 can resolve the IP address of the What should you create first?

Options:

A.

a public DNS zone named database.windows.net

B.

a private DNS zone named database.windows.net

C.

a public DNS zone named private ink.database.windows.net

D.

a private DNS zone named privatelink.database.windows.net

Question 46

You have an Azure virtual network that contains the subnets shown in the following table.

You deploy an Azure firewall to AzureFirewallSubnet. You route all traffic from Subnet2 through the firewall.

You need to ensure that all the hosts on Subnet2 can access an external site located at

What should you do?

Options:

A.

Create a network security group (NSG) and associate the NSG to Subnet2.

B.

In a firewall policy, create an application rule.

C.

In a firewall policy, create a DNAT rule.

D.

In a firewall policy, create a network rule.

Question 47

You have an Azure Front Door instance named FrontDoor1.

You deploy two instances of an Azure web app to different Azure regions.

You plan to provide access to the web app through FrontDoor1 by using the name app1.contoso.com.

You need to ensure that FrontDoor1 is the entry point for requests that use app1.contoso.com.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Options:

Question 48

You have an Azure subscription that contain a viral network named Vnet1 and an Azure SQL database named SQL1 has a private endpoint on Vnet1.

You have a partner company named fabrikam, has an Azure subscription that contains a virtual network named Vnet1 and a virtual machine named VM1, VM1 is connected to Vnet2

You need to provide VM1 with accesss to SQL 1 by using an Azure private Link service.

What should you implement on each virtual network? To answer, drag the appropriate resources to the correct virtual networks. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content

Note: Each correct selection is worth one point.

Options:

Question 49

You have two Azure virtual networks named Vnet1 and Vnet2 in an Azure region that has three availability zones.

You deploy 12 virtual machines to each virtual network, deploying four virtual machines per zone. The virtual machines in Vnet1 host an app named App1. The virtual machines in Vnet2 host an app named App2.

You plan to use Azure Virtual Network NAT to implement outbound connectivity for App1 and App2.

You need to identify the minimum number of subnets and Virtual Network NAT instances required to meet the following requirements:

• A failure of two zones must NOT affect the availability of either App1 or App2.

• A failure of two zones must NOT affect the outbound connectivity of either App1 or App2.

What should you identify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Options:

Question 50

You have an application named App1 that listens for incoming requests on a preconfigured group of 50 TCP ports and UDP ports.

You install App1 on 10 Azure virtual machines.

You need to implement load balancing for App1 across all the virtual machines. The solution must minimize the number of load balancing rules.

What should you include in the solution?

Options:

A.

Azure Standard Load Balancer that has Floating IP enabled

B.

Azure Application Gateway V2 that has multiple listeners

C.

Azure Application Gateway v2 that has multiple site hosting enabled

D.

Azure Standard Load Balancer that has high availability (HA) ports enabled

Question 51

You have an on-premises datacenter named Site1 that contains a firewall named FW1. FW1 connects to the internet.

You have an Azure subscription that contains the resources shown in the following table.

You plan to connect Site1 to Hub1 by using a site-to-site connection.

You need to configure the site-to-site connection to FW1.

What should you create in VWAN1?

Options:

A.

a VPN site

B.

a virtual network connection

C.

a network virtual appliance (NVA)

D.

a User VPN configuration

Question 52

You are configuring two network virtual appliances (NVAs) in an Azure virtual network. The NVAs will be used to inspect all the traffic within the virtual network.

You need to provide high availability for the NVAs. The solution must minimize administrative effort. What shtraffic ould you include in the solution?

Options:

A.

Azure Standard Load Balancer

B.

Azure Traffic Manager

C.

Azure Application Gateway

D.

Azure Front Door

Question 53

You have the hybrid network shown in the Network Diagram exhibit.

You have a peering connection between Vnet1 and Vnet2 as shown in the Peering-Vnet1-Vnet2 exhibit.

You have a peering connection between Vnet1 and Vnet3 as shown in the Peering -Vnet1-Vnet3 exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Options:

Question 54

You have an Azure subscription that contains the virtual networks shown in the following table.

You plan to deploy an Azure firewall named AF1 to RG1 in the West US Azure region.

To which virtual networks can you deploy AF1?

Options:

A.

Vnet1 only

B.

Vnet1 and Vnet2 only

C.

Vnet1, Vnet2, and Vnet4 only

D.

Vnet1 and Vnet4 only

E.

Vnet1, Vnet2. Vnet3, and Vnet4

Page: 1 / 14
Total 258 questions