CertsTopics Logo

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Download Full Version AZ-720 Microsoft Exam

Page: 6 / 9
Total 119 questions
Get AZ-720 Full Access Download AZ-720 PDF

Troubleshooting Microsoft Azure Connectivity Questions and Answers

Question 21

A customer has an Azure subscription. Microsoft Defender for servers is enabled for the subscription. The customer has not configured network security groups.

The customer configures a resource group named RG1 that contains the following resources:

• A virtual machine named VM1.

• A network interface named NIC1 that is attached to VM1.

The customer grants a user named Admin1 the following permission for RG1: Microsoft.Security/locations/jitNetworkAccessPolicies/write.

Admin1 reports that the JIT VM access pane in the Azure portal does not show any entries. When you view the same pane, VM1 appears on the Unsupported tab.

You need to ensure that Admin1 can enable just-in-time (JIT) VM access for VM1. The solution must adhere to the principle of least privilege.

Which three actions should you recommend be performed in sequence?

To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Options:

Question 22

A company deploys a new file sharing application on four Standard_D2_v3 virtual machines (VMs) behind an Azure Load Balancer. The company implements Azure Firewall.

Users report that the application is slow during peak usage periods. An engineer reports that the peak usage for each VM is approximately 1 Gbps.

You need to implement a solution that support a minimum of 10 Gbps.

What should you do to increase the throughput?

Options:

A.

Request an increase in networking quotas.

B.

Increase the size of the VM instance.

C.

Disable the Azure Firewall and implement network security groups in its place.

D.

Move two of the servers behind a separate load balancer and configure round robin routing in Traffic Manager.

Question 23

A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR).

An administrator receives an error that password writeback cloud not be enabled during the Azure AD Connect configuration. The administrator observes the following event log error:

Error getting auth token

You need to resolve the issue.

Solution: Restart the Azure AD Connect service.

Does the solution meet the goal?

Options:

A.

Yes

B.

No

Question 24

A company has an Azure Virtual Network gateway named VNetGW1. The company enables point-to-site connectivity on VNetGW1. An administrator configures VNetGW1 for the following:

  • OpenVPN for the tunnel type.
  • Azure certificate for the authentication type.

Users receive a certificate mismatch error when connecting by using a VPN client.

You need to resolve the certificate mismatch error.

What should you do?

Options:

A.

Install an IKEv2 VPN client on the user's computers.

B.

Reissue the client certificate with client authentication enabled.

C.

Create a profile manually, add the server FQDN and reissue the client certificate.

D.

Configure the tunnel type for IKEv2 and OpenVPN on VNetGW1.

Page: 6 / 9
Total 119 questions
Get AZ-720 Full Access Download AZ-720 PDF