Microsoft AZ-700 Exam Questions Free Practice Test

Viewing page 1 out of 7 pages

Viewing questions 1-10 out of questions

Questions # 1:

You need to plan the deployment of LBGW1. The solution must support the planned changes.

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 1

Expert Solution

Questions # 2:

You need to configure FD1 to provide user access to app2.proseware.com. The solution must meet the security requirements and the general requirements.

What should you do first?

Options:

Add a custom domain to FD1.

Add a security policy to FD1.

Request a certificate from a trusted root CA.

Export the TLS certificate and the private key from App2.

Expert Solution

Questions # 3:

You need to configure a custom rule for APPGWI-WAFPolicy to allow only connections that originate from FD1. The solution must support the planned changes.

Which Match type and Match variable should you select?

Options:

String and RequestCookies

IP address and RemoteAddr

String and RequestHeaders

Geo location and RemoteAddr

Expert Solution

Questions # 4:

You need to manage connectivity from NYCNet to the Azure services that use private endpoints. The solution must meet the security requirements. What should you do first?

Options:

Add a route table to SUBNET-PL

Enable a network policy for SUBNET-PE.

From Azure Virtual Network Manager, create a security admin configuration.

From Azure Viitual Network Manager, create a network group that has Member type set to Subnet

Expert Solution

Questions # 5:

You have an Azure subscription that contains an Azure App Service app. The app uses a URL of https://www.contoso.com.

You need to use a custom domain on Azure Front Door for www.contoso.com. The custom domain must use a certificate from an allowed certification authority (CA).

What should you include in the solution?

Options:

an enterprise application in Azure Active Directory (Azure AD)

Active Directory Certificate Services (AD CS)

Azure Key Vault

Azure Application Gateway

Expert Solution

Questions # 6:

You fail to establish a Site-to-Site VPN connection between your company's main office and an Azure virtual network.

You need to troubleshoot what prevents you from establishing the IPsec tunnel.

Which diagnostic log should you review?

Options:

IKEDiagnosticLog

GatewayDiagnosticLog

TunnelDiagnosticLog

RouteDiagnosticLog

Expert Solution

Questions # 7:

You have an Azure subscription that contains the resources shown in the following table.

Question # 7

You create a virtual network named Vnet2 in the West US region.

You plan to enable peering between Vnet1 and Vnet2.

You need to ensure that the virtual machines connected to Vnet2 can connect to VM1 and VM2 via LB1.

What should you do?

Options:

Change the Floating IP configurations of LB1.

From the Peerings settings of Vnet2. set Traffic forwarded from remote virtual network to Allow

Change the SKU of LB1

From the Peerings settings of Vnet1, set Traffic forwarded from remote virtual network to Allow.

Expert Solution

Questions # 8:

You have an on-premises network.

You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains an ExpressRoute gateway.

You need to connect VNet1 to the on-premises network by using an ExpressRoute circuit.

Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question # 8

Expert Solution

Questions # 9:

Your company has five offices. Each office has a firewall device and a local internet connection. The offices connect to a third-party SD-WAN.

You have an Azure subscription that contains a virtual network named Vnet1. Vnet1 contains a virtual network gateway named Gateway1. Each office connects to Gateway1 by using a Site-to-Site VPN connection.

You need to replace the third-party SD-WAN with an Azure Virtual WAN. What should you include in the solution?

Options:

Delete Gateway1.

Create new Point-to-Site (P2S) VPN connections on the firewall devices.

Create an Azure Traffic Manager profile.

Enable active-active mode on Gateway1.

Expert Solution

Answer

Explanation

QUESTION ON: 132 HOTSPOT

You have on-premises datacenters in New York and Seattle.

You have an Azure subscription that contains the ExpressRoute circuits shown in the following table.

Name

Azure region

Datacenter

ERC1

East US

New Vork

ERC2

West US2

Seattle

You need to ensure that all the data sent between the datacenters is routed via the ExoressRoute circuits. The solution must minimize costs.

Answer:

QUESTION ON:133

Your company has an office in New York.

The company has an Azure subscription that contains the virtual networks shown in the following table.

Name

Location

Vnet1

East LS

Vnet2

North Europe

Vnet3

West US

Vnet4

West Europe

You need to connect the virtual networks to the office by using ExpressRoute. The solution must meet the following requirements:

• The connection must have up to 1 Gbps of bandwidth.

• The office must have access to all the virtual networks.

• Costs must be minimized.

How many ExpressRoute circuits should be provisioned, and which ExpressRoute 5KU should you enable?

A.one ExpressRoute Standard circuit

B. one ExpressRoute Premium circuit

C. two ExpressRoute Premium circuits

D. four ExpressRoute Standard circuits

Answer: B

QUESTION NO; 134

You have the Azure virtual networks shown in the following table.

You deploy Azure Firewall to Vnet3.

You need to ensure that the traffic from Subnet1-1 to Subnet2-1 passes through the firewall. What should you configure?

A. peering links between Vnet1 and Vnet2

B. a route table associated to Subnet1 -1 and Subnet2-1

C.an Azure private DNS zone

D. a route table associated to AzureFitewallSubnet

Answer: B

QUESTION ON: 135

You plan to implement an Azure virtual network that will contain 10 virtual subnets. The subnets will use IPv6 addresses. Each subnet will host up to 200 load-balanced virtual machines.

You need to recommend which subnet mask size to use for the virtual subnets.

What should you recommend?

A. /64

B. /120

C. /48

D. /24

Answer: D

QUESTION ON:136

You have 10 on-premises networks that are connected by using a 3rd party Software Defined Wide Area Network (SD-WAN) solution. You have an Azure subscription that contains five virtual networks.

You plan to connect the Azure virtual networks and the on-premises networks by using an Azure Virtual WAN with a single virtual WAN hub.

You need to ensure that the Azure Virtual WAN can act as a node in the 3rd party SD-WAN solution.

What should you include in the solution?

A. An Azure Virtual WAN ExpressRoute gateway

B. A Network Virtual Appliance (NVA)

C. A Site to site gateway (VPN gateway)

D. A Point to site gateway (User VPN gateway)

Answer: B

Questions # 10:

You have an Azure subscription that contains a dual-stack virtual network named VNet1. VNet1 has the following IP address spaces:

• IPv4:192.168.0.0/24

• IPv6: fd0adbftdeca: deed: y48

You plan to deploy an Azure VPN gateway and multiple virtual machines to VNet1.

You need to configure the subnet masks for VNet1. The solution must meet the following requirements:

• Maximize the number of usable IP addresses.

• Support the deployment of the VPN gateway and the virtual machines.

Which subnet mask should you use for each address space? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Question # 10

Expert Solution

Viewing page 1 out of 7 pages

Viewing questions 1-10 out of questions

Big Halloween Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

Pass the Microsoft Microsoft Certified: Azure Network Engineer Associate AZ-700 Questions and answers with CertsForce