AZ-104 : Microsoft Azure Administrator Certification dumps - - Page 27
1. You have an Azure subscription named Subscription1. Subscription1 contains a virtual machine named VM1. You have a computer named Computer1 that runs Windows 10. Computer1 is connected to the Internet. You add a network interface named vm1173 to VM1 as shown in the exhibit. (Click the Exhibit tab.) From Computer1, you attempt to connect to VM1 by using Remote Desktop, but the connection fails. You need to establish a Remote Desktop connection to VM1. What should you do first?
Page: Page 27
Option A: Change the priority of the RDP rule
Option B: Attach a network interface
Option C: Delete the DenyAllInBound rule
Option D: Start VM1
Answer(s): 4
Explanation: Incorrect Answers: A: Rules are processed in priority order, with lower numbers processed before higher numbers, because lower numbers have higher priority. Once traffic matches a rule, processing stops. RDP already has the lowest number and thus the highest priority. B: The network interface has already been added to VM. C: The Outbound rules are fine.
SEO Keywords: 1. Microsoft Azure Administrator Certification dumps, 2. AZ-104 exam preparation, 3. Remote Desktop connection Azure VM, 4. Azure subscription troubleshooting, 5. VM network interface configuration
2. You have the Azure virtual machines shown in the following table. A DNS service is installed on VM1. You configure the DNS servers settings for each virtual network as shown in the following exhibit. You need to ensure that all the virtual machines can resolve DNS names by using the DNS service on VM1. What should you do?
Page: Page 27
Option A: Configure a conditional forwarder on VM1
Option B: Add service endpoints on VNET1
Option C: Add service endpoints on VNET2 and VNET3
Option D: Configure peering between VNET1, VNET2, and VNET3
Answer(s): 4
Explanation: Virtual network peering enables you to seamlessly connect networks in Azure Virtual Network. The virtual networks appear as one for connectivity purposes. The traffic between virtual machines uses the Microsoft backbone infrastructure. Incorrect Answers: B, C: Virtual Network (VNet) service endpoint provides secure and direct connectivity to Azure services over an optimized route over the Azure backbone network. Endpoints allow you to secure your critical Azure service resources to only your virtual networks. Service Endpoints enables private IP addresses in the VNet to reach the endpoint of an Azure service without needing a public IP address on the VNet.
SEO Keywords: 1. Azure AZ-104 exam, 2. Microsoft Azure DNS configuration, 3. Azure virtual machine DNS resolution, 4. Azure Administrator certification preparation, 5. Azure VM DNS server settings
3. HOTSPOT (Drag and Drop is not supported) You have an Azure subscription that contains the Azure virtual machines shown in the following table. You add inbound security rules to a network security group (NSG) named NSG1 as shown in the following table. You run Azure Network Watcher as shown in the following exhibit. You run Network Watcher again as shown in the following exhibit. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:
Page: Page 27
Option A: See Explanation section for answer.
Answer(s): 1
Explanation: Box 1: No It limits traffic to VM2, but not VM1 traffic. Box 2: Yes Yes, the destination is VM2. Box 3: No
SEO Keywords: 1. AZ-104 certification dumps, 2. Azure Administrator exam preparation, 3. NSG inbound security rules, 4. Azure Network Watcher usage, 5. Azure virtual machine configurations
4. You have the Azure virtual network named VNet1 that contains a subnet named Subnet1. Subnet1 contains three Azure virtual machines. Each virtual machine has a public IP address. The virtual machines host several applications that are accessible over port 443 to users on the Internet. Your on-premises network has a site-to-site VPN connection to VNet1. You discover that the virtual machines can be accessed by using the Remote Desktop Protocol (RDP) from the Internet and from the on-premises network. You need to prevent RDP access to the virtual machines from the Internet, unless the RDP connection is established from the on-premises network. The solution must ensure that all the applications can still be accessed by the Internet users. What should you do?
Page: Page 27
Option A: Modify the address space of the local network gateway
Option B: Create a deny rule in a network security group (NSG) that is linked to Subnet1
Option C: Remove the public IP addresses from the virtual machines
Option D: Modify the address space of Subnet1
Answer(s): 2
Explanation: You can use a site-to-site VPN to connect your on-premises network to an Azure virtual network. Users on your on-premises network connect by using the RDP or SSH protocol over the site-to-site VPN connection. You don't have to allow direct RDP or SSH access over the internet.
SEO Keywords: 1. Microsoft AZ-104 certification dumps, 2. Azure Administrator certification practice questions, 3. Azure virtual network security best practices, 4. Restricting RDP access on Azure virtual machines, 5. Site-to-site VPN setup in Microsoft Azure
Post a Comment