AZ-700 Designing and Implementing Microsoft Azure Networking Solutionspopular - Practice Questions - Post 4
Featured Image: 
1.
Page: Page 23
Answer(s):
Explanation: Not available
2.
Page: Page 23
Answer(s):
Explanation:
3. You are planning the IP addressing for the subnets in Azure virtual networks. Which type of resource requires IP addresses in the subnets?
Page: Page 24
Option A: storage account
Option B: internal load balancers
Option C: service endpoints
Option D: service endpoint policies
Answer(s): 2
Explanation: Not available
4. You have the Azure virtual networks shown in the following table. You deploy Azure Firewall to Vnet3. You need to ensure that the traffic from Subnet1-1 to Subnet2-1 passes through the firewall. What should you configure?
Page: Page 24
Option A: peering links between Vnet1 and Vnet2
Option B: a route table associated to Subnet1-1 and Subnet2-1
Option C: an Azure private DNS zone
Option D: a route table associated to AzureFirewallSubnet
Answer(s): 2
Explanation: Not available
5. You plan to implement an Azure virtual network that will contain 10 virtual subnets. The subnets will use IPv6 addresses. Each subnet will host up to 200 load-balanced virtual machines. You need to recommend which subnet mask size to use for the virtual subnets. What should you recommend?
Page: Page 24
Option A: /64
Option B: /120
Option C: /48
Option D: /24
Answer(s): 1
Explanation: Not available
6. DRAG DROP (Drag and Drop is not supported) (Drag and Drop is not supported) You have two on-premises datacenters. You have an Azure subscription that contains four virtual networks named VNet1, VNet2, VNet3, and VNet4. You create an Azure virtual WAN named VWAN1. VWAN1 contains a single virtual hub that is connected to both on-premises datacenters and all the virtual networks in a full mesh topology. You create a route table named RT1. You need to configure VWAN1 to meet the following requirements: • Connectivity between VNet1 and VNet2 and both on-premises datacenters must be allowed. • Connectivity between VNet3 and VNet4 and both on-premises datacenters must be allowed. • VNet1 and VNet2 must be isolated from VNet3 and VNet4. How should you configure routing for VNet1 and VNet2 and for both on-premises datacenters? To answer, drag the appropriate route tables and route table propagation to the correct requirements. Each route table and route table propagation may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Page: Page 24
Option A: See Explanation section for answer.
Answer(s): 1
Explanation:
7. You are planning the IP addressing for the subnets in Azure virtual networks. Which type of resource requires IP addresses in the subnets?
Page: Page 25
Option A: Azure Virtual Network NAT
Option B: service endpoint policies
Option C: internal load balancers
Option D: virtual network peering
Answer(s): 3
Explanation: Not available
8. HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported) You have an Azure subscription that contains an Azure key vault named Vault1 and an app registration for an Azure AD app named App1. You have a DNS domain named contoso.com that is hosted by a third-party DNS provider. You plan to deploy App1 by using Azure App Service. App1 will have the following configurations: • App1 will be hosted across five App Service apps. • Users will access App1 by using a URL of https://app1.contoso.com. • The user traffic of App1 will be managed by using Azure Front Door. • The traffic between Front Door and the App Service apps will be sent by using HTTP. • App1 will be secured by using an SSL certificate from a third-party certificate authority (CA). You need to support the Front Door deployment. Which two DNS records should you create, and to where should you import the SSL certificate for App1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Page: Page 25
Option A: See Explanation section for answer.
Answer(s): 1
Explanation:
9. You have an Azure subscription that contains a virtual network named VNet1. VNet1 has a subnet mask of/24. You plan to implement an Azure application gateway that will have the following configurations: • Public endpoints: 1 • Private endpoints: 1 • Minimum instances: 1 • Maximum instances: 10 You need to configure the address space for the subnet of the application gateway. The solution must minimize the number of IP addresses allocated to the application gateway subnet. What is the minimum number of assignable IP addresses required?
Page: Page 25
Option A: 1
Option B: 2
Option C: 11
Option D: 12
Answer(s): 3
Explanation: Not available
10. HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported) Your on-premises network contains a server named DNS1 that runs Windows Server 2022. DNS1 has the DNS server role and an IP address of 10.1.0.1. The network contains computers that use DNS1 for name resolution. You have an Azure subscription that contains the resources shown in the following table. The on-premises network connects to Vnet1 by using a Site-to-Site VPN. You need to ensure that the computers on the on-premises network can resolve the IP address for sql1.private.fabrikam.com. What should you do on DNS1 and DNS2? To answer, drag the appropriate actions to the correct servers. Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Page: Page 25
Option A: See Explanation section for answer.
Answer(s): 1
Explanation:
11. DRAG DROP (Drag and Drop is not supported) (Drag and Drop is not supported) You have an Azure subscription that contains the resources shown in the following table. You need to associate Gateway1 with Subnet1. The solution must minimize downtime on VM1. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Page: Page 26
Answer(s):
Explanation:
12.
Page: Page 26
Answer(s):
Explanation:
13.
Page: Page 26
Answer(s):
Explanation:
14.
Page: Page 26
Answer(s):
Explanation:
15. SIMULATION Username and password Use the following login credentials as needed: To enter your username, place your cursor in the Sign in box and click on the username below. To enter your password, place your cursor in the Enter password box and click on the password below. Azure Username: User-12345678@cloudslice.onmicrosoft.com Azure Password: xxxxxxxxxx If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab. The following information is for technical support purposes only: Lab Instance: 12345678 You plan to configure a VPN tunnel for VNET2. You need to ensure that all internet traffic from subnet2-1 is routed through an on-premises firewall before reaching the destination. The solution must be achieved without using dynamic routing protocols. To complete this task, sign in to the Azure portal.
Page: Page 27
Option A: See Explanation section for answer.
Answer(s): 1
Explanation:
16. SIMULATION Username and password Use the following login credentials as needed: To enter your username, place your cursor in the Sign in box and click on the username below. To enter your password, place your cursor in the Enter password box and click on the password below. Azure Username: User-12345678@cloudslice.onmicrosoft.com Azure Password: xxxxxxxxxx If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab. The following information is for technical support purposes only: Lab Instance: 12345678 You plan to deploy two DNS servers to subnet2-1. Each server will host a DNS zone for fabrikam,com. The DNS zones will contain records from the on-premises network only. The IP address of the DNS servers will be 10.2.1.4 and 10.2.1.5. You need to ensure that virtual machines on VNET2 can resolve the names of the on-premises servers in fabrikam.com. To complete this task, sign in to the Azure portal.
Page: Page 27
Option A: See Explanation section for answer.
Answer(s): 1
Explanation:
17. HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported) You have an Azure subscription that contains the route tables and routes shown in the following table. The subscription contains the subnets shown in the following table. The subscription contains the virtual machines shown in the following table. The subscription contains the local network gateways shown in the following table. There is a Site-to-Site VPN connection to each local network gateway. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:
Page: Page 27
Option A: See Explanation section for answer.
Answer(s): 1
Explanation:
18. You have an Azure subscription that contains the public IP addresses shown in the following table. You plan to deploy a NAT gateway named NAT1. Which public IP addresses can be used as the public IP address for NAT1?
Page: Page 27
Option A: IP3 only
Option B: IP5 only
Option C: IP2 and IP4 only
Option D: IP1, IP3 and IP5 only
Answer(s): 1
Explanation: Only static IPv4 addresses in the Standard SKU are supported. IPv6 doesn't support NAT.
19. You have an Azure application gateway named AGW1 that has a routing rule named Rule1. Rule 1 directs traffic for http://www.contoso.com to a backend pool named Pool1. Pool1 targets an Azure virtual machine scale set named VMSS1. You deploy another virtual machine scale set named VMSS2. You need to configure AGW1 to direct all traffic for http://www.adatum.com to VMSS2. The solution must ensure that requests to http://www.contoso.com continue to be directed to Pool1. Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Page: Page 28
Option A: Add a backend pool.
Option B: Modify an HTTP setting.
Option C: Add an HTTP setting.
Option D: Add a listener.
Answer(s): 1,4,5
Explanation: https://docs.microsoft.com/en-us/azure/application-gateway/configuration-overview
20. HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported) You have an Azure Traffic Manager parent profile named TM1. TM1 has two child profiles named TM2 and TM3. TM1 uses the performance traffic-routing method and has the endpoints shown in the following table. TM2 uses the weighted traffic-routing method with MinChildEndpoint = 2 and has the endpoints shown in the following table. TM3 uses priority traffic-routing method and has the endpoints shown in the following table. The App2, App4, and App6 endpoints have a degraded monitoring status. To which endpoint is traffic directed? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point Hot Area:
Page: Page 28
Option A: See Explanation section for answer.
Answer(s): 1
Explanation:
21. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled. You configure the application gateway to direct traffic to the URL of the application gateway. You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error. You need to ensure that the URL is accessible through the application gateway from any IP address. Solution: You add a rewrite rule for the host header. Does this meet the goal?
Page: Page 28
Option A: Yes
Option B: No
Answer(s): 2
Explanation: The log shows that WAF rule with ruleId 920300 was trigged. Instead we should disable the WAF rule that has a ruleId 920300.
22. HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported) You have an Azure Front Door instance that provides access to a web app. The web app uses a hostname of www.contoso.com. You have the routing rules shown in the following table. Which rule will apply to each incoming request? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point Hot Area:
Page: Page 28
Option A: See Explanation section for answer.
Answer(s): 1
Explanation:
23. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled. You configure the application gateway to direct traffic to the URL of the application gateway. You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error. You need to ensure that the URL is accessible through the application gateway. Solution: You disable the WAF rule that has a ruleId 920300. Does this meet the goal?
Page: Page 29
Answer(s):
Explanation:
24.
Page: Page 29
Answer(s):
Explanation:
25.
Page: Page 29
Answer(s):
Explanation:
26.
Page: Page 29
Answer(s):
Explanation:
27. You have an Azure application gateway named AppGW1 that balances requests to a web app named App1. You need to modify the server variables in the response header of App1. What should you configure on AppGW1?
Page: Page 30
Option A: HTTP settings
Option B: rewrites
Option C: rules
Option D: listeners
Answer(s): 2
Explanation: https://docs.microsoft.com/en-us/azure/application-gateway/rewrite-http-headers-url
28. You have an Azure Virtual Desktop deployment that has 500 session hosts. All outbound traffic to the internet uses a NAT gateway. During peak business hours, some users report that they cannot access internet resources. In Azure Monitor, you discover many failed SNAT connections. You need to increase the available SNAT connections. What should you do?
Page: Page 30
Option A: Bind the NAT gateway to another subnet.
Option B: Add a public IP address.
Option C: Deploy Azure Standard Load Balancer that has outbound rules.
Answer(s): 2
Explanation: https://docs.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-gateway-resource
29. You have an Azure subscription that contains the public IPv4 addresses shown in the following table. You plan to create a load balancer named LB1 that will have the following settings: -Name: LB1 -Location: West US -Type: Public -SKU: Standard Which public IPv4 addresses can be used by LB1?
Page: Page 30
Option A: IP1, IP3, IP4, and IP5 only
Option B: IP3 only
Option C: IP1 and IP3 only
Option D: IP2 only
Answer(s): 2
Explanation: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-public-ip-address
30. You have the Azure environment shown in the exhibit. VM1 is a virtual machine that has an instance-level public IP address (ILPIP). Basic Load Balancer uses a public IP address. VM1 and VM2 are in the backend pool. NAT Gateway uses a public IP address named IP3 that is associated to SubnetA. VNet1 has a virtual network gateway that has a public IP address named IP4. When initiating outbound traffic to the internet from VM1, which public address is used?
Page: Page 30
Option A: IP1
Option B: IP2
Option C: IP3
Option D: IP4
Answer(s): 3
Explanation: Not available
Post a Comment