04 Az 700 - 105

Recommend!!
Get the Full AZ-700 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/AZ-700-exam-dumps.html (114 New Questions)
Microsoft
Exam Questions AZ-700
Designing and Implementing Microsoft Azure Networking Solutions
Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Recommend!! Get the Full AZ-700 dumps in VCE and PDF From SurePassExam
NEW QUESTION 1
- (Exam Topic 3)
Your company has a single on-premises datacenter in New York. The East US Azure region has a peering location in New York.
The company only has Azure resources in the East US region.
You need to implement ExpressRoute to support up to 1 Gbps. You must use only ExpressRoute Unlimited data plans. The solution must minimize costs.
Which type of ExpressRoute circuits should you create?
A. ExpressRoute Local
B. ExpressRoute Direct
C. ExpressRoute Premium
D. ExpressRoute Standard
Answer: A
Explanation:
Reference:
https://azure.microsoft.com/en-us/pricing/details/expressroute/
NEW QUESTION 2
- (Exam Topic 3)
You have three on-premises sites. Each site has a third-party VPN device.
You have an Azure virtual WAN named VWAN1 that has a hub named Hub1. Hub1 connects two of the three on-premises sites by using a Site-to-Site VPN
connection.
You need to connect the third site to the other two sites by using Hub1.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Table Description automatically generated
Reference:
https://docs.microsoft.com/en-us/azure/virtual-wan/virtual-wan-site-to-site-portal
NEW QUESTION 3
- (Exam Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions
will not appear in the review screen.
You have an Azure subscription that contains the following resources:
* A virtual network named Vnet1
* A subnet named Subnet1 in Vnet1
* A virtual machine named VM1 that connects to Subnet1
* Three storage accounts named storage1, storage2, and storage3
You need to ensure that VM1 can access storage1. VM1 must be prevented from accessing any other storage accounts.
Solution: You configure the firewall on storage1 to only accept connections from Vnet1. Does this meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 4
- (Exam Topic 3)
You plan to deploy an Azure virtual network. You need to design the subnets.
Which three types of resources require a dedicated subnet? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
A. VPN gateway
B. Azure Bastion
C. Azure Active Directory Domain Services (Azure AD DS)
D. Azure Application Gateway v2
E. Azure Private Link
Answer: ABD
Explanation:
Reference:

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-for-azure-services
NEW QUESTION 5
- (Exam Topic 3)
You configure a route table named RT1 that has the routes shown in the following table.
You have an Azure virtual network named Vnet1 that has the subnets shown in the following table.
You have the resources shown in the following table.
Vnet1 connects to an ExpressRoute circuit. The on-premises router advertises the following routes:
* 0.0.0.0/0
* 10.0.0.0/16
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:

NEW QUESTION 6
- (Exam Topic 1)
You need to implement a P2S VPN for the users in the branch office. The solution must meet the hybrid networking requirements.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application, email Description automatically generated
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/openvpn-azure-ad-tenant
NEW QUESTION 7
- (Exam Topic 1)
You need to implement name resolution for the cloud.liwareinc.com. The solution must meet the networking requirements.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Graphical user interface, text, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/azure/dns/private-dns-autoregistration
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-insta

NEW QUESTION 8
- (Exam Topic 1)
You need to provide connectivity to storage1. The solution must meet the PaaS networking requirements and the business requirements.
What should you include in the solution?
A. a service endpoint
B. Azure Front Door
C. a private endpoint
D. Azure Traffic Manager
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview
NEW QUESTION 9
- (Exam Topic 1)
You need to connect Vnet2 and Vnet3. The solution must meet the virtual networking requirements and the business requirements.
Which two actions should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. On the peerings from Vnet2 and Vnet3, select Use remote gateways.
B. On the peering from Vnet1, select Allow forwarded traffic.
C. On the peering from Vnet1, select Use remote gateways.
D. On the peering from Vnet1, select Allow gateway transit.
E. On the peerings from Vnet2 and Vnet3, select Allow gateway transit.
Answer: BD
NEW QUESTION 10
- (Exam Topic 1)
You need to recommend a configuration for the ExpressRoute connection from the Boston datacenter. The solution must meet the hybrid networking requirements
and business requirements.
What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
For the first question, only ExpressRoute GW SKU Ultra Performance support FastPath feature.
For the second question, vnet1 will connect to ExpressRoute gw, once Vnet1 peers with Vnet2, the traffic from on-premise network will bypass GW and Vnet1,
directly goes to Vnet2, while this feature is under public preview.
====Reference
ExpressRoute virtual network gateway is designed to exchange network routes and route network traffic. FastPath is designed to improve the data path
performance between your on-premises network and your virtual network. When enabled, FastPath sends network traffic directly to virtual machines in the virtual
network, bypassing the gateway.
To configure FastPath, the virtual network gateway must be either: Ultra Performance
ErGw3AZ
VNet Peering - FastPath will send traffic directly to any VM deployed in a virtual network peered to the one connected to ExpressRoute, bypassing the
ExpressRoute virtual network gateway.
https://docs.microsoft.com/en-us/azure/expressroute/about-fastpath Gateway SKU
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-about-virtual-network-gateways
NEW QUESTION 10
- (Exam Topic 3)
You have 10 Azure App Service instances. Each instance hosts the same web app. Each instance is in a different Azure region.
You need to configure Azure Traffic Manager to direct users to the instance that has the lowest latency. Which routing method should you use?
A. geographic
B. weighted
C. performance
D. priority
Answer: D
NEW QUESTION 13
- (Exam Topic 3)
You are planning an Azure solution that will contain the following types of resources in a single Azure region:
Virtual machine
Azure App Service
Virtual Network gateway

Azure SQL Managed Instance

App Service and SQL Managed Instance will be delegated to create resources in virtual networks.
You need to identify how many virtual networks and subnets are required for the solution. The solution must minimize costs to transfer data between virtual
networks.
What should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Diagram, table Description automatically generated
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-for-azure-services#services-that-can-be
NEW QUESTION 18
- (Exam Topic 3)
Your company has offices in New York and Amsterdam. The company has an Azure subscription. Both offices connect to Azure by using a Site-to-Site VPN
connection.
The office in Amsterdam uses resources in the North Europe Azure region. The office in New York uses resources in the East US Azure region.
You need to implement ExpressRoute circuits to connect each office to the nearest Azure region. Once the ExpressRoute circuits are connected, the on-premises
computers in the Amsterdam office must be able to connect to the on-premises servers in the New York office by using the ExpressRoute circuits.
Which ExpressRoute option should you use?
A. ExpressRoute Local
B. ExpressRoute FastPath
C. ExpressRoute Direct
D. ExpressRoute Global Reach
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-global-reach
NEW QUESTION 23
- (Exam Topic 3)
You have an Azure private DNS zone named contoso.com that is linked to the virtual networks shown in the following table.
The links have auto registration enabled.

You create the virtual machines shown in the following table.
You manually add the following entry to the contoso.com zone:

Name: VM1
IP address: 10.1.10.9
For each of the following statements, select Yes of the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: No
The manual DNS record will overwrite the auto-registered DNS record so VM1 will resolve to 10.1.10.9. Box 2: No
The DNS record for VM1 is now a manually created record rather than an auto-registered record. Only auto-registered DNS records are deleted when a VM is
deleted.
Box 3: No
This answer depends on how the IP address is changed. To change the IP address of a VM manually, you would need to select ‘Static’ as the IP address
assignment. In this case, the DNS record will not be updated because only DHCP assigned IP addresses are auto-registered.
Reference:
https://docs.microsoft.com/en-us/azure/dns/dns-faq-private
NEW QUESTION 27
- (Exam Topic 3)
You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2. You have the NAT gateway shown in the NATgateway1
exhibit.
You have the virtual machine shown in the VM1 exhibit.
Subnet1 is configured as shown in the Subnet1 exhibit.
For each of the following statements, select Yes of the statement is true. Otherwise, select No.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: No
VM1 is in Zone2 whereas the NAT Gateway is in Zone1. The VM would need to be in the same zone as the NAT Gateway to be able to use it. Therefore, VM1
cannot use the NAT gateway.
Box 2: Yes
NATgateway1 is configured in the settings for Subnet2.
Box 3: No
The NAT gateway does not have a single public IP address, it has an IP prefix which means more than one IP address. The VMs the use the NAT Gateway can
use different public IP addresses contained within the IP prefix.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-gateway-resource
NEW QUESTION 31
- (Exam Topic 3)
You have an Azure virtual network named Vnet1.
You need to ensure that the virtual machines in Vnet1 can access only the Azure SQL resources in the East US Azure region. The virtual machines must be
prevented from accessing any Azure Storage resources.
Which two outbound network security group (NSG) rules should you create? Each correct answer presents part of the solution.
A. an allow rule that has the IP address range of Vnet1 as the source and destination of Sql.EastUS
B. a deny rule that has a source of VirtualNetwork and a destination of Sql
C. a deny rule that has a source of VirtualNetwork and a destination of 168.63.129.0/24
D. a deny rule that has the IP address range of Vnet1 as the source and destination of Storage
Answer: AD
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/service-tags-overview
NEW QUESTION 32
- (Exam Topic 3)
You have an Azure subscription that contains the virtual machines shown in the following table.
Subnet1 and Subnet2 are associated to a network security group (NSG) named NSG1 that has the following outbound rule:
Priority: 100
Port: Any
Protocol: Any
Source: Any
Destination: Storage
Action: Deny
You create a private endpoint that has the following settings:
Name: Private1
Resource type: Microsoft.Storage/storageAccounts
Resource: storage1
Target sub-resource: blob
Virtual network: Vnet1
Subnet: Subnet1
For each of the following statements, select Yes of the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Yes, Yes, Yes
NSG rules applied to the subnet hosting the private endpoint are not applied to the private endpoint.So the NSG1 doesn't limit storage access from either VM1 or
VM2.
https://docs.microsoft.com/en-us/azure/storage/common/storage-private-endpoints#network-security-group-rule
NEW QUESTION 33
- (Exam Topic 3)
You have an Azure subscription that contains an Azure App Service app. The app uses a URL of https://www.contoso.com.
You need to use a custom domain on Azure Front Door for www.contoso.com. The custom domain must use a certificate from an allowed certification authority
(CA).
A. an enterprise application in Azure Active Directory (Azure AD)

B. Active Directory Certificate Services (AD CS)
C. Azure Key Vault
D. Azure Application Gateway
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-custom-domain-https
NEW QUESTION 37
- (Exam Topic 3)
You have an Azure application gateway for a web app named App1. The application gateway allows end-to-end encryption.
You configure the listener for HTTPS by uploading an enterprise signed certificate.
You need to ensure that the application gateway can provide end-to-end encryption for App1. What should you do?
A. Set Listener type to Multi site.

B. Increase the Unhealthy threshold setting in the custom probe.
C. Upload the public key certificate to the HTTPS settings.
D. Enable the SSL profile for the listener.
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/end-to-end-ssl-portal
https://docs.microsoft.com/en-us/azure/application-gateway/create-ssl-portal#configuration-tab
NEW QUESTION 39
- (Exam Topic 3)
You have five virtual machines that run Windows Server. Each virtual machine hosts a different web app. You plan to use an Azure application gateway to provide
access to each web app by using a hostname of
www.contoso.corn and a different URL path for each web app, for example: https://www.contoso.com/app1.
You need to control the flow of traffic based on the URL path. What should you configure?
A. rules
B. rewrites
C. HTTP settings
D. listeners
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/url-route-overview
NEW QUESTION 43
- (Exam Topic 3)
You are planning the IP addressing for the subnets in Azure virtual networks. Which type of resource requires IP addresses in the subnets?
A. internal load balancers

B. storage account
C. serviice endpoints
D. service endpoint policies
Answer: A
Explanation:
Reference:

https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
NEW QUESTION 45
- (Exam Topic 3)
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription that contains the following resources:
* A virtual network named Vnet1
* A subnet named Subnet1 in Vnet1
* A virtual machine named VM1 that connects to Subnet1
* Three storage accounts named storage1, storage2, and storage3
You need to ensure that VM1 can access storage1. VM1 must be prevented from accessing any other storage accounts.
Solution: You create a network security group (NSG) and associate the NSG to Subnet1. Does this meet the goal?
A. Yes
B. No
Answer: B
NEW QUESTION 50
- (Exam Topic 3)
You have an Azure virtual network named Vnet1 and an on-premises network.
The on-premises network has policy-based VPN devices. In Vnet1, you deploy a virtual network gateway named GW1 that uses a SKU of VpnGw1 and is route-
based.
You have a Site-to-Site VPN connection for GW1 as shown in the following exhibit.
You need to ensure that the on-premises network can connect to the route-based GW1. What should you do before you create the connection?
A. Set Use Azure Private IP Address to Enabled

B. Set IPsec / IKE policy to Custom.
C. Set Connection Mode to ResponderOnly
D. Set BGP to Enabled
Answer: A
NEW QUESTION 52
- (Exam Topic 3)
You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled. You configure the application gateway to direct traffic to the URL
of the application gateway.
You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.
You need to ensure that the URL is accessible through the application gateway. Solution: You add a rewrite rule for the host header.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
https://docs.microsoft.com/en-us/azure/application-gateway/rewrite-http-headers-url#limitations
NEW QUESTION 55
- (Exam Topic 3)
You are configuring two network virtual appliances (NVAs) in an Azure virtual network. The NVAs will be used to inspect all the traffic within the virtual network.
You need to provide high availability for the NVAs. The solution must minimize administrative effort. What should you include in the solution?
A. Azure Standard Load Balancer

B. Azure Traffic Manager
C. Azure Application Gateway
D. Azure Front Door
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/dmz/nva-ha?tabs=cli

NEW QUESTION 60
- (Exam Topic 3)
You have a hybrid environment that uses ExpressRoute to connect an on-premises network and Azure.
You need to log the uptime and the latency of the connection periodically by using an Azure virtual machine and an on-premises virtual machine.
What should you use?
A. Azure Monitor
B. IP flow verify
C. Connection Monitor
D. Azure Internet Analyzer
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/connection-monitor
NEW QUESTION 64
- (Exam Topic 3)
You have an Azure virtual network and an on-premises datacenter.
You need to implement a Site-to-Site VPN connection between the datacenter and the virtual network. Which two resources should you create? Each correct
answer presents part of the solution. NOTE: Each
correct selection is worth one point.
A. a virtual network gateway

B. Azure Firewall
C. a local network gateway
D. Azure Web Application Firewall (WAF)
E. an on-premises data gateway
F. an Azure application gateway
G. a user-defined route
Answer: AC
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal
NEW QUESTION 67
- (Exam Topic 3)
You have an Azure virtual network that contains a subnet named Subnet1. Subnet1 is associated to a network security group (NSG) named NSG1. NSG1 blocks
all outbound traffic that is not allowed explicitly.
Subnet1 contains virtual machines that must communicate with the Azure Cosmos DB service.
You need to create an outbound security rule in NSG1 to enable the virtual machines to connect to Azure Cosmos DB.
A. a service tag
B. a private endpoint
C. a subnet delegation
D. an application security group
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/service-tags-overview
NEW QUESTION 71
- (Exam Topic 3)
You have an Azure Front Door instance named FrontDoor1.
You deploy two instances of an Azure web app to different Azure regions.
You plan to provide access to the web app through FrontDoor1 by using the name app1.contoso.com. You need to ensure that FrontDoor1 is the entry point for
requests that use app1.contoso.com.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 72
- (Exam Topic 3)
You need to use Traffic Analytics to monitor the usage of applications deployed to Azure virtual machines. Which Azure Network Watcher feature should you
implement first?
A. Connection monitor
B. Packet capture
C. NSG flow logs
D. IP flow verify
Answer: A
NEW QUESTION 75
- (Exam Topic 3)
You plan to configure BGP for a Site-to-Site VPN connection between a datacenter and Azure. Which two Azure resources should you configure? Each correct
answer presents a part of the solution.
(Choose two.)
A. a virtual network gateway

B. Azure Application Gateway
C. Azure Firewall
D. a local network gateway
E. Azure Front Door
Answer: AD
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/bgp-howto
NEW QUESTION 80
- (Exam Topic 3)
You have an Azure subscription that contains the virtual networks shown in the following table.
You plan to deploy an Azure firewall named AF1 to RG1 in the West US Azure region. To which virtual networks can you deploy AF1?
A. Vnet1 only
B. Vnet1 and Vnet2 only
C. Vnet1, Vnet2, and Vnet4 only
D. Vnet1 and Vnet4 only
E. Vnet1, Vnet2. Vnet3, and Vnet4
Answer: C
NEW QUESTION 82
- (Exam Topic 3)
You have an Azure subscription that contains the public IPv4 addresses shown in the following table.
You plan to create a load balancer named LB1 that will have the following settings:
* Name: LB1
* Location: West US
* Type: Public
* SKU: Standard
Which public IPv4 addresses can be used by LB1?
A. IP1 and IP3 only

B. IP3 only
C. IP3 and IP5 only
D. IP2only
E. IP1, IP2. IP3. IP4. and IP5
F. IP1, IP3, IP4, and 1P5 only
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-public-ip-address
This is because "Load balancer and the public IP address SKU must match when you use them with public IP addresses" https://docs.microsoft.com/en-
us/azure/load-balancer/skus
Standard SKU Load Balancer routes traffic within and across regions, and to Availability Zones for high resiliency.

NEW QUESTION 85
- (Exam Topic 3)
You have the hybrid network shown in the Network Diagram exhibit.
You have a peering connection between Vnet1 and Vnet2 as shown in the Peering-Vnet1-Vnet2 exhibit.
You have a peering connection between Vnet1 and Vnet3 as shown in the Peering -Vnet1-Vnet3 exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 88
- (Exam Topic 3)
You have an Azure Front Door instance that provides access to a web app. The web app uses a hostname of www.contoso.com.
You have the routing rules shown in the following table.
Which rule will apply to each incoming request? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-route-matching
NEW QUESTION 89
- (Exam Topic 3)
You are planning an Azure Point-to-Site (P2S) VPN that will use OpenVPN. Users will authenticate by using an on premises Active Directory domain. Which
additional service should you deploy to support the VPN authentication?
A. a certification authority (CA)

B. a RADIUS server
C. an Azure key vault
D. Azure Active Directory (Azure AD) Application Proxy
Answer: B
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/point-to-site-about
NEW QUESTION 91
- (Exam Topic 3)
You have a website that uses an FQDN of www.contoso.com. The DNS record tor www.contoso.com resolves to an on-premises web server.
You plan to migrate the website to an Azure web app named Web1. The website on Web1 will be published by using an Azure Front Door instance named
ContosoFD1.
You build the website on Web1.
You plan to configure ContosoFD1 to publish the website for testing.
When you attempt to configure a custom domain for www.contoso.com on ContosoFD1, you receive the error message shown in the exhibit.
You need to test the website and ContosoFD1 without affecting user access to the on-premises web server. Which record should you create in the contoso.com
DNS domain?
A. a CNAME record that maps www.contoso.com to ContosoFD1.azurefd.net

B. a CNAME record that maps www.contoso.com to Web1.contoso.com
C. a CNAME record that maps afdverify.www.contoso.com to ContosoFD1.azurefd.net
D. a CNAME record that maps afdverify.www.contoso.com to afdverify.ContosoFD1.azurefd.net
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-custom-domain#map-the-temporary-afdverify-subd
NEW QUESTION 95
- (Exam Topic 3)
You have an Azure Front Door instance that has a single frontend named Frontend1 and an Azure Web Application Firewall (WAF) policy named Policy1. Policy1
redirects requests that have a header containing "string1" to https://www.contoso.com/redirect1. Policy1 is associated to Frontend1.
You need to configure additional redirection settings. Requests to Frontend1 that have a header containing "string2" must be redirected to
https://www.contoso.com/redirect2.
Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A. Create a custom rule.

B. Configure a managed rule.
C. Create a frontend host.
D. Create a policy.
E. Create an association.
F. Add a custom rule to Policy1.
Answer: ABE
NEW QUESTION 97
- (Exam Topic 3)
You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2. You have the NAT gateway shown in the NATgateway1
exhibit, (Click the NATgateway1 tab)
You have the virtual machine shown in the VM1 exhibit, (Click the VM1 tab)
Subnet1 is configured as shown in the Subnet1 exhibit, (Click the Subnet1 tab)
For each of the following statements, select Yes if the statement is true. Otherwise, select No

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Box 1: No
VM1 is in Zone2 whereas the NAT Gateway is in Zone1. The VM would need to be in the same zone as the NAT Gateway to be able to use it. Therefore, VM1
cannot use the NAT gateway.
Box 2: Yes
NATgateway1 is configured in the settings for Subnet2.
Box 3: No
The NAT gateway does not have a single public IP address, it has an IP prefix which means more than one IP address. The VMs the use the NAT Gateway can
use different public IP addresses contained within the IP prefix.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-gateway-resource
NEW QUESTION 98
- (Exam Topic 3)
You have two Azure virtual networks named Vnet1 and Vnet2.
You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-to-Site (P2S) IKEv2 VPN.
You implement virtual network peering between Vnet1 and Vnet2. Vnet1 allows gateway transit. Vnet2 can use the remote gateway.
You discover that Client1 cannot communicate with Vnet2. You need to ensure that Client1 can communicate with Vnet2.
Solution: You reset the gateway of Vnet1. Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation:
The VPN client must be downloaded again if any changes are made to VNet peering or the network topology. Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site-routing
NEW QUESTION 99
- (Exam Topic 3)
You have Azure App Service apps in the West US Azure region as shown in the following table.
You need to ensure that all the apps can access the resources in a virtual network named Vnet1 without forwarding traffic through the internet-How many
integration subnets should you create?
A. 1
B. 3
C. 4
D. 6
Answer: C
Explanation:
One integration subnet is required per App Service Plan regardless of how many apps are running in the App Service Plan.
Reference:
https://docs.microsoft.com/en-us/azure/app-service/overview-vnet-integration
NEW QUESTION 100

- (Exam Topic 3)
You have an Azure subscription that contains the resources shown in the following table.
The IP Addresses settings for Vnet1 are configured as shown in the exhibit.
You need to ensure that you can integrate WebApp1 and Vnet1.
Which three actions should you perform in sequence before you can integrate WebApp1 and Vnet1? To answer, move the appropriate actions from the list of
actions to the answer area and arrange them in the correct order.

A. Mastered
B. Not Mastered
Answer: A
Explanation:
Text Description automatically generated with medium confidence
Reference:
https://docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnet#gateway-required-vnet-integra
NEW QUESTION 102

- (Exam Topic 3)
You have the Azure Traffic Manager profiles shown in the following table.
You plan to add the endpoints shown in the following table.
Which endpoints can you add to Profile2?
A. Endpoint1 and Endpoint4 only

B. Endpoint1, Endpoint2, Endpoint3, and Endpoint4
C. Endpoint1 only
D. Endpoint2 and Endpoint3 only
E. Endpoint3 only
Answer: A
NEW QUESTION 103

- (Exam Topic 3)
You have two Azure subscriptions named Subscnption1 and Subscription2. Subscription1 contains a virtual network named Vnet1. Vnet1 contains an application
server. Subscription2 contains a virtual network named Vnet2.
You need to provide the virtual machines in Vnet2 with access to the application server in Vnet1 by using a private endpoint.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.
A. Mastered
B. Not Mastered
Answer: A

Explanation:
NEW QUESTION 105

- (Exam Topic 3)
You have an Azure Traffic Manager parent profile named TM1. TM1 has two child profiles named TM2 and TM3.
TM1 uses the performance traffic-routing method and has the endpoints shown in the following table.
TM2 uses the weighted traffic-routing method with MinChildEndpoint = 2 and has the endpoints shown in the following table.
TM3 uses priority traffic-routing method and has the endpoints shown in the following table.
The App2, App4, and App6 endpoints have a degraded monitoring status.
To which endpoint is traffic directed? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point
A. Mastered
B. Not Mastered
Answer: A
Explanation:
Diagram Description automatically generated
Reference:
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-nested-profiles
Traffic from West Europe:
Basedd on TM1 table, West Europe will trigger TM2. However, as the MinChildEndpoint is set to 2, and
App4 is degraded (down), the entire TM2 will not be considered available.
This goes back to the origin TM1 that uses performance traffic-routing method, which means the closest location is App1 and naturally be the next best
performance instance.
Hence, Answer = App1
Traffic from West US:
Based on TM1 table, West US will trigger TM3. However, both App2 and App6 were degraded (down), so none of them can be considered.
This goes back to the original TM1 that uses performance traffic-routing method, from TM1, the other 2 US locations would be App2 and App3. But App2 we know

it's already degraded (unavailable), hence the only option would be App3.
Answer = App3
NEW QUESTION 108

......

Thank You for Trying Our Product
We offer two products:
1st - We have Practice Tests Software with Actual Exam Questions
2nd - Questons and Answers in PDF Format
AZ-700 Practice Exam Features:
* AZ-700 Questions and Answers Updated Frequently
* AZ-700 Practice Questions Verified by Expert Senior Certified Staff
* AZ-700 Most Realistic Questions that Guarantee you a Pass on Your FirstTry
* AZ-700 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year
100% Actual & Verified — Instant Download, Please Click

Order The AZ-700 Practice Test Here

Powered by TCPDF (www.tcpdf.org)

04 Az 700 - 105

Uploaded by

Copyright:

Available Formats

04 Az 700 - 105

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

04 Az 700 - 105

Uploaded by

Copyright:

Available Formats

Recommend!!

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

You have the resources shown in the following table.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Azure SQL Managed Instance

The links have auto registration enabled.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

You create the virtual machines shown in the following table.

You manually add the following entry to the contoso.com zone:

You have the virtual machine shown in the VM1 exhibit.

Subnet1 is configured as shown in the Subnet1 exhibit.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. an enterprise application in Azure Active Directory (Azure AD)

A. Set Listener type to Multi site.

A. internal load balancers

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. Set Use Azure Private IP Address to Enabled

A. Azure Standard Load Balancer

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. a virtual network gateway

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. a virtual network gateway

A. IP1 and IP3 only

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

A. a certification authority (CA)

A. a CNAME record that maps www.contoso.com to ContosoFD1.azurefd.net

A. Create a custom rule.

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 100

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 102

You plan to add the endpoints shown in the following table.

Which endpoints can you add to Profile2?

A. Endpoint1 and Endpoint4 only

NEW QUESTION 103

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 105

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

NEW QUESTION 108

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Thank You for Trying Our Product

We offer two products:

1st - We have Practice Tests Software with Actual Exam Questions

2nd - Questons and Answers in PDF Format

AZ-700 Practice Exam Features:

* AZ-700 Questions and Answers Updated Frequently

* AZ-700 Practice Questions Verified by Expert Senior Certified Staff

100% Actual & Verified — Instant Download, Please Click

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.