This page was exported from Latest Exam Prep [ http://certify.vceprep.com ] Export date:Mon Mar 10 3:46:03 2025 / +0000 GMT ___________________________________________________ Title: Get Microsoft AZ-700 Dumps Questions Study Exam Guide Jan 06, 2025 [Q122-Q145] --------------------------------------------------- Get Microsoft AZ-700 Dumps Questions Study Exam Guide Jan 06, 2025 AZ-700 Premium Exam Engine - Download Free PDF Questions QUESTION 122You have an Azure subscription that contains the resource groups shown in the following table.You have the virtual networks shown in the following table.Vne1l contains two virtual machines named VM1 and VM2. Vnet2 contains two virtual machines named VM3 and VM4. You have the network security groups (NSGs) shown in the following table that include only default rules.You have the Azure load balancers shown in the following table. QUESTION 123Your company has an on-premises network and three Azure subscriptions named Subscription1, Subscription2, and Subscription3.The departments at the company use the Azure subscriptions as shown in the following table.All the resources in the subscriptions are in either the West US Azure region or the West US 2 Azure region.You plan to connect all the subscriptions to the on-premises network by using ExpressRoute.What is the minimum number of ExpressRoute circuits required?  1  2  3  4  5 Reference:https://docs.microsoft.com/en-us/azure/expressroute/expressroute-introductionQUESTION 124You need to meet the network security requirements for the NSG flow logs.Which type of resource do you need, and how many instances should you create? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. QUESTION 125You fail to establish a Site-to-Site VPN connection between your company’s main office and an Azure virtual network.You need to troubleshoot what prevents you from establishing the IPsec tunnel.Which diagnostic log should you review?  IKEDiagnosticLog  GatewayDiagnosticLog  TunnelDiagnosticLog  RouteDiagnosticLog Reference:https://docs.microsoft.com/en-us/azure/vpn-gateway/troubleshoot-vpn-with-azure-diagnostics IKEDiagnosticLog = The IKEDiagnosticLog table offers verbose debug logging for IKE/IPsec. This is very useful to review when troubleshooting disconnections, or failure to connect VPN scenarios.GatewayDiagnosticLog = Configuration changes are audited in the GatewayDiagnosticLog table.TunnelDiagnosticLog = The TunnelDiagnosticLog table is very useful to inspect the historical connectivity statuses of the tunnel.RouteDiagnosticLog = The RouteDiagnosticLog table traces the activity for statically modified routes or routes received via BGP.P2SDiagnosticLog = The last available table for VPN diagnostics is P2SDiagnosticLog. This table traces the activity for Point to Site.https://docs.microsoft.com/en-us/azure/vpn-gateway/troubleshoot-vpn-with-azure-diagnosticsQUESTION 126Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.You configure the application gateway to direct traffic to the URL of the application gateway.You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.You need to ensure that the URL is accessible through the application gateway.Solution: You create a WAF policy exclusion for request headers that contain 137.135.10.24.Does this meet the goal?  Yes  No The parameter here should be RemoteAddr not Request header.https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/custom-waf-rules-overview#match-variable-QUESTION 127Which virtual machines can VM1 and VM4 ping successfully? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. QUESTION 128You have the network topology shown in the Topology exhibit. (Click the Topology tab.)You have the Azure firewall shown in the Firewall 1 exhibit. (Click the Firewall tab.)You have the route table shown in the RouteTable1 exhibit. (Click the RouteTable1 tab.)For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. Explanation:QUESTION 129You have the Azure environment shown in the exhibit.You have virtual network peering between Vnet1 and Vnet2. You have virtual network peering between Vnet4 and Vnet5. The virtual network peering is configured as shown in the following table.For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. QUESTION 130You have the Azure environment shown in the following exhibit.Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. ExplanationQUESTION 131You have an Azure subscription that contains the public IPv4 addresses shown in the following table.You plan to create a load balancer named LB1 that will have the following settings:* Name: LB1* Location: West US* Type: Public* SKU: StandardWhich public IPv4 addresses can be used by LB1?  IP1 and IP3 only  IP3 only  IP3 and IP5 only  IP2only  IP1, IP2. IP3. IP4. and IP5  IP1, IP3, IP4, and 1P5 only Reference:https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-public-ip-address This is because “Load balancer and the public IP address SKU must match when you use them with public IP addresses” https://docs.microsoft.com/en-us/azure/load-balancer/skus Standard SKU Load Balancer routes traffic within and across regions, and to Availability Zones for high resiliency.QUESTION 132You are planning an Azure solution that will contain the following types of resources in a single Azure region:Virtual machineAzure App ServiceVirtual Network gatewayAzure SQL Managed InstanceApp Service and SQL Managed Instance will be delegated to create resources in virtual networks.You need to identify how many virtual networks and subnets are required for the solution. The solution must minimize costs to transfer data between virtual networks.What should you identify? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-for-azure-services#services-that-can-be-deployed-into-a-virtual-networkQUESTION 133You have an Azure subscription that contain a viral network named Vnet1 and an Azure SQL database named SQL1 has a private endpoint on Vnet1.You have a partner company named fabrikam, has an Azure subscription that contains a virtual network named Vnet1 and a virtual machine named VM1, VM1 is connected to Vnet2 You need to provide VM1 with accesss to SQL 1 by using an Azure private Link service.What should you implement on each virtual network? To answer, drag the appropriate resources to the correct virtual networks. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content Note: Each correct selection is worth one point. QUESTION 134You have two Azure subscriptions named Subscnption1 and Subscription2. Subscription1 contains a virtual network named Vnet1. Vnet1 contains an application server. Subscription2 contains a virtual network named Vnet2.You need to provide the virtual machines in Vnet2 with access to the application server in Vnet1 by using a private endpoint.Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. QUESTION 135You have an Azure subscriptionYou plan to use Azure Virtual WAN.You need to deploy a virtual WAN hub that meets the following requirements:* Supports 4 Gbps of Site-to-Site (S2S) VPN traffic* Supports 8 Gbps of ExpressRoute traffic* Minimizes costsHow many scale units should you configure? To answer select the appropriate options in the answer area.NOTE Each correct selection is worth one point. QUESTION 136Your company has offices in and Amsterdam. The company has an Azure subscription. Both offices connect to Azure by using a Site-to-Site VPN connection.The office in Amsterdam uses resources in the North Europe Azure region. The office in New York uses resources in the East US Azure region.You need to implement ExpressRoute circuits to connect each office to the nearest Azure region. Once the ExpressRoute circuits are connected, the on-premises computers in the Amsterdam office must be able to connect to the on-premises servers in the New York office by using the ExpressRoute circuits.Which ExpressRoute option should you use?  ExpressRoute Local  ExpressRoute FastPath  ExpressRoute Direct  ExpressRoute Global Reach Reference:https://docs.microsoft.com/en-us/azure/expressroute/expressroute-global-reachQUESTION 137You have an Azure private DNS zone named contoso.com that is linked to the virtual networks shown in the following table.The links have auto registration enabled.You create the virtual machines shown in the following table.You manually add the following entry to the contoso.com zone:Name: VM1IP address: 10.1.10.9For each of the following statements, select Yes of the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/dns/dns-faq-privateQUESTION 138You have an Azure subscription. The subscription contains virtual machines that host websites as shown in the following table.You have the Azure Traffic Manager profiles shown in the following table.You have the endpoints shown in the following table.For each of the following statements, select Yes if the statement is true. Otherwise select No.NOTE: Each connect selection is worth one point. ExplanationQUESTION 139You have an Azure subscription that is linked to an Azure AD tenant named contoso.onmicrosoft.com. The subscription contains the following resources:* A virtual network named Vnet1* An App Service plan named ASPI* An Azure App Service named webapp1* An Azure private DNS zone named private.contoso.com* Virtual machines on Vnet1 that cannot communicate outside the virtual networkYou need to ensure that the virtual machines on Vnet1 can access webapp1 by using a URL of https:/Avwwprivate.contosocom.Which two actions should you perform? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point.  Create a private endpoint for webapp1.  Create a service endpoint for webapp1.  Create a CNAME record that maps www.pnvate.contoso.com to webapp1.privatelink.azurewebsites.net.  Create a CNAME record that maps wwwprivatemntoso.com to webapp1.contoso.onmicrosoft.com.  Register an enterprise application in Azure AD for webapp1.  Create a CNAME record that maps wow.private.contoso.com to webapp 1 private@ntoso.com. QUESTION 140You have an Azure private DNS zone named contoso.com that is linked to the virtual networks shown in the following table.The links have auto registration enabled.You create the virtual machines shown in the following table.You manually add the following entry to the contoso.com zone:* Name: VM1* IP address: 10.1.10.9For each of the following statements, select Yes of the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. Explanation:Box 1: NoThe manual DNS record will overwrite the auto-registered DNS record so VM1 will resolve to 10.1.10.9.Box 2: NoThe DNS record for VM1 is now a manually created record rather than an auto-registered record. Only auto-registered DNS records are deleted when a VM is deleted.Box 3: NoThis answer depends on how the IP address is changed. To change the IP address of a VM manually, you would need to select ‘Static’ as the IP address assignment. In this case, the DNS record will not be updated because only DHCP assigned IP addresses are auto-registered.Reference:https://docs.microsoft.com/en-us/azure/dns/dns-faq-privateQUESTION 141You have an Azure subscription that contains an app named Appl. App1 is hosted on the Azure App Service instances shown in the following table.You need to implement Azure Traffic Manager to meet the following requirements:* App1 traffic must be assigned equally to each App Service instance in each Azure region.* App1 traffic from North Europe must be routed to the Appl instances in the North Europe region.* App1 traffic from North America must be routed to the Appl instances in the East US Azure region. Topic 2, Litware. IncHybrid EnvironmentThe on-prernises network contains an Active Directory forest named litwareinc.com that syncs to an Azure Active Directory (Azure AD) tenant named litwareinc.com by usinq Azure AD Connect.All the offices connect to a virtual network named Vnetl by using a Site-to-Site VPN connection.Azure EnvironmentLitware has an Azure subscription named Sub1 that is linked to the litwareinc.com Azure AD tenant. Sub1 contains resources in the East US Azure region as shown in the following table.There is bidirectional peering between Vnet1 and Vnet2. There is bidirectional peering between Vnet1 and Vnet3. Currently, Vnet2 and Vnet3 cannot communicate directly.Requirements:Business RequirementsLitware wants to minimize costs whenever possible, as long as all other requirements are met.Virtual Networking RequirementsLitware identifies the following virtual networking requirements:* Direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 to the Boston datacenter over an ExpressRoute circuit.* Ensure that the records in the cloud.litwareinc.com zone can be resolved from the on-premises locations.* Automatically register the DNS names of Azure virtual machines to the cloud.litwareinc.com zone.* Minimize the size of the subnets allocated to platform-managed services.* Allow traffic from VMScaleSet1 to VMScaleSet2 on the TCP port 443 only.Hybrid Networking RequirementsLitware identifies the following hybrid networking requirements:* Users must be able to connect to Vnet1 by using a Point-to-Site (P2S) VPN when working remotely. Connections must be authenticated by Azure AD.* Latency of the traffic between the Boston datacenter and all the virtual networks must be minimized.* The Boston datacenter must connect to the Azure virtual networks by using an ExpressRoute FastPath connection.* Traffic between Vnet2 and Vnet3 must be routed through Vnet1.PaaS Networking RequirementsLitware identifies the following networking requirements for platform as a service (PaaS):* The storage1 account must be accessible from all on-premises locations without exposing the public endpoint of storage1.* The storage2 account must be accessible from Vnet2 and Vnet3 without exposing the public endpoint of storage2.QUESTION 142You have the Azure App Service app shown in the App Service exhibit.The VNet Integration settings for as12 are configured as shown in the Vnet Integration exhibit.The Private Endpoint connections settings for as12 are configured as shown in the Private Endpoint connections exhibit.For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnetQUESTION 143You have an Azure subscription.You plan to implement Azure Virtual WAN as shown in the following exhibit.What is the minimum number of route tables that you should create?  1  2  4  6 QUESTION 144You have an Azure subscription that contains a virtual network named Vnetl. Vnetl has a /24 IPv4 address space.You need to subdivide Vnet1. The solution must maximize the number of usable subnets.What is the maximum number of IPv4 subnets you can create, and how many usable IP addresses will be available per subnet? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. QUESTION 145You have two Azure subscriptions named Sub1 and Sub2. Sub1 contains a virtual machine named VM1.You plan to make VM1 available to the resources in Sub2 by using Azure Private Link.You need to ensure that the private link service can be configured to provide access to VM1.What should you configure in Sub1 first?  a service endpoint  an Azure Private DNS zone  a private endpoint  an Azure load balancer  Loading … Free AZ-700 Exam Braindumps Microsoft  Pratice Exam: https://www.vceprep.com/AZ-700-latest-vce-prep.html --------------------------------------------------- Images: https://certify.vceprep.com/wp-content/plugins/watu/loading.gif https://certify.vceprep.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2025-01-06 15:12:19 Post date GMT: 2025-01-06 15:12:19 Post modified date: 2025-01-06 15:12:19 Post modified date GMT: 2025-01-06 15:12:19