March Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

AZ-700 Exam Dumps - Designing and Implementing Microsoft Azure Networking Solutions

Question # 4

You are implementing the Virtual network requirements for Vnet6.

What is the minimum number of subnets and service endpoints you should create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 5

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Full Access
Question # 6

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen.

You have an Azure subscription that contains an Azure Front Door Premium profile named AFD1 and an Azure Web Application Firewall (WAF) policy named WAF1. AFD1 is associated with WAFT.

You need to configure a rate limit for incoming requests to AFD1.

Solution: You configure a custom rule for WAF1.

Does this meet the goal?

A.

Yes

B.

No

Full Access
Question # 7

You have an Azure subscription that contains the resources shown in the following table.

The virtual network topology is shown in the following exhibit.

Firewall1 is configured as shown in following exhibit.

FirewallPolicy1 contains the following rules:

• Allow outbound traffic from Vnet1 and Vnet2 to the internet.

• Allow any traffic between Vnet1 and Vnet2.

No custom private endpoints. service endpoints. routing tables, or network security groups (NSGs) were created. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Full Access
Question # 8

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have two Azure virtual networks named Vnet1 and Vnet2.

You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-to-Site (P2S) IKEv2 VPN.

You implement virtual network peering between Vnet1 and Vnet2. Vnet1 allows gateway transit. Vnet2 can use the remote gateway.

You discover that Client1 cannot communicate with Vnet2.

You need to ensure that Client1 can communicate with Vnet2.

Solution: You enable BGP on the gateway of Vnet1.

Does this meet the goal?

A.

Yes

B.

No

Full Access
Question # 9

You have an Azure subscription that contains multiple virtual machines in the West US Azure region.

You need to use Traffic Analytics.

Which two resources should you create? Each correct answer presents part of the solution. (Choose two.)

NOTE: Each correct answer selection is worth one point.

A.

an Azure Monitor workbook

B.

a Log Analytics workspace C a storage account

C.

an Azure Sentinel workspace

D.

an Azure Monitor data collection rule

Full Access
Question # 10

You have an Azure subscription that contains the virtual machines shown in the following table.

VNet1 and VNet2 are NOT connected to each other.

You need to block traffic from SQL Server 2019 to IIS by using application security groups. The solution must minimize administrative effort.

How should you configure the application security groups? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 11

You have a network security group named NSG1.

You need to enable network security group (NSG) flow logs for NSG1. The solution must support retention policies.

What should you create first?

A.

A standard general-purpose v2 Azure Storage account

B.

An Azure Log Analytics workspace

C.

A premium Block blobs Azure Storage account

D.

A standard general-purpose v1 Azure Storage account

Full Access
Question # 12

You have the network topology shown in the Topology exhibit. (Click the Topology tab.)

You have the Azure firewall shown in the Firewall 1 exhibit. (Click the Firewall tab.)

You have the route table shown in the RouteTable1 exhibit. (Click the RouteTable1 tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Full Access
Question # 13

You have an Azure virtual network and an on-premises datacenter.

You need to implement a Site-to-Site VPN connection between the datacenter and the virtual network.

Which two resources should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A.

a virtual network gateway

B.

Azure Firewall

C.

a local network gateway

D.

Azure Web Application Firewall (WAF)

E.

an on-premises data gateway

F.

an Azure application gateway

G.

a user-defined route

Full Access
Question # 14

You have the Azure environment shown In the Azure Environment exhibit. (Click the Azure Environment tab.) The settings for each subnet are shown in the following table.

The Firewalls and virtual networks settings for storage1 are configured as shown in the Storage1 exhibit. (Click the Storage1 tab.) For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Full Access
Question # 15

You have an Azure subscription that contains the Azure app service web apps show in the following table:

You need to deploy Azure Traffic Manager. The solution must meet the following requirements:

• Traffic to https//www.fabrikam.com must be directed to App1eu.

• If App1eu becomes unresponsive, all the traffic to https://www.fabrikam.com must be directed to App1us. You need to implement Traffic Manager to meet the requirements.

Which two resources should you create? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A.

a Traffic Manager profile that uses the priority routing method

B.

a Traffic Manager profile that uses the geographic routing method

C a CNAME record in a DNS domain named fabrikam.com

C.

a TXT record in a DNS domain named tabrikam.com

D.

a real user measurements key in Traffic Manager

Full Access
Question # 16

You have an Azure subscription that is linked to an Azure AD tenant named contoso.onmicrosoft.com. The subscription contains the following resources:

• A virtual network named Vnet1

• An App Service plan named ASPI

• An Azure App Service named webapp1

• An Azure private DNS zone named private.contoso.com

• Virtual machines on Vnet1 that cannot communicate outside the virtual network

You need to ensure that the virtual machines on Vnet1 can access webapp1 by using a URL of https:/Avwwprivate.contosocom.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A.

Create a private endpoint for webapp1.

B.

Create a service endpoint for webapp1.

C.

Create a CNAME record that maps www.pnvate.contoso.com to webapp1.privatelink.azurewebsites.net.

D.

Create a CNAME record that maps wwwprivatemntoso.com to webapp1.contoso.onmicrosoft.com.

E.

Register an enterprise application in Azure AD for webapp1.

F.

Create a CNAME record that maps wow.private.contoso.com to webapp 1 private@ntoso.com.

Full Access
Question # 17

You have an Azure subscription that contains the resources shown in the following table.

Subshell contains Three virtual machines that host an app named App1. App1 is accessed by using the SFTP protocol.

From NSG1. you configure an inbound security rule named Rule2 that allows inbound SFTP connections to ASG1.

You need to ensure that the inbound SFTP connections are managed by using ASG1. The solution must minimize administrative effort.

What should you do?

A.

From NSG1. modify the priority of Rule2.

B.

From each virtual machine, associate the network interface to ASG1

C.

From Subnet1 create a subnet delegation.

D.

From ASG1, modify the role assignments.

Full Access
Question # 18

You are planning the IP addressing for the subnets in Azure virtual networks.

Which type of resource requires IP addresses in the subnets?

A.

internal load balancers

B.

storage account

C.

serviice endpoints

D.

service endpoint policies

Full Access
Question # 19

You have an Azure subscription that contains a virtual network name Vnet1. Vnet1 contains a virtual machine named VM1 and an Azure firewall named FW1.

You have an Azure Firewall Policy named FP1 that is associated to FW1.

You need to ensure that RDP requests to the public IP address of FW1 route to VM1.

What should you configure on FP1?

A.

an application rule

B.

a network rule

C.

URL filtering

D.

a DNAT rule

Full Access
Question # 20

Task 8

You need to ensure that the storage34280945 storage account will only accept connections from hosts on VNET1

Full Access
Question # 21

You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains a subnet named Subnet1

You deploy an instance of Azure Application Gateway v2 named AppGw1 to Subnet1. You create a network security group (NSG) named NSG1 and link NSG1 to Subnet1.

You need to ensure that AppGw1 will only load balance traffic that originates from VNet1. The solution must minimize the impact on the functionality of AppGw1.

What should you add to NSG1?

A.

an outbound rule that has a priority 100 and blocks all internet traffic

B.

an outbound rule that has a priority of 4096 and blocks all internet traffic

C.

an inbound rule that has a priority of 4096 and blocks all internet traffic

D.

an inbound rule that has a priority of 100 and blocks all internet traffic

Full Access
Question # 22

Task 4

You need to ensure that connections to the storage34280945 storage account can be made by using an IP address in the 10.1.1.0/24 range and the name storage34280945.pnvatelinlcblob.core.windows.net.

Full Access
Question # 23

You need to provide access to storage2. The solution must meet the PaaS networking requirements and the business requirements.

Which connectivity method should you use?

A.

a service endpoint

B.

a private endpoint

C.

Azure Firewall

D.

Azure Front Door

Full Access
Question # 24

You need to configure the default route in Vnet2 and Vnet3. The solution must meet the virtual networking requirements.

What should you use to configure the default route?

A.

a user-defined route assigned to GatewaySubnet in Vnet2 and Vnet3

B.

a user-defined route assigned to GatewaySubnet in Vnet1

C.

BGP route exchange

D.

route filters

Full Access
Question # 25

You need to recommend a configuration for the ExpressRoute connection from the Boston datacenter. The solution must meet the hybrid networking requirements and business requirements.

What should you recommend? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 26

You need to implement outbound connectivity for VMScaleSet1. The solution must meet the virtual networking requirements and the business requirements.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

T

Full Access
Question # 27

You need to implement name resolution for the cloud.liwareinc.com. The solution must meet the networking requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 28

You need to provide connectivity to storage1. The solution must meet the PaaS networking requirements and the business requirements.

What should you include in the solution?

A.

a service endpoint

B.

Azure Front Door

C.

a private endpoint

D.

Azure Traffic Manager

Full Access
Question # 29

You need to prepare Vnet1 for the deployment of an ExpressRoute gateway. The solution must meet the hybrid connectivity requirements and the business requirements.

Which three actions should you perform in sequence for Vnet1? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Full Access
Question # 30

You need to implement a P2S VPN for the users in the branch office. The solution must meet the hybrid networking requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 31

You need to configure the default route on Vnet2 and Vnet3. The solution must meet the virtual networking requirements.

What should you use to configure the default route?

A.

route filters

B.

BGP route exchange

C.

a user-defined route assigned to GatewaySubnet in Vnet1

D.

a user-defined route assigned to GatewaySubnet in Vnet2 and Vnet3

Full Access
Question # 32

You need to connect Vnet2 and Vnet3. The solution must meet the virtual networking requirements and the business requirements.

Which two actions should you include in the solution? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A.

On the peerings from Vnet2 and Vnet3, select Use remote gateways.

B.

On the peering from Vnet1, select Allow forwarded traffic.

C.

On the peering from Vnet1, select Use remote gateways.

D.

On the peering from Vnet1, select Allow gateway transit.

E.

On the peerings from Vnet2 and Vnet3, select Allow gateway transit.

Full Access
Question # 33

You need to restrict traffic from VMScaleSet1 to VMScaleSet2. The solution must meet the virtual networking requirements.

What is the minimum number of custom NSG rules and NSG assignments required? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 34

You need to meet the network security requirements for the NSG flow logs.

Which type of resource do you need, and how many instances should you create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 35

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Full Access
Question # 36

In which NSGs can you use ASG1 and to which virtual machine network interfaces can you associate ASG1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access
Question # 37

What should you implement to meet the virtual network requirements for the virtual machines that connect to Vnet4 and Vnet5?

A.

a private endpoint

B.

a virtual network peering

C.

a private link service

D.

a routing table

E.

a service endpoint

Full Access
Question # 38

You are implementing the virtual network requirements for VM Analyze.

What should you include in a custom route that is linked to Subnet2? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Full Access