We recommend you to try the PREMIUM AZ-700 Dumps From Exambible

https://www.exambible.com/AZ-700-exam/ (150 Q&As)

Microsoft
Exam Questions AZ-700
Designing and Implementing Microsoft Azure Networking Solutions

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

About Exambible

Your Partner of IT Exam

Found in 1998

Exambible is a company specialized on providing high quality IT exam practice study materials, especially Cisco CCNA, CCDA,
CCNP, CCIE, Checkpoint CCSE, CompTIA A+, Network+ certification practice exams and so on. We guarantee that the
candidates will not only pass any IT exam at the first attempt but also get profound understanding about the certificates they have
got. There are so many alike companies in this industry, however, Exambible has its unique advantages that other companies could
not achieve.

Our Advances

* 99.9% Uptime
All examinations will be up to date.
* 24/7 Quality Support
We will provide service round the clock.
* 100% Pass Rate
Our guarantee that you will pass the exam.
* Unique Gurantee
If you do not pass the exam at the first time, we will not only arrange FULL REFUND for you, but also provide you another
exam of your claim, ABSOLUTELY FREE!

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

NEW QUESTION 1
You have 10 on-premises networks that are connected by using a 3rd party Software Defined Wide Area Network (SD-WAN) solution. You have an Azure
subscription that contains five virtual networks.
You plan to connect the Azure virtual networks and the on-premises networks by using an Azure Virtual WAN with a single virtual WAN hub.
You need to ensure that the Azure Virtual WAN can act as a node in the 3rd party SD-WAN solution.
What should you include in the solution?

A. An Azure Virtual WAN ExpressRoute gateway

B. A Network Virtual Appliance (NVA)
C. A Site to site gateway (VPN gateway)
D. A Point to site gateway (User VPN gateway)

Answer: B

NEW QUESTION 2
Your company has an office in New York.
The company has an Azure subscription that contains the virtual networks shown in the following table.
Name Location Vnet1 East LS Vnet2
North Europe Vnet3
West US Vnet4
West Europe
You need to connect the virtual networks to the office by using ExpressRoute.
The solution must meet the following requirements:
• The connection must have up to 1 Gbps of bandwidth.
• The office must have access to all the virtual networks.
• Costs must be minimized.
How many ExpressRoute circuits should be provisioned, and which ExpressRoute 5KU should you enable?

A. A.one ExpressRoute Standard circuit

B. one ExpressRoute Premium circuit
C. two ExpressRoute Premium circuits
D. four ExpressRoute Standard circuits

Answer: B

NEW QUESTION 3
You have the Azure virtual networks shown in the following table.

You deploy Azure Firewall to Vnet3.

You need to ensure that the traffic from Subnet1-1 to Subnet2-1 passes through the firewall. What should you configure?

A. peering links between Vnet1 and Vnet2

B. a route table associated to Subnet1 -1 and Subnet2-1
C. an Azure private DNS zone
D. a route table associated to AzureFitewallSubnet

Answer: D

NEW QUESTION 4
SIMULATION - (Topic 4)
Task 7
You need to ensure that hosts on VNET2 can access hosts on both VNET1 and VNET3. The solution must prevent hosts on VNET1 and VNET3 from
communicating through VNET2.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Here are the steps and explanations for ensuring that hosts on VNET2 can access hosts on both VNET1 and VNET3, but hosts on VNET1 and VNET3 cannot
communicate through VNET2:
? To connect different virtual networks in Azure, you need to use virtual network
peering. Virtual network peering allows you to create low-latency, high-bandwidth connections between virtual networks without using gateways or the internet1.
? To create a virtual network peering, you need to go to the Azure portal and select your virtual network. Then select Peerings under Settings and select + Add2.
? On the Add peering page, enter or select the following information:
? Select Add to create the peering2.
? Repeat the previous steps to create peerings between VNET2 and VNET1, and between VNET2 and VNET3. This will allow hosts on VNET2 to access hosts on
both VNET1 and VNET3.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

? To prevent hosts on VNET1 and VNET3 from communicating through VNET2, you need to use network security groups (NSGs) to filter traffic between subnets.
NSGs are rules that allow or deny inbound or outbound traffic based on source or destination IP address, port, or protocol3.
? To create an NSG, you need to go to the Azure portal and select Create a resource. Search for network security group and select Network security group. Then
select Create4.
? On the Create a network security group page, enter or select the following information:
? Select Review + create and then select Create to create your NSG4.
? To add rules to your NSG, you need to go to the Network security groups service in the Azure portal and select your NSG. Then select Inbound security rules or
Outbound security rules under Settings and select + Add4.
? On the Add inbound security rule page or Add outbound security rule page, enter or select the following information:
? Select Add to create your rule4.
? Repeat the previous steps to create inbound and outbound rules for your NSG that deny traffic between VNET1 and VNET3 subnets. For example, you can
create an inbound rule that denies traffic from 10.0.1.0/24 (VNET1 subnet 1) to 10.0.3.0/24 (VNET3 subnet 1), and an outbound rule that denies traffic from
10.0.3.0/24 (VNET3 subnet 1) to 10.0.1.0/24 (VNET1 subnet 1).
? To associate your NSG with a subnet, you need to go to the Virtual networks service in the Azure portal and select your virtual network. Then select Subnets
under Settings and select the subnet that you want to associate with your NSG5.
? On the Edit subnet page, under Network security group, select your NSG from the drop-down list. Then select Save5.
? Repeat the previous steps to associate your NSG with the subnets in VNET1 and VNET3 that you want to isolate from each other.

NEW QUESTION 5
SIMULATION - (Topic 4)
Task 10
You need to configure VNET1 to log all events and metrics. The solution must ensure that you can query the events and metrics directly from the Azure portal by
using KQL.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Here are the steps and explanations for configuring VNET1 to log all events and metrics and query them by using KQL:
? To enable logging for VNET1, you need to create a diagnostic setting that collects the platform metrics and logs from the virtual network and routes them to one
or more destinations. You can choose to send the data to a Log Analytics workspace, a storage account, an event hub, or a partner solution1.
? To create a diagnostic setting, you need to go to the Azure portal and select your virtual network. Then select Diagnostic settings under Monitoring and select +
Add diagnostic setting1.
? On the Add diagnostic setting page, enter or select the following information:
? Select Save to create your diagnostic setting1.
? To query the events and metrics from the Azure portal by using KQL, you need to go to the Log Analytics workspace that you selected as the destination. Then
select Logs under General and enter your KQL query in the query editor3.
? For example, you can use the following KQL query to get the top 10 network security group events for VNET1 in the last 24 hours:
NetworkSecurityGroupEvent
| where TimeGenerated > ago(24h)
| where ResourceId contains "VNET1"
| summarize count() by EventID
| top 10 by count_ Copy
? Select Run to execute your query and view the results in a table or a chart3.

NEW QUESTION 6
SIMULATION - (Topic 4)
Task 4
You need to ensure that connections to the storage34280945 storage account can be made by using an IP address in the 10.1.1.0/24 range and the name
storage34280945.pnvatelinlcblob.core.windows.net.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Here are the steps and explanations for ensuring that connections to the storage34280945 storage account can be made by using an IP address in the 10.1.1.0/24
range and the name stor-age34280945.pnvatelinlcblob.core.windows.net:
? To allow access from a specific IP address range, you need to configure the Azure Storage firewall and virtual network settings for your storage account. You
can do this in the Azure portal by selecting your storage account and then selecting Networking under Settings1.
? On the Networking page, select Firewalls and virtual networks, and then select Selected networks under Allow access from1. This will block all access to your
storage account except from the networks or resources that you specify.
? Under Firewall, select Add rule, and then enter 10.1.1.0/24 as the IP address or range. You can also enter an optional rule name and description1. This will allow
access from any IP address in the 10.1.1.0/24 range.
? Select Save to apply your changes1.
? To map a custom domain name to your storage account, you need to create a CNAME record with your domain provider that points to your storage account
endpoint2. A CNAME record is a type of DNS record that maps a source domain name to a destination domain name.
? Sign in to your domain registrar’s website, and then go to the page for managing DNS settings2.
? Create a CNAME record with the following information2:
? Save your changes and wait for the DNS propagation to take effect2.
? To register the custom domain name with Azure, you need to go back to the Azure portal and select your storage account. Then select Custom domain under
Blob service2.
? On the Custom domain page, enter stor- age34280945.pnvatelinlcblob.core.windows.net as the custom domain name and select Save2.

NEW QUESTION 7
HOTSPOT - (Topic 3)
You have an Azure subscription that contains a virtual network gateway named VNetGwy1. VNetGwy1 has a public IP address of 20.25.32.214.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

You need to query the health probe of VNetGwy1,

How should you complete the URI? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 8
HOTSPOT - (Topic 3)
You have an on-premises network.
You have an Azure subscription that contains the resources shown in the following table.

You need to implement an ExpressRoute circuit to access the resources in the subscription. The solution must ensure that the on-premises network connects to
the Azure resources by using the ExpressRoute circuit.
Which type of peering should you use for each connection? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 9
- (Topic 3)
You have an Azure application gateway for a web app named App1. The application gateway allows end-to-end encryption.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

You configure the listener for HTTPS by uploading an enterprise signed certificate. You need to ensure that the application gateway can provide end-to-end
encryption for
App1. What should you do?

A. Set Listener type to Multi site.

B. Increase the Unhealthy threshold setting in the custom probe.
C. Upload the public key certificate to the HTTPS settings.
D. Enable the SSL profile for the listener.

Answer: C

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/end-to-end-ssl-portal
https://docs.microsoft.com/en-us/azure/application-gateway/create-ssl-portal#configuration- tab

NEW QUESTION 10
- (Topic 3)
You have two Azure virtual networks named Vnet1 and Vnet2.
You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-to- Site (P2S) IKEv2 VPN. You implement virtual network peering between
Vnet1 and Vnet2. Vnet1 allows gateway transit Vnet2 can use the. You discover that Client1 cannot communicate with Vnet2.
You need to ensure that Client1 can communication with Vnet2. Solution: You resize the gateway of Vnet1 to a larger SKU. Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 10
- (Topic 3)
You have an Azure application gateway named AGW1 that has a routing rule named Rule1. Rule 1 directs traffic for http://www.contoso.com to a backend pool
named Pool1. Pool1 targets an Azure virtual machine scale set named VMSS1.
You deploy another virtual machine scale set named VMSS2.
You need to configure AGW1 to direct all traffic for http://www.adatum.com to VMSS2. The solution must ensure that requests to http://www.contoso.com continue
to be directed
to Pool1.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. Add a backend pool.

B. Modify an HTTP setting.
C. Add an HTTP setting.
D. Add a listener.
E. Add a rule.

Answer: ADE

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/configuration-overview

NEW QUESTION 14
HOTSPOT - (Topic 3)
You have an Azure subscription that contains an app named Appl. App1 is hosted on the Azure App Service instances shown in the following table.

You need to implement Azure Traffic Manager to meet the following requirements:
• App1 traffic must be assigned equally to each App Service instance in each Azure region.
• App1 traffic from North Europe must be routed to the Appl instances in the North Europe region.
• App1 traffic from North America must be routed to the Appl instances in the East US Azure region.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 19
- (Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have two Azure virtual networks named Vnet1 and Vnet2.
You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-to- Site (P2S) IKEv2 VPN.
You implement virtual network peering between Vnet1 and Vnet2. Vnet1 allows gateway transit. Vnet2 can use the remote gateway.
You discover that Client1 cannot communicate with Vnet2. You need to ensure that Client1 can communicate with Vnet2.
Solution: You download and reinstall the VPN client configuration. Does this meet the goal?

A. Yes
B. No

Answer: A

Explanation:
The VPN client must be downloaded again if any changes are made to VNet peering or the network topology.
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site- routing

NEW QUESTION 23
DRAG DROP - (Topic 3)
You have an Azure subscription that contains the resources shown in the following table.

You need to associate Gateway 1 with Subnet1. The solution must minimize downtime on VM1.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 27
- (Topic 3)
You have an internal Basic Azure Load Balancer named LB1 That has two frontend IP addresses. The backend pool of LB1 contains two Azure virtual machines
named VM1 and VM2.
You need to configure the rules on LB1 as shown in the following table.

What should you do for each rule?

A. Enable Floating IP.

B. Disable Floating IP.
C. Set Session persistence to Enabled.
D. Set Session persistence to Disabled

Answer: A

NEW QUESTION 29
HOTSPOT - (Topic 3)
You need to connect an on-premises network and an Azure environment. The solution must use ExpressRoute and support failing over to a Site-to-Site VPN
connection if there is an ExpressRoute failure.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

NEW QUESTION 30
- (Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have two Azure virtual networks named Vnet1 and Vnet2.
You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-to- Site (P2S) IKEv2 VPN.
You implement virtual network peering between Vnet1 and Vnet2. Vnet1 allows gateway transit. Vnet2 can use the remote gateway.
You discover that Client1 cannot communicate with Vnet2. You need to ensure that Client1 can communicate with Vnet2. Solution: You reset the gateway of
Vnet1.
Does this meet the goal?

A. Yes
B. No

Answer: B

Explanation:
The VPN client must be downloaded again if any changes are made to VNet peering or the network topology.
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site- routing

NEW QUESTION 35
- (Topic 3)
You have an Azure application gateway named AppGW1 that balances requests to a web app named App1.
You need to modify the server variables in the response header of App1. What should you configure on AppGW1?

A. HTTP settings
B. rewrites
C. rules
D. listeners

Answer: B

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/rewrite-http-headers-url

NEW QUESTION 38
HOTSPOT - (Topic 3)
You configure a route table named RT1 that has the routes shown in the following table.

You have an Azure virtual network named Vnet1 that has the subnets shown in the following table.

You have the resources shown in the following table.

Vnet1 connects to an ExpressRoute circuit. The on-premises router advertises the following routes:
* 0.0.0.0/0
* 10.0.0.0/16
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 40
- (Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.
You configure the application gateway to direct traffic to the URL of the application gateway.
You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.

You need to ensure that the URL is accessible through the application gateway. Solution: You add a rewrite rule for the host header.
Does this meet the goal?

A. Yes
B. No

Answer: B

Explanation:
https://docs.microsoft.com/en-us/azure/application-gateway/rewrite-http-headers-url#limitations

NEW QUESTION 43
HOTSPOT - (Topic 3)
Your company has 40 branch offices across North America and Europe. You have an Azure subscription that contains the following virtual networks:
• Two networks in the East US Azure region
• Three networks in the West Europe Azure region
You need to implement Azure Virtual WAN. The solution must meet the following requirements:
• Each branch office in North America must have an ExpressRoute circuit and a Site-to-Site VPN that connects to the East US region.
• Each branch office in Europe must have an ExpressRoute circuit and a Site-to-Site VPN that connects to the West Europe region.
• Transitive connections must be supported between all the branch offices and all the virtual networks.
• Costs must be minimized.
What is the minimum number of Virtual WAN resources required? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is
worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 48
DRAG DROP - (Topic 3)
You have an Azure virtual network named Vnet1 that connects to an on-premises network.
You have an Azure Storage account named storageaccount1 that contains blob storage.
You need to configure a private endpoint for the blob storage. The solution must meet the following requirements:
? Ensure that all on-premises users can access storageaccount1 through the private endpoint.
? Prevent access to storageaccount1 from being interrupted.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
* 168.63.129.16 is the IP address of Azure DNS which hosts Azure Private DNS zones. It is only accessible from within a VNet which is why we need to forward on-
prem DNS requests to the VM running DNS in the VNet. The VM will then forward the request to Azure DNS for the IP of the storage account private endpoint.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

NEW QUESTION 49
HOTSPOT - (Topic 3)
You have an Azure application gateway named AppGW1 that provides access to the following hosts:
* www.adatum.com
* www.contoso.com
* www.fabrikam.com
AppGW1 has the listeners shown in the following table.

You create Azure Web Application Firewall (WAF) policies for AppGW1 as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 52
- (Topic 3)
Your company has offices in Montreal. Seattle, and Paris. The outbound traffic from each office originates from a specific public IP address.
You create an Azure Front Door instance named FD1 that has Azure Web Application Firewall (WAF) enabled. You configure a WAF policy named Policy! that has
a rule named Rule1. Rule1 applies a rate limit of 100 requests for traffic that originates from the office in Montreal.
You need to apply a rate limit of 100 requests for traffic that originates from each office. What should you do?

A. Modify the conditions of Rule1.

B. Create two additional associations.
C. Modify the rule type of Rule1.
D. Modify the rate limit threshold of Rule1.

Answer: A

Explanation:
https://techcommunity.microsoft.com/t5/azure-network-security-blog/rate-limiting-feature-for-azure-waf-on-application-gateway-now/ba-
p/3934957#:~:text=Rate%20limiting%20is%20configured%20using,and%20a%20group%2 0by%20variable.

NEW QUESTION 57
HOTSPOT - (Topic 3)
You have an Azure subscription.
You have the on-premises sites shown the following table.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

You plan to deploy Azure Virtual WAN.

You are evaluating Virtual WAN Basic and Virtual WAN Standard.
Which type of Virtual WAN can you use for each site? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 58
- (Topic 3)
You fail to establish a Site-to-Site VPN connection between your company's main office and an Azure virtual network.
You need to troubleshoot what prevents you from establishing the IPsec tunnel. Which diagnostic log should you review?

A. IKEDiagnosticLog
B. GatewayDiagnosticLog
C. TunnelDiagnosticLog
D. RouteDiagnosticLog

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/troubleshoot-vpn-with-azure- diagnostics
IKEDiagnosticLog = The IKEDiagnosticLog table offers verbose debug logging for IKE/IPsec. This is very useful to review when troubleshooting disconnections, or
failure to connect VPN scenarios.
GatewayDiagnosticLog = Configuration changes are audited in the GatewayDiagnosticLog table.
TunnelDiagnosticLog = The TunnelDiagnosticLog table is very useful to inspect the historical connectivity statuses of the tunnel.
RouteDiagnosticLog = The RouteDiagnosticLog table traces the activity for statically modified routes or routes received via BGP.
P2SDiagnosticLog = The last available table for VPN diagnostics is P2SDiagnosticLog. This table traces the activity for Point to Site.
https://docs.microsoft.com/en-us/azure/vpn-gateway/troubleshoot-vpn-with-azure- diagnostics

NEW QUESTION 63
HOTSPOT - (Topic 3)
You have an Azure subscription that contains the virtual networks.shown in the following table.

You have a virtual machine named VM5 that has the following IP address configurations:
• IP address: 10.4.0.5
• Subnet mask:255.255.255.0

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

• Default gateway:10.4.0.1
• DNSserver:168.63.129.16
You have an Azure Private DNS zone named, fabrikam.com that contains the records shown in, the following table.

The virtual network links in the fabrikam.com DNS /one are configured as shown in the exhibit. (Click the Exhibit tab.)
VMS fails to resolve the IP address for.appKfabrik3in.com.
For each of the following statements, select Yes if, the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 65
HOTSPOT - (Topic 3)
You have the Azure environment shown in the exhibit.

You have virtual network peering between Vnet1 and Vnet2. You have virtual network peering between Vnet4 and Vnet5. The virtual network peering is configured
as shown in the following table.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 67
- (Topic 3)
You need to use Traffic Analytics to monitor the usage of applications deployed to Azure virtual machines.
Which Azure Network Watcher feature should you implement first?

A. Connection monitor
B. Packet capture
C. NSG flow logs
D. IP flow verify

Answer: C

NEW QUESTION 68
DRAG DROP - (Topic 3)
You have an Azure subscription that contains an Azure Firewall Premium policy named FWP1.
To FWP1, you plan to add the rule collections shown in the following table.
Which priority should you assign to each rule collection? To answer, drag the appropriate priority values to the correct rule collections- Each value may be used
once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

NEW QUESTION 71
HOTSPOT - (Topic 3)
You have an Azure subscription that contains the resource groups shown in the following table.

You have the virtual networks shown in the following table.

Vne1l contains two virtual machines named VM1 and VM2. Vnet2 contains two virtual machines named VM3 and VM4. You have the network security groups
(NSGs) shown in the following table that include only default rules.

You have the Azure load balancers shown in the following table.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

NEW QUESTION 75
- (Topic 3)
Your company has a single on-premises datacenter in New York. The East US Azure region has a peering location in New York.
The company only has Azure resources in the East US region.
You need to implement ExpressRoute to support up to 1 Gbps. You must use only ExpressRoute Unlimited data plans. The solution must minimize costs.
Which type of ExpressRoute circuits should you create?

A. ExpressRoute Local
B. ExpressRoute Direct
C. ExpressRoute Premium
D. ExpressRoute Standard

Answer: A

Explanation:
Reference:
https://azure.microsoft.com/en-us/pricing/details/expressroute/

NEW QUESTION 80
- (Topic 3)
You are planning the IP addressing for the subnets in Azure virtual networks. Which type of resource requires IP addresses in the subnets?

A. internal load balancers

B. storage account
C. serviice endpoints
D. service endpoint policies

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview

NEW QUESTION 83
- (Topic 3)
Your company has an on-premises network and three Azure subscriptions named Subscription1, Subscription2, and Subscription3.
The departments at the company use the Azure subscriptions as shown in the following table.

All the resources in the subscriptions are in either the West US Azure region or the West US 2 Azure region.
You plan to connect all the subscriptions to the on-premises network by using
ExpressRoute.
What is the minimum number of ExpressRoute circuits required?

A. 1
B. 2
C. 3
D. 4
E. 5

Answer: A

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-introduction

NEW QUESTION 85
- (Topic 3)

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

You have an Azure virtual network that contains two subnets named Subnet1 and Subnet2. Subnet1 contains a virtual machine named VM1. Subnet2 contains a
virtual machine named VM2.
You have two network security groups (NSGs) named NSG1 and NSG2. NSG1 has 100 inbound security rules and is associated to VM1. NSG2 has 200 inbound
security rules and is associated to Subnet1.
VM2 cannot connect to VM1.
You suspect that an NSG rule blocks connectivity.
You need to identify which rule blocks the connection. The issue must be resolved as quickly as possible.
Which Azure Network Watcher feature should you use?

A. Effective security rules

B. Connection troubleshoot
C. NSG diagnostic
D. NSG flow logs

Answer: C

NEW QUESTION 90
- (Topic 3)
You plan to implement an Azure virtual network that will contain 10 virtual subnets. The subnets will use IPv6 addresses. Each subnet will host up to 200 load-
balanced virtual machines.
You need to recommend a load balancing solution for the virtual network. The solution must meet the following requirements:
• The virtual machines and the load balancer must be accessible only from the virtual network.
• Costs must be minimized.
What should you include in the recommendation?

A. Basic Azure Load Balancer

B. Azure Application Gateway v1 Azure Application Gateway v2
C. Azure Standard Load Balancer
D. Azure Application Gateway v2

Answer: C

NEW QUESTION 92
- (Topic 3)
You plan to configure BGP for a Site-to-Site VPN connection between a datacenter and Azure.
Which two Azure resources should you configure? Each correct answer presents a part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.

A. a virtual network gateway

B. Azure Application Gateway
C. Azure Firewall
D. a local network gateway
E. Azure Front Door

Answer: AD

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/bgp-howto

NEW QUESTION 97
- (Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen.
You have an Azure subscription that contains an Azure Front Door Premium profile named AFD1 and an Azure Web Application Firewall (WAF) policy named
WAF1. AFD1 is associated with WAFT.
You need to configure a rate limit for incoming requests to AFD1. Solution: You configure a custom rule for WAF1.
Does this meet the goal?

A. Yes
B. No

Answer: A

NEW QUESTION 100

- (Topic 3)
You have 10 Azure App Service instances. Each instance hosts the same web app. Each instance is in a different Azure region.
You need to configure Azure Traffic Manager to direct users to the instance that has the lowest latency.
Which routing method should you use?

A. geographic
B. weighted
C. performance
D. priority

Answer: D

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

NEW QUESTION 103

- (Topic 3)
You have an Azure virtual network named Vnet1 that hosts an Azure firewall named FW1 and 150 virtual machines. Vnet1 is linked to a private DNS zone named
contoso.com. All the virtual machines have their name registered in the contoso.com zone.
Vnet1 connects to an on-premises datacenter by using ExpressRoute.
You need to ensure that on-premises DNS servers can resolve the names in the contoso.com zone.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A. On the on-premises DNS servers, configure forwarders that point to the frontend IP address of FW1.
B. On the on-premises DNS servers, configure forwarders that point to the Azure provided DNS service at 168.63.129.16.
C. Modify the DNS server settings of Vnet1.
D. For FW1, enable DNS proxy.
E. For FW1, configure a custom DNS server.

Answer: AD

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-dns#on-premises-workloads-using-a-dns-forwarder
https://azure.microsoft.com/en-gb/blog/new-enhanced-dns-features-in-azure-firewall-now-generally-available/

NEW QUESTION 105

- (Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet stated
goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription that contains the following resources:
* A virtual network named Vnet1
* A subnet named Subnet1 in Vnet1
* A virtual machine named VM1 that connects to Subnet1
* Three storage accounts named storage1, storage2. and storage3
You need to ensure that VM1 can access storage1. VM1 must be prevented from accessing any other storage accounts.
Solution: You create a network security group (NSG). You configure a service tag for MicrosoftStorage and link the tag to Subnet1.
Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 109

- (Topic 3)
You have a website that uses an FQDN of www.contoso.com. The DNS record tor
www.contoso.com resolves to an on-premises web server.
You plan to migrate the website to an Azure web app named Web1. The website on Web1 will be published by using an Azure Front Door instance named
ContosoFD1.
You build the website on Web1.
You plan to configure ContosoFD1 to publish the website for testing.
When you attempt to configure a custom domain for www.contoso.com on ContosoFD1, you receive the error message shown in the exhibit.

You need to test the website and ContosoFD1 without affecting user access to the on- premises web server.
Which record should you create in the contoso.com DNS domain?

A. a CNAME record that maps www.contoso.com to ContosoFD1.azurefd.net

B. a CNAME record that maps www.contoso.com to Web1.contoso.com
C. a CNAME record that maps afdverify.www.contoso.com to ContosoFD1.azurefd.net
D. a CNAME record that maps afdverify.www.contoso.com to afdverify.ContosoFD1.azurefd.net

Answer: D

Explanation:

Reference:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

https://docs.microsoft.com/en-us/azure/frontdoor/front-door-custom-domain#map-the-temporary-afdverify-subdomain

NEW QUESTION 114

- (Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription that contains the following resources:
* A virtual network named Vnet1
* A subnet named Subnet1 in Vnet1
* A virtual machine named VM1 that connects to Subnet1
* Three storage accounts named storage1, storage2, and storage3
You need to ensure that VM1 can access storage1. VM1 must be prevented from accessing any other storage accounts.
Solution: You configure the firewall on storage1 to only accept connections from Vnet1. Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 117

DRAG DROP - (Topic 3)
You have an Azure subscription that contain a viral network named Vnet1 and an Azure SQL database named SQL1 has a private endpoint on Vnet1.
You have a partner company named fabrikam, has an Azure subscription that contains a virtual network named Vnet1 and a virtual machine named VM1, VM1 is
connected to Vnet2
You need to provide VM1 with accesss to SQL 1 by using an Azure private Link service. What should you implement on each virtual network? To answer, drag the
appropriate
resources to the correct virtual networks. Each resource may be used once, more than
once, or not at all. You may need to drag the split bar between panes or scroll to view content
Note: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 118

HOTSPOT - (Topic 3)
Your on-premises network contains a VPN device.
You have an Azure subscription that contains a virtual network and a virtual network gateway.
You need to create a Site-to-Site VPN connection that has a custom cryptographic policy. How should you complete the PowerShell script? To answer, select the
appropriate options
in the answer area.
NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 119

- (Topic 3)
You have an Azure Web Application Firewall (WAF) policy in prevention mode that is associated to an Azure Front Door instance.
You need to configure the policy to meet the following requirements:
? Log all connections from Australia.
? Deny all connections from New Zealand.
? Deny all further connections from a network of 131.107.100.0/24 if there are more than 100 connections during one minute.
What is the minimum number of objects you should create?

A. three custom rules that each has one condition

B. one custom rule that has three conditions
C. one custom rule that has one condition
D. one rule that has two conditions and another rule that has one condition

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/web-application-firewall/afds/afds-overview

NEW QUESTION 120

FILL IN THE BLANK - (Topic 3)
You have two Azure App Service instances that host the web apps shown the following table.

You deploy an Azure application gateway that has one public frontend IP address and two backend pools.
You need to publish all the web apps to the application gateway. Requests must be routed based on the HTTP host headers.
What is the minimum number of listeners and routing rules you should configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

Explanation:
1, 2

NEW QUESTION 125

HOTSPOT - (Topic 3)
Your company has 10 instances of a web service. Each instance is hosted in a different Azure region and is accessible through a public endpoint.
The development department at the company is creating an application named App1. Every 10 minutes. App1 will use a list of end points and connect to the first
available endpoint.
You plan to use Azure Traffic Manager to maintain the list of endpoints.
You need to configure a Traffic Manager profile that will minimize the impact of DNS caching.
What should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 126

HOTSPOT - (Topic 3)
You plan to deploy Azure Virtual WAN.
You need to deploy a virtual WAN hub that meets the following requirements:
? Supports 10 sites that will connect to the virtual WAN hub by using a Site-to-Site VPN connection
? Supports 8 Gbps of ExpressRoute traffic
? Minimizes costs
What should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

NEW QUESTION 131

- (Topic 3)
You have the Azure Traffic Manager profiles shown in the following table.

You plan to add the endpoints shown in the following table.

Which endpoints can you add to Profile2?

A. Endpoint1 and Endpoint4 only

B. Endpoint1, Endpoint2, Endpoint3, and Endpoint4
C. Endpoint1 only
D. Endpoint2 and Endpoint3 only
E. Endpoint3 only

Answer: A

NEW QUESTION 135

- (Topic 3)
You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. The subscription contains the
following resources:
* An Azure App Service app named App1
* An Azure DNS zone named contoso.com
* An Azure private DNS zone named private.contoso.com
* A virtual network named Vnet1
You create a private endpoint for App1. The record for the endpoint is registered automatically in Azure DNS.
You need to provide a developer with the name that is registered in Azure DNS for the private endpoint.
What should you provide?

A. app1.privatelink.azurewebsites.net
B. app1.contoso.com
C. app1.contoso.onmicrosoft.com
D. app1.private.contoso.com

Answer: A

NEW QUESTION 138

- (Topic 3)
You have an Azure subscription that contains the virtual networks shown in the following table.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

You plan to deploy an Azure firewall named AF1 to RG1 in the West US Azure region. To which virtual networks can you deploy AF1?

A. Vnet1 only
B. Vnet1 and Vnet2 only
C. Vnet1, Vnet2, and Vnet4 only
D. Vnet1 and Vnet4 only
E. Vnet1, Vnet2. Vnet3, and Vnet4

Answer: A

NEW QUESTION 141

HOTSPOT - (Topic 3)
You have an Azure subscription that contains an Azure key vault named Vaultl and an app registration for an Azure AD app named App1.
You have a DNS domain named contoso.com that is hosted by a third-party DNS provider. You plan to deploy App1 by using Azure App Service. App1 will have
the following
configurations:
• App1 will be hosted across five App Service apps.
• Users will access App1 by using a URL of https://app1.contoso.com.
• The user traffic of App1 will be managed by using Azure Front Door.
• The traffic between Front Door and the App Service apps will be sent by using HTTP.
• App1 will be secured by using an SSL certificate from a third-party certificate authority (CA).
You need to support the Front Door deployment.
Which two DNS records should you create, and to where should you import the SSL certificate for App1? To answer, select the appropriate options in the answer
area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 144

HOTSPOT - (Topic 3)
You are planning an Azure Front Door deployment that will contain the resources shown in the following table.

Users will connect to the App Service through Front Door by using a URL of https://www.fabrikarn.com. You obtain a certificate for the host name of
www.fabfikam.com.
You need to configure a DNS record for www.fabrikam.com and upload the certificate to Azure. What should you do? To answer, select the appropriate options in
the answer area. NOTE: Each correct selection is worth one point.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 149

HOTSPOT - (Topic 3)
You have the Azure environment shown In the Azure Environment exhibit. (Click the Azure Environment tab.) The settings for each subnet are shown in the
following table.

The Firewalls and virtual networks settings for storage1 are configured as shown in the Storage1 exhibit. (Click the Storage1 tab.) For each of the following
statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 152

- (Topic 3)
You have an Azure virtual machine named VM1.
You need to capture all the network traffic of VM1 by using Azure Network Watcher. To which locations can the capture be written?

A. a file path on VM1 only

B. blob storage only
C. a premium storage account only
D. blob storage and a file path on VM1 only
E. blob storage and a premium storage account only

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

F. blob storage, a file path on VM1, and a premium storage account

Answer: D

NEW QUESTION 157

- (Topic 3)
You have an Azure subscription that contains the public IP addresses shown in the following table.

You plan to deploy a NAT gateway named NAT1.

Which public IP addresses can be used as the public IP address for NAT1?

A. IP3 and IP5 only

B. IP5 only
C. IP1, IP3, and IP5 only
D. IP3 only
E. IP2 and IP4 only

Answer: D

Explanation:
Only static IPv4 addresses in the Standard SKU are supported. IPv6 doesn’t support NAT.
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-overview

NEW QUESTION 161

HOTSPOT - (Topic 3)
You have two Azure subscriptions named Subscription1 and Subscription2. There are no connections between the virtual networks in two subscriptions.
You configure a private link service as shown in the privatelinkservice1 exhibit. (Click the privatelinkservice1 tab.)

You create a load balancer name in Subscription1 and configure the backend pool shown in the lb1 exhibit. (Click tie 1b1 tab.)

You create a private endpoint in Subscription2 as shown in the privateendpoint4 exhibit. (Click the privateendpoint4)

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

For each of the following statements, select YES if the statement is true. Otherwise. select No.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Yes, Yes, No

NEW QUESTION 162

- (Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have two Azure virtual networks named Vnet1 and Vnet2.
You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-to- Site (P2S) IKEv2 VPN.
You implement virtual network peering between Vnet1 and Vnet2. Vnet1 allows gateway transit. Vnet2 can use the remote gateway.
You discover that Client1 cannot communicate with Vnet2. You need to ensure that Client1 can communicate with Vnet2. Solution: You enable BGP on the
gateway of Vnet1.
Does this meet the goal?

A. Yes
B. No

Answer: B

Explanation:
The VPN client must be downloaded again if any changes are made to VNet peering or the network topology.
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site- routing

NEW QUESTION 166

HOTSPOT - (Topic 3)
You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2. Both subnets contain virtual machines. You create a
NAT gateway named NATgateway1 as shown in the following exhibit.

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct
selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 169

- (Topic 2)
You need to configure GW1 to meet the network security requirements for the P2S VPN users.
Which Tunnel type should you select in the Point-to-site configuration settings of GW1?

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

A. IKEv2 and OpenVPN (SSL)

B. IKEv2
C. IKEv2 and SSTP (SSL)
D. OpenVPN (SSL)
E. SSTP (SSL)

Answer: D

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/openvpn-azure-ad-tenant

NEW QUESTION 173

HOTSPOT - (Topic 2)
You need to meet the network security requirements for the NSG flow logs.
Which type of resource do you need, and how many instances should you create? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 177

- (Topic 2)
What should you implement to meet the virtual network requirements for the virtual machines that connect to Vnet4 and Vnet5?

A. a private endpoint
B. a virtual network peering
C. a private link service
D. a routing table
E. a service endpoint

Answer: B

Explanation:
There is no virtual network peering between VM4’s VNet (VNet3) and VM5’s VNet (VNet4). To enable the VMs to communicate over the Microsoft backbone
network a VNet peering is required between VNet3 and VNet4.

NEW QUESTION 178

FILL IN THE BLANK - (Topic 2)
You are implementing the Virtual network requirements for Vnet6.
What is the minimum number of subnets and service endpoints you should create? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
2, 4

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

NEW QUESTION 180

HOTSPOT - (Topic 1)
You need to implement name resolution for the cloud.liwareinc.com. The solution must
meet the networking requirements.

What should you do? To answer, select the

appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 185

HOTSPOT - (Topic 2)
In which NSGs can you use ASG1 and to which virtual machine network interfaces can you associate ASG1? To answer, select the appropriate options in the
answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

Explanation:
NGS1 only VM2, VM3, VM4 and VM5

NEW QUESTION 188

- (Topic 1)
You need to connect Vnet2 and Vnet3. The solution must meet the virtual networking requirements and the business requirements.
Which two actions should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. On the peerings from Vnet2 and Vnet3, select Use remote gateways.
B. On the peering from Vnet1, select Allow forwarded traffic.
C. On the peering from Vnet1, select Use remote gateways.
D. On the peering from Vnet1, select Allow gateway transit.
E. On the peerings from Vnet2 and Vnet3, select Allow gateway transit.

Answer: BD

NEW QUESTION 189

HOTSPOT - (Topic 1)
You need to recommend a configuration for the ExpressRoute connection from the Boston datacenter. The solution must meet the hybrid networking requirements
and business requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
For the first question, only ExpressRoute GW SKU Ultra Performance support FastPath feature.
For the second question, vnet1 will connect to ExpressRoute gw, once Vnet1 peers with Vnet2, the traffic from on-premise network will bypass GW and Vnet1,
directly goes to Vnet2, while this feature is under public preview.
====Reference
ExpressRoute virtual network gateway is designed to exchange network routes and route network traffic. FastPath is designed to improve the data path
performance between your on-premises network and your virtual network. When enabled, FastPath sends network traffic directly to virtual machines in the virtual
network, bypassing the gateway.
To configure FastPath, the virtual network gateway must be either: Ultra Performance
ErGw3AZ
VNet Peering - FastPath will send traffic directly to any VM deployed in a virtual network peered to the one connected to ExpressRoute, bypassing the
ExpressRoute virtual network gateway.
https://docs.microsoft.com/en-us/azure/expressroute/about-fastpath Gateway SKU
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-about-virtual-network- gateways

NEW QUESTION 192

......

Your Partner of IT Exam visit - https://www.exambible.com

 We recommend you to try the PREMIUM AZ-700 Dumps From Exambible
https://www.exambible.com/AZ-700-exam/ (150 Q&As)

Relate Links

100% Pass Your AZ-700 Exam with Exambible Prep Materials

https://www.exambible.com/AZ-700-exam/

Contact us

We are proud of our high-quality customer service, which serves you around the clock 24/7.

Viste - https://www.exambible.com/

Your Partner of IT Exam visit - https://www.exambible.com

Powered by TCPDF (www.tcpdf.org)