This page was exported from Valid Premium Exam [ http://premium.validexam.com ] Export date:Fri Sep 20 1:02:21 2024 / +0000 GMT ___________________________________________________ Title: [Mar-2023] Valid Way To Pass Microsoft Exam Dumps with AZ-720 Exam Study Guide [Q39-Q63] --------------------------------------------------- [Mar-2023] Valid Way To Pass Microsoft Exam Dumps with AZ-720 Exam Study Guide All AZ-720 Dumps and Troubleshooting Microsoft Azure Connectivity Training Courses Help candidates to study and pass the Exams hassle-free! Schedule exam Languages: English Retirement date: none This exam measures your ability to accomplish the following technical tasks: troubleshoot business continuity issues; troubleshoot hybrid and cloud connectivity issues; troubleshoot Platform as a Service issues; troubleshoot authentication and access control issues; troubleshoot networks; and troubleshoot VM connectivity issues. Exam AZ-720: Troubleshooting Microsoft Azure Connectivity Candidates for this exam should have experience with networking and with hybrid environments, including knowledge of routing, permissions, and account limits. They must be able to use available tools to diagnose issues related to business continuity, hybrid environments, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), access control, networking, and virtual machines connectivity. Passing score: 700. Learn more about exam scores. Part of the requirements for: Microsoft Certified: Azure Support Engineer for Connectivity Specialty Download exam skills outline Skills measured Troubleshoot authentication and access control issues (15–20%)Troubleshoot Platform as a Service issues (5–10%)Troubleshoot VM connectivity issues (5–10%)Troubleshoot business continuity issues (5–10%)Troubleshoot hybrid and cloud connectivity issues (20–25%)   Q39. A company uses Azure Site Recovery (ASR) for a VMware environment that includes the following virtualmachines (VMs):The company reports that they are unable to configure all of the servers for replication.You need to evaluate the servers and server roles to determine which servers can be protected.Which server can you protect by using ASR?  VM1  VM2  VM3  VM4 Q40. A company deploys Azure Traffic Manager load balancing for an Azure App Service solution.Load balancing performance is showing a degraded status after deployment, and new HTTPS probes arefailing to reach the Traffic Manager endpoints.You need to troubleshoot the probe failure.How should you complete the PowerShell script? Q41. A company connects an on-premises network to an Azure virtual network by using ExpressRoute.The ExpressRoute connection is experiencing higher than normal latency.You need to confirm the traffic flow.How should you complete the PowerShell command? Q42. A company has an ExpressRoute gateway between their on-premises site and Azure. The ExpressRoute gateway is on a virtual network named VNet1. The company enables FastPath on the gateway. You associate a network security group (NSG) with all of the subnets.Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network named VNet2. Virtual network peering is enabled between VNet1 and VNet2.You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet.You discover that FlowLog1 is not reporting outbound flow traffic.You need to resolve the issue with FlowLog1.What should you do?  Create the storage account for FlowLog1 as a premium block blob.  Create the storage account for FlowLog1 as a premium page blob.  Enable FlowLog1 in a network security group associated with the subnet of VM1.  Configure the FlowTimeoutInMinutes property on VNet1 to a non-null value. Q43. A company migrates existing Ubuntu Linux servers from their on-premises vSphere infrastructure to Azure.The virtual machines (VMs) are experiencing a low network throughput of 20 Mbps. The VMs are expected to sustain 300 Mbps.You need to ensure that the VMs are compatible with Azure.Which change should you make?  Install a kernel name that ends with -azure.  Configure the network interfaces to 1000 Mbps/full duplex.  Redeploy the VM with Accelerated Networking enabled.  Increase the TCP buffers and window size kernel parameters. Q44. A company plans to use an Azure PaaS service by using Azure Private Link service. The azure Private Linkservice and an endpoint have been configured.The company reports that the endpoint is unable to connect to the service.You need to resolve the connectivity issue.What should you do?  Disable the endpoint network policies.  Validate the VPN device.  Approve the connection state.  Disable the service network policies. Q45. A company deploys the Azure Application Gateway Web Application Firewall (WAF) to protect their web applications.Users in a remote office location report the following issues:Unable to access part of a web application.Part of the web application is failing to load.Parts of the web application has activities that are not performing as expected.You need to troubleshoot the issue.Which diagnostic log should you review?  Performance  Firewall  Access  Azure Activity Q46. A company migrates an on-premises Windows virtual machine (VM) to Azure. An administrator enables backups for the VM by using the Azure portal.The company reports that the Azure VM backup job is failing.You need to troubleshoot the issue.Solution: Enable replication and create a recovery plan for the backup vault.Does the solution meet the goal?  Yes  No Q47. A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR).An administrator receives an error that password writeback cloud not be enabled during the Azure AD Connect configuration. The administrator observes the following event log error:Error getting auth tokenYou need to resolve the issue.Solution: Disable password writeback and then enable password writeback.Does the solution meet the goal?  Yes  No Q48. A company has an Azure Virtual Network gateway named VNetGW1. The company enables point-to-siteconnectivity on VNetGW1. An administrator configures VNetGW1 for the following:* OpenVPN for the tunnel type.* Azure certificate for the authentication type.Users receive a certificate mismatch error when connecting by using a VPN client.You need to resolve the certificate mismatch error.What should you do?  Reissue the client certificate with client authentication enabled.  Create a profile manually, add the server FQDN and reissue the client certificate.  Reissue the client certificate with server authentication enabled.  Install an IKEv2 VPN client on the user’s computers. Q49. A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR).An administrator receives an error that password writeback cloud not be enabled during the Azure AD Connect configuration. The administrator observes the following event log error:Error getting auth tokenYou need to resolve the issue.Solution: Use a global administrator account that is not federated to configure Azure AD Connect.Does the solution meet the goal?  Yes  No Q50. A company is deploying Azure Bastion to provide secure clientless access to its Azure VMs. The companyconfigures a network security group named NSG1.During deployment, the following error displays: Network security group NSG1 does not have necessary rulesfor Azure Bastion Subnet AzureBastionSubnet.You need to fix the inbound rules for NSG1.How should you complete the configuration? Q51. A company has an Azure Active Directory (Azure AD) tenant. The company deploys Azure AD Connect to synchronize users from an Active Directory Domain Services (AD DS).The synchronization of a user object is failing.You need to troubleshoot the failing synchronization by using a built-in Azure AD Connect troubleshooting task.Which two pieces of information should you collect before you start troubleshooting?  Object common name  AD connector name  Object globally unique identifier  Azure AD connector name  Object distinguished name Q52. A company has an Azure Virtual Network gateway named VNetGW1. The company enables point-to-site connectivity on VNetGW1. An administrator configures VNetGW1 for the following:OpenVPN for the tunnel type.Azure certificate for the authentication type.Users receive a certificate mismatch error when connecting by using a VPN client.You need to resolve the certificate mismatch error.What should you do?  Reissue the client certificate with client authentication enabled.  Configure preshared key for authentication on the VPN profile.  Install an IKEv2 VPN client on the user’s computers.  Reissue the client certificate with server authentication enabled. Q53. A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR).An administrator receives an error that password writeback cloud not be enabled during the Azure AD Connect configuration. The administrator observes the following event log error:Error getting auth tokenYou need to resolve the issue.Solution: Restart the Azure AD Connect service.Does the solution meet the goal?  Yes  No Q54. A company develops an Azure Cosmos DB solution.The solution has the following components:A virtual network named VNet1 in a resource group named RG1.A subnet named Subnet1 in VNet1.A Private Link service.The company is unable to configure a source IP address for the Private Link service from Subnet1.You need to resolve the issue for Subnet1.How should you complete the PowerShell commands? Q55. A company implements Windows and Linux VMs in an Azure Virtual Network. The company plans to applyrouting changes to the virtual network.You need to determine the impact of these changes on network latency affecting applications that use TCP andUDP traffic. The solution must provide the highest level of accuracy.Which tools should you use? Q56. A company deploys an ExpressRoute circuit.You need to verify accepted peering routes from the ExpressRoute circuit.Which PowerShell cmdlet should you run?  Get-AzExpressRouteCrossConnectionPeering  Get-AzExpressRouteCircuit  Get-AzExpressRouteCircuitPeeringConfig  Get-AzExpressRouteCircuitRouteTable  Get-AzExpressRouteCircuitStats Q57. A company creates an Azure resource group named RG1. RG1 has an Azure SQL Database logical server named sqlsvr1 that hosts the following resources:An administrator grants a user named User1 the Reader RBAC role in RG1. The administrator grants User2 the Contributor role in sqlsvr1.User1 reports that they can connect to SQLDB1 from the IP address 155.127.95.212. User1 cannot connect to SQLDB2. User2 can connect to both SQLDB1 and SQLDB2 from the IP address 121.19.27.18. Both users can successfully connect to SQLDB1 and SQLDB2 from VM1.You are helping the administrator troubleshoot the issue. You run the following PowerShell command:Get-AzSqlServerFirewallRule -ResourceGroupName ‘RG1’ -ServerName ‘sqlsvr1’ The following output displays:You need to identify the cause for the reported issue and resolve User1’s issues. The solution must satisfy the principle of least privilege.What should you do? Q58. A company uses an Azure Virtual Network (VNet) gateway named VNetGW1. VNetGW1 connects to apartner site by using a site-to-site VPN connection with dynamic routing.The company observes that the VPN disconnects from time to time.You need to troubleshoot the cause for the disconnections.What should you verify?  The partner’s VPN device and VNetGW1 are configured using the same shared key.  The partner’s VPN device is configured for one VPN tunnel per subnet pair.  The public IP address of the partner’s VPN device is configured in the local network gateway addressspace on VNetGW1.  The partner’s VPN device and VNetGW1 are configured with the same virtual network address space. Q59. A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR).An administrator receives an error that password writeback cloud not be enabled during the Azure ADConnect configuration. The administrator observes the following event log error:Error getting auth tokenYou need to resolve the issue.Solution: Disable password writeback and then enable password writeback.Does the solution meet the goal?  Yes  No Q60. A company deploys a new file sharing application on four Standard_D2_v3 virtual machines (VMs) behind an Azure Load Balancer. The company implements Azure Firewall.Users report that the application is slow during peak usage periods. An engineer reports that the peak usage for each VM is approximately 1 Gbps.You need to implement a solution that support a minimum of 10 Gbps.What should you do to increase the throughput?  Request an increase in networking quotas.  Increase the size of the VM instance.  Disable the Azure Firewall and implement network security groups in its place.  Move two of the servers behind a separate load balancer and configure round robin routing in Traffic Manager. Q61. A company migrates an on-premises Windows virtual machine (VM) to Azure. An administrator enables backups for the VM by using the Azure portal.The company reports that the Azure VM backup job is failing.You need to troubleshoot the issue.What should you do?  Create a new manual backup in Backup center.  Run chkdsk on the VM.  Configure the retention range of the current backup policy for the VM.  Install the VM guest agent with administrative permissions.  Enable replication and create a recovery plan for the backup vault. Q62. A company enables just-in-time (JIT) virtual machine (VM) access in Azure.An administrator observes a list of VMs on the Unsupported tab of the JIT VM access page in the Microsoft Defender for Cloud portal.You need to determine why some VMs are not supported for JIT VM access.What should you conclude?  The administrator is using the Microsoft Defender for Cloud free tier.  The VMs were provisioned by using a classic deployment.  The administrator does not have the SecurityReader role.  The administrator does not have permissions to request JIT access to the VMs. Q63. A company has an ExpressRoute gateway between their on-premises site and Azure. The ExpressRoutegateway is on a virtual network named VNet1. The company enables FastPath on the gateway. You associate anetwork security group (NSG) with all of the subnets.Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network namedVNet2. Virtual network peering is enabled between VNet1 and VNet2.You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet.You discover that FlowLog1 is not reporting outbound flow traffic.You need to resolve the issue with FlowLog1.What should you do?  Create the storage account for FlowLog1 as a premium block blob.  Create the storage account for FlowLog1 as a premium page blob.  Enable FlowLog1 in a network security group associated with the subnet of VM1.  Configure the FlowTimeoutInMinutes property on VNet1 to a non-null value.  Loading … Get Latest [Mar-2023] Conduct effective penetration tests using ValidExam AZ-720: https://www.validexam.com/AZ-720-latest-dumps.html --------------------------------------------------- Images: https://premium.validexam.com/wp-content/plugins/watu/loading.gif https://premium.validexam.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2023-03-02 12:57:21 Post date GMT: 2023-03-02 12:57:21 Post modified date: 2023-03-02 12:57:21 Post modified date GMT: 2023-03-02 12:57:21