This page was exported from Valid Premium Exam [ http://premium.validexam.com ] Export date:Mon Feb 24 14:04:53 2025 / +0000 GMT ___________________________________________________ Title: Exam Dumps AZ-700 Practice Free Latest Microsoft Practice Tests [Q77-Q99] --------------------------------------------------- Exam Dumps AZ-700 Practice Free Latest Microsoft Practice Tests AZ-700 Exam Questions | Real AZ-700 Practice Dumps Microsoft AZ-700 exam is targeted at professionals who have experience in designing and implementing Azure networking solutions. This includes network architects, network engineers, and other IT professionals who are responsible for designing and implementing Azure networking solutions for their organizations. AZ-700 exam requires candidates to have a thorough understanding of Azure networking services and their integration with other Azure services.   NEW QUESTION 77You have the Azure virtual networks shown in the following table.You deploy Azure Firewall to Vnet3.You need to ensure that the traffic from Subnet1-1 to Subnet2-1 passes through the firewall. What should you configure?  peering links between Vnet1 and Vnet2  a route table associated to Subnet1 -1 and Subnet2-1  an Azure private DNS zone  a route table associated to AzureFitewallSubnet NEW QUESTION 78You have the Azure virtual networks shown in the following table.You deploy Azure Firewall to Vnet3.You need to ensure that the traffic from Subnet1-1 to Subnet2-1 passes through the firewall. What should you configure?  peering links between Vnet1 and Vnet2  a route table associated to Subnet1 -1 and Subnet2-1  an Azure private DNS zone  a route table associated to AzureFitewallSubnet NEW QUESTION 79You have an Azure Front Door instance named FD1 that is protected by using Azure Web Application Firewall (WAF).FD1 uses a frontend host named app1.contoso.com to provide access to Azure web apps hosted in the East US Azure region and the West US Azure region.You need to configure FD1 to block requests to app1.contoso.com from all countries other than the United States.What should you include in the WAF policy?  a frontend host association  a managed rule set  a custom rule that uses a rate limit rule  a custom rule that uses a match rule NEW QUESTION 80You have the Azure resources shown in the following table.You need to link VNei2 to Circuit1What should you create in each subscription? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. ExplanationNEW QUESTION 81You have the Azure environment shown In the Azure Environment exhibit. (Click the Azure Environment tab.) The settings for each subnet are shown in the following table.The Firewalls and virtual networks settings for storage1 are configured as shown in the Storage1 exhibit.(Click the Storage1 tab.) For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. ExplanationGraphical user interface, text, application Description automatically generatedNEW QUESTION 82Your company has 40 branch offices across North America and Europe. You have an Azure subscription that contains the following virtual networks:* Two networks in the East US Azure region* Three networks in the West Europe Azure regionYou need to implement Azure Virtual WAN. The solution must meet the following requirements:* Each branch office in North America must have an ExpressRoute circuit and a Site-to-Site VPN that connects to the East US region.* Each branch office in Europe must have an ExpressRoute circuit and a Site-to-Site VPN that connects to the West Europe region.* Transitive connections must be supported between all the branch offices and all the virtual networks.* Costs must be minimized.What is the minimum number of Virtual WAN resources required? To answer, select the appropriate options in the answer are a. NOTE: Each correct selection is worth one point. NEW QUESTION 83You create NSG10 and NSG11 to meet the network security requirements.For each of the following statements, select Yes it the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. ExplanationYessubnet1(WM1->NSG1 outbound->NSG10 outbound)->subnet2(NSG1 inbound->NSG11 inbound->VM2) Yes NSG10 blocks ICMP from VNet4 (source 10.10.0.0/16) but it is not blocked from VM2’s subnet (VNet1/Subnet2).NoNSG11 blocks RDP (port TCP 3389) destined for “VirtualNetwork”. VirtualNetwork is a service tag and means the address space of the virtual network (VNet1) which in this case is 10.1.0.0/16. Therefore, RDP traffic from subnet2 to anywhere else in VNet1 is blocked.NEW QUESTION 84You have an Azure subscription that contains a virtual network gateway named VNetGwy1. VNetGwy1 has a public IP address of 20.25.32.214.You need to query the health probe of VNetGwy1,How should you complete the URI? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. ExplanationNEW QUESTION 85You have the network topology shown in the Topology exhibit. (Click the Topology tab.)You have the Azure firewall shown in the Firewall 1 exhibit. (Click the Firewall tab.)You have the route table shown in the RouteTable1 exhibit. (Click the RouteTable1 tab.)For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. NEW QUESTION 86You have an Azure private DNS zone named contoso.com that is linked to the virtual networks shown in the following table.The links have auto registration enabled.You create the virtual machines shown in the following table.You manually add the following entry to the contoso.com zone:Name: VM1IP address: 10.1.10.9For each of the following statements, select Yes of the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/dns/dns-faq-privateTopic 2, Litware. IncExisting Environment:Hybrid EnvironmentThe on-prernises network contains an Active Directory forest named litwareinc.com that syncs to an Azure Active Directory (Azure AD) tenant named litwareinc.com by usinq Azure AD Connect.All the offices connect to a virtual network named Vnetl by using a Site-to-Site VPN connection.Azure EnvironmentLitware has an Azure subscription named Sub1 that is linked to the litwareinc.com Azure AD tenant. Sub1 contains resources in the East US Azure region as shown in the following table.There is bidirectional peering between Vnet1 and Vnet2. There is bidirectional peering between Vnet1 and Vnet3. Currently, Vnet2 and Vnet3 cannot communicate directly.Requirements:Business RequirementsLitware wants to minimize costs whenever possible, as long as all other requirements are met.Virtual Networking RequirementsLitware identifies the following virtual networking requirements:* Direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 to the Boston datacenter over an ExpressRoute circuit.* Ensure that the records in the cloud.litwareinc.com zone can be resolved from the on-premises locations.* Automatically register the DNS names of Azure virtual machines to the cloud.litwareinc.com zone.* Minimize the size of the subnets allocated to platform-managed services.* Allow traffic from VMScaleSet1 to VMScaleSet2 on the TCP port 443 only.Hybrid Networking RequirementsLitware identifies the following hybrid networking requirements:* Users must be able to connect to Vnet1 by using a Point-to-Site (P2S) VPN when working remotely. Connections must be authenticated by Azure AD.* Latency of the traffic between the Boston datacenter and all the virtual networks must be minimized.* The Boston datacenter must connect to the Azure virtual networks by using an ExpressRoute FastPath connection.* Traffic between Vnet2 and Vnet3 must be routed through Vnet1.PaaS Networking RequirementsLitware identifies the following networking requirements for platform as a service (PaaS):* The storage1 account must be accessible from all on-premises locations without exposing the public endpoint of storage1.* The storage2 account must be accessible from Vnet2 and Vnet3 without exposing the public endpoint of storage2.NEW QUESTION 87You have two Azure App Service instances that host the web apps shown the following table.You deploy an Azure application gateway that has one public frontend IP address and two backend pools.You need to publish all the web apps to the application gateway. Requests must be routed based on the HTTP host headers.What is the minimum number of listeners and routing rules you should configure? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point.  See in Explanation 1, 2NEW QUESTION 88You have two Azure subscriptions named Subscription1 and Subscription2.There are no connections between the virtual networks in two subscriptions.You configure a private link service as shown in the privatelinkservice1 exhibit. (Click the privatelinkservice1 tab.)You create a load balancer name in Subscription1 and configure the backend pool shown in the lb1 exhibit. (Click tie 1b1 tab.)You create a private endpoint in Subscription2 as shown in the privateendpoint4 exhibit. (Click the privateendpoint4)For each of the following statements, select YES if the statement is true. Otherwise. select No. NEW QUESTION 89You have two Azure subscriptions named Subscnption1 and Subscription2. Subscription1 contains a virtual network named Vnet1. Vnet1 contains an application server. Subscription2 contains a virtual network named Vnet2.You need to provide the virtual machines in Vnet2 with access to the application server in Vnet1 by using a private endpoint.Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. 1 – In Subscription1, accept the private endpoint connection request.2 – Enable virtual network peering between Vnet1 and Vnet2.3 – Deploy an Azure Standard Load Balancer in fron of the application server.4 – In Subscription1, create a private link service…NEW QUESTION 90Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.You configure the application gateway to direct traffic to the URL of the application gateway.You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.You need to ensure that the URL is accessible through the application gateway.Solution: You disable the WAF rule that has a ruleld of 920300.Does this meet the goal?  Yes  No NEW QUESTION 91You have a network security group named NSG1.You need to enable network security group (NSG) flow logs for NSG1. The solution must support retention policies.What should you create first?  A standard general-purpose v2 Azure Storage account  An Azure Log Analytics workspace  A premium Block blobs Azure Storage account  A standard general-purpose v1 Azure Storage account NEW QUESTION 92You have the network topology shown in the Topology exhibit. (Click the Topology tab.)You have the Azure firewall shown in the Firewall 1 exhibit. (Click the Firewall tab.)You have the route table shown in the RouteTable1 exhibit. (Click the RouteTable1 tab.)For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. ExplanationNEW QUESTION 93You have two Azure subscriptions named Subscnption1 and Subscription2. Subscription1 contains a virtual network named Vnet1. Vnet1 contains an application server. Subscription2 contains a virtual network named Vnet2.You need to provide the virtual machines in Vnet2 with access to the application server in Vnet1 by using a private endpoint.Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. 1 – In Subscription1, accept the private endpoint connection request.2 – Enable virtual network peering between Vnet1 and Vnet2.3 – Deploy an Azure Standard Load Balancer in front of the application server.4 – In Subscription1,cerate a private link,,,,,NEW QUESTION 94You have an Azure subscription that contains the virtual machines shown in the following table.Subnet1 and Subnet2 are associated to a network security group (NSG) named NSG1 that has the following outbound rule:* Priority: 100* Port: Any* Protocol: Any* Source: Any* Destination: Storage* Action: DenyYou create a private endpoint that has the following settings:* Name: Private1* Resource type: Microsoft.Storage/storageAccounts* Resource: storage1* Target sub-resource: blob* Virtual network: Vnet1* Subnet: Subnet1For each of the following statements, select Yes of the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. ExplanationGraphical user interface, text, application Description automatically generatedReference:https://docs.microsoft.com/en-us/azure/private-link/disable-private-endpoint-network-policyNEW QUESTION 95Your company has an Azure virtual network named Vnet1 that uses an IP address space of 192.168.0.0/20. Vnet1 contains a subnet named Subnet1 that uses an IP address space of 192.168.0.0/24.You create an IPv6 address range to Vnet1 by using a CIDR suffix of /48.You need to enable the virtual machines on Subnet1 to communicate with each other by using IPv6 addresses assigned by the company. The solution must minimize the number of additional IPv4 addresses.What should you do? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Reference:https://docs.microsoft.com/en-us/azure/virtual-network/ipv6-overviewhttps://docs.microsoft.com/en-us/azure/virtual-network/ipv6-add-to-existing-vnet-powershellNEW QUESTION 96You need to prepare Vnet1 for the deployment of an ExpressRoute gateway. The solution must meet the hybrid connectivity requirements and the business requirements.Which three actions should you perform in sequence for Vnet1? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. 1 – Set the subnet mask of GatewaySubnet to /27.2 – Assign a user defined route to GatewaySubnet.3 – Create a VPN gateway by using the Basic SKU.NEW QUESTION 97You have the Azure App Service app shown in the App Service exhibit.The VNet Integration settings for as12 are configured as shown in the Vnet Integration exhibit.The Private Endpoint connections settings for as12 are configured as shown in the Private Endpoint connections exhibit.For each of the following statements, select Yes if the statement is true. Otherwise, select No.NOTE: Each correct selection is worth one point. ExplanationGraphical user interface, text, application Description automatically generatedReference:https://docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnetTopic 1, Contoso Case Study 2OverviewThis is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.To start the case studyTo display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab. note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.Existing Environment:Azure Network InfrastructureContoso has an Azure Active Directory (Azure AD) tenant named contoso.com.The Azure subscription contains the virtual networks shown in the following table.Vnet1 contains a virtual network gateway named GW1.Azure Virtual MachinesThe Azure subscription contains virtual machines that run Windows Server 2019 as shown in the following table.The NSGs are associated to the network interfaces on the virtual machines. Each NSG has one custom security rule that allows RDP connections from the internet. The firewall on each virtual machine allows ICMP traffic.An application security group named ASG1 is associated to the network interface of VM1.Azure Private DNS ZonesThe Azure subscription contains the Azure private DNS zones shown in the following table.Zone1.contoso.com has the virtual network links shown in the following table.Other Azure ResourcesThe Azure subscription contains additional resources as shown in the following table.Requirements:Virtual Network RequirementsContoso has the following virtual networks requirements:* Create a virtual network named Vnet6 in West US that will contain the following resources and configurations:Two container groups that connect to Vnet6Three virtual machines that connect to Vnet6Allow VPN connections to be established to Vnet6Allow the resources in Vnet6 to access KeyVault1, DB1, and Vnet1 over the Microsoft backbone network* The virtual machines in Vnet4 and Vnet5 must be able to communicate over the Microsoft backbone network.* A virtual machine named VM-Analyze will be deployed to Subnet1. VM-Analyze must inspect the outbound network traffic from Subnet2 to the internet.Network Security RequirementsContoso has the following network security requirements:* Configure Azure Active Directory (Azure AD) authentication for Point-to-Site (P2S) VPN users.* Enable NSG flow logs for NSG3 and NSG4.* Create an NSG named NSG10 that will be associated to Vnet1/Subnet1 and will have the custom inbound security rules shown in the following table.* Create an NSG named NSG11 that will be associated to Vnet1/Subnet2 and will have the custom outbound security rules shown in the following table.NEW QUESTION 98You fail to establish a Site-to-Site VPN connection between your company’s main office and an Azure virtual network.You need to troubleshoot what prevents you from establishing the IPsec tunnel.Which diagnostic log should you review?  IKEDiagnosticLog  GatewayDiagnosticLog  TunnelDiagnosticLog  RouteDiagnosticLog Reference:https://docs.microsoft.com/en-us/azure/vpn-gateway/troubleshoot-vpn-with-azure-diagnosticsTopic 2, Litware. Inc Case Study 1OverviewLitware. Inc. is a financial company that has a main datacenter in Boston and 20 branch offices across the United States. Users have Android, iOS, and Windows 10 devices.Existing Environment:Hybrid EnvironmentThe on-prernises network contains an Active Directory forest named litwareinc.com that syncs to an Azure Active Directory (Azure AD) tenant named litwareinc.com by usinq Azure AD Connect.All the offices connect to a virtual network named Vnetl by using a Site-to-Site VPN connection.Azure EnvironmentLitware has an Azure subscription named Sub1 that is linked to the litwareinc.com Azure AD tenant. Sub1 contains resources in the East US Azure region as shown in the following table.There is bidirectional peering between Vnet1 and Vnet2. There is bidirectional peering between Vnet1 and Vnet3. Currently, Vnet2 and Vnet3 cannot communicate directly.Requirements:Business RequirementsLitware wants to minimize costs whenever possible, as long as all other requirements are met.Virtual Networking RequirementsLitware identifies the following virtual networking requirements:* Direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 to the Boston datacenter over an ExpressRoute circuit.* Ensure that the records in the cloud.litwareinc.com zone can be resolved from the on-premises locations.* Automatically register the DNS names of Azure virtual machines to the cloud.litwareinc.com zone.* Minimize the size of the subnets allocated to platform-managed services.* Allow traffic from VMScaleSet1 to VMScaleSet2 on the TCP port 443 only.Hybrid Networking RequirementsLitware identifies the following hybrid networking requirements:* Users must be able to connect to Vnet1 by using a Point-to-Site (P2S) VPN when working remotely.Connections must be authenticated by Azure AD.* Latency of the traffic between the Boston datacenter and all the virtual networks must be minimized.* The Boston datacenter must connect to the Azure virtual networks by using an ExpressRoute FastPath connection.* Traffic between Vnet2 and Vnet3 must be routed through Vnet1.PaaS Networking RequirementsLitware identifies the following networking requirements for platform as a service (PaaS):* The storage1 account must be accessible from all on-premises locations without exposing the public endpoint of storage1.* The storage2 account must be accessible from Vnet2 and Vnet3 without exposing the public endpoint of storage2.NEW QUESTION 99You have an Azure subscription.You have the on-premises sites shown the following table.You plan to deploy Azure Virtual WAN.You are evaluating Virtual WAN Basic and Virtual WAN Standard.Which type of Virtual WAN can you use for each site? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. ExplanationReference:https://docs.microsoft.com/en-us/azure/virtual-wan/virtual-wan-about Loading … Verified AZ-700 Exam Dumps Q&As - Provide AZ-700 with Correct Answers: https://www.validexam.com/AZ-700-latest-dumps.html --------------------------------------------------- Images: https://premium.validexam.com/wp-content/plugins/watu/loading.gif https://premium.validexam.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2023-11-07 09:58:41 Post date GMT: 2023-11-07 09:58:41 Post modified date: 2023-11-07 09:58:41 Post modified date GMT: 2023-11-07 09:58:41