Real AZ-700 Exam Questions are the Best Preparation Material
Practice on 2023 LATEST AZ-700 Exam Updated 185 Questions
Gaining AZ-700 certification demonstrates that the candidate has a deep understanding of Azure networking solutions and can design and implement them effectively. Designing and Implementing Microsoft Azure Networking Solutions certification enhances the candidates' career prospects and opens up opportunities for them to work with leading organizations that rely on Azure networking solutions.
To pass the Microsoft AZ-700 certification exam, candidates need to have an understanding of Azure networking concepts, networking infrastructure, and networking security. Candidates should also have experience in designing and implementing Azure networking solutions, including virtual networks, load balancers, and VPN solutions. Candidates must also know how to design and implement Azure networking solutions that meet specific business requirements.
The AZ-700 exam covers a wide range of topics related to Azure networking, including virtual network design, network security, traffic management, and hybrid networking. It tests candidates' abilities to design and implement secure and scalable networking solutions that meet the needs of their organizations. AZ-700 exam includes a mix of multiple-choice and scenario-based questions, and candidates have three hours to complete it.
NEW QUESTION # 106
You have an Azure subscription that contains a virtual network named Vnetl. Vnetl has a /24 IPv4 address space.
You need to subdivide Vnet1. The solution must maximize the number of usable subnets.
What is the maximum number of IPv4 subnets you can create, and how many usable IP addresses will be available per subnet? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 107
You need to provide connectivity to storage1. The solution must meet the PaaS networking requirements and the business requirements.
What should you include in the solution?
- A. Azure Traffic Manager
- B. Azure Front Door
- C. a service endpoint
- D. a private endpoint
Answer: A
NEW QUESTION # 108
You have an Azure subscription that contains the resources is shown in the following table.
You need to ensure that the apps hosted on VM1 can resolve the IP address of the What should you create first?
- A. a private DNS zone named database.windows.net
- B. a public DNS zone named private ink.database.windows.net
- C. a public DNS zone named database.windows.net
- D. a private DNS zone named privatelink.database.windows.net
Answer: B
NEW QUESTION # 109
You fail to establish a Site-to-Site VPN connection between your company's main office and an Azure virtual network.
You need to troubleshoot what prevents you from establishing the IPsec tunnel.
Which diagnostic log should you review?
- A. GatewayDiagnosticLog
- B. TunnelDiagnosticLog
- C. IKEDiagnosticLog
- D. RouteDiagnosticLog
Answer: C
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/troubleshoot-vpn-with-azure-diagnostics IKEDiagnosticLog = The IKEDiagnosticLog table offers verbose debug logging for IKE/IPsec. This is very useful to review when troubleshooting disconnections, or failure to connect VPN scenarios.
GatewayDiagnosticLog = Configuration changes are audited in the GatewayDiagnosticLog table.
TunnelDiagnosticLog = The TunnelDiagnosticLog table is very useful to inspect the historical connectivity statuses of the tunnel.
RouteDiagnosticLog = The RouteDiagnosticLog table traces the activity for statically modified routes or routes received via BGP.
P2SDiagnosticLog = The last available table for VPN diagnostics is P2SDiagnosticLog. This table traces the activity for Point to Site.
https://docs.microsoft.com/en-us/azure/vpn-gateway/troubleshoot-vpn-with-azure-diagnostics
NEW QUESTION # 110
You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2. You have the NAT gateway shown in the NATgateway1 exhibit, (Click the NATgateway1 tab)
You have the virtual machine shown in the VM1 exhibit, (Click the VM1 tab)
Subnet1 is configured as shown in the Subnet1 exhibit, (Click the Subnet1 tab)
For each of the following statements, select Yes if the statement is true. Otherwise, select No
Answer:
Explanation:
NEW QUESTION # 111
You have the Azure environment shown In the Azure Environment exhibit. (Click the Azure Environment tab.) The settings for each subnet are shown in the following table.
The Firewalls and virtual networks settings for storage1 are configured as shown in the Storage1 exhibit. (Click the Storage1 tab.) For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 112
You have an Azure Front Door instance that has a single frontend named Frontend1 and an Azure Web Application Firewall (WAF) policy named Policy1. Policy1 redirects requests that have a header containing
"string1" to https://www.contoso.com/redirect1. Policy1 is associated to Frontend1.
You need to configure additional redirection settings. Requests to Frontend1 that have a header containing
"string2" must be redirected to https://www.contoso.com/redirect2.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
- A. Add a custom rule to Policy1.
- B. Create a policy.
- C. Create an association.
- D. Create a frontend host.
- E. Configure a managed rule.
- F. Create a custom rule.
Answer: A,C,D
NEW QUESTION # 113
You have an Azure load balancer that has the following configurations:
* Name:LB1
* Location: East US 2
* SKU: Standard
* Private IP address: 10.3.0.7
* Load balancing rule: rule! (Tcp/80)
* Health probe: probe1 (Http:80)
* NAT rules; 0 inbound
The backend pool of LB1 has the following configurations:
* Name: backend I
* Virtual network: Vnet1
* Backend pool configuration: NIC
* IP version: IPv4
* Virtual machines: VM1.VM2. VM3:
You have an Azure virtual machine named VM4 that has the following network configurations:
* Network interface: vm49Sl
* Virtual network/subnet: Vnet3/Subnet3
* NIC private IP address: 10.4.0.4
* Accelerated networking: Enabled
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
NEW QUESTION # 114
Task 9
You need to ensure that subnet4-3 can accommodate 507 hosts.
Answer:
Explanation:
See the Explanation below for step by step instructions.
Explanation
Here are the steps and explanations for ensuring that subnet4-3 can accommodate 507 hosts:
* To determine the subnet size that can accommodate 507 hosts, you need to use the formula: number of hosts = 2^(32 - n) - 2, where n is the number of bits in the subnet mask1. You need to find the value of n that satisfies this equation for 507 hosts.
* To solve this equation, you can use trial and error or a binary search method. For example, you can start with n = 24, which is the default subnet mask for Class C networks. Then, plug in the value of n into the formula and see if it is too big or too small for 507 hosts.
* If you try n = 24, you get number of hosts = 2^(32 - 24) - 2 = 254, which is too small. You need to increase the value of n to get a larger number of hosts.
* If you try n = 25, you get number of hosts = 2^(32 - 25) - 2 = 510, which is just enough to accommodate
507 hosts. You can stop here or try a smaller value of n to see if it still works.
* If you try n = 26, you get number of hosts = 2^(32 - 26) - 2 = 254, which is too small again. You need to decrease the value of n to get a larger number of hosts.
* Therefore, the smallest value of n that can accommodate 507 hosts is n = 25. This means that the subnet mask for subnet4-3 should be /25 or 255.255.255.128 in dot-decimal notation1.
* To change the subnet mask for subnet4-3, you need to go to the Azure portal and select your virtual network. Then select Subnets under Settings and select subnet4-3 from the list2.
* On the Edit subnet page, under Address range (CIDR block), change the value from /24 to /25. Then select Save2.
NEW QUESTION # 115
You have the Azure load balancer shown in the Load Balancer exhibit.
LB2 has the backend pools shown in the Backend Pools exhibit.
You need to ensure that LB2 distributes traffic to all the members of VMSS1.
What should you do?
- A. Configure a health probe.
- B. Add a load balancing rule.
- C. Add a public IP address to each member of VMSS1.
- D. Add a network interface to VMSS1.
Answer: B
NEW QUESTION # 116
You have two Azure App Service instances that host the web apps shown the following table.
You deploy an Azure application gateway that has one public frontend IP address and two backend pools.
You need to publish all the web apps to the application gateway. Requests must be routed based on the HTTP host headers.
What is the minimum number of listeners and routing rules you should configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
- A. 1, 2
Answer: A
NEW QUESTION # 117
You need to configure the default route on Vnet2 and Vnet3. The solution must meet the virtual networking requirements.
What should you use to configure the default route?
- A. route filters
- B. a user-defined route assigned to GatewaySubnet in Vnet1
- C. a user-defined route assigned to GatewaySubnet in Vnet2 and Vnet3
- D. BGP route exchange
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview Overview This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab. note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Topic 2, Contoso
Existing Environment:
Azure Network Infrastructure
Contoso has an Azure Active Directory (Azure AD) tenant named contoso.com.
The Azure subscription contains the virtual networks shown in the following table.
Vnet1 contains a virtual network gateway named GW1.
Azure Virtual Machines
The Azure subscription contains virtual machines that run Windows Server 2019 as shown in the following table.
The NSGs are associated to the network interfaces on the virtual machines. Each NSG has one custom security rule that allows RDP connections from the internet. The firewall on each virtual machine allows ICMP traffic.
An application security group named ASG1 is associated to the network interface of VM1.
Azure Private DNS Zones
The Azure subscription contains the Azure private DNS zones shown in the following table.
Zone1.contoso.com has the virtual network links shown in the following table.
Other Azure Resources
The Azure subscription contains additional resources as shown in the following table.
Requirements:
Virtual Network Requirements
Contoso has the following virtual networks requirements:
* Create a virtual network named Vnet6 in West US that will contain the following resources and configurations:
Two container groups that connect to Vnet6
Three virtual machines that connect to Vnet6
Allow VPN connections to be established to Vnet6
Allow the resources in Vnet6 to access KeyVault1, DB1, and Vnet1 over the Microsoft backbone network
* The virtual machines in Vnet4 and Vnet5 must be able to communicate over the Microsoft backbone network.
* A virtual machine named VM-Analyze will be deployed to Subnet1. VM-Analyze must inspect the outbound network traffic from Subnet2 to the internet.
Network Security Requirements
Contoso has the following network security requirements:
* Configure Azure Active Directory (Azure AD) authentication for Point-to-Site (P2S) VPN users.
* Enable NSG flow logs for NSG3 and NSG4.
* Create an NSG named NSG10 that will be associated to Vnet1/Subnet1 and will have the custom inbound security rules shown in the following table.
* Create an NSG named NSG11 that will be associated to Vnet1/Subnet2 and will have the custom outbound security rules shown in the following table.
NEW QUESTION # 118
You need to meet the network security requirements for the NSG flow logs.
Which type of resource do you need, and how many instances should you create? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 119
You are planning an Azure Point-to-Site (P2S) VPN that will use OpenVPN.
Users will authenticate by using an on premises Active Directory domain.
Which additional service should you deploy to support the VPN authentication?
- A. a RADIUS server
- B. an Azure key vault
- C. a certification authority (CA)
- D. Azure Active Directory (Azure AD) Application Proxy
Answer: D
NEW QUESTION # 120
You have two Azure subscriptions named Subscription1 and Subscription2.
There are no connections between the virtual networks in two subscriptions.
You configure a private link service as shown in the privatelinkservice1 exhibit. (Click the privatelinkservice1 tab.)
You create a load balancer name in Subscription1 and configure the backend pool shown in the lb1 exhibit.
(Click tie 1b1 tab.)
You create a private endpoint in Subscription2 as shown in the privateendpoint4 exhibit. (Click the privateendpoint4)
For each of the following statements, select YES if the statement is true. Otherwise. select No.
Answer:
Explanation:
Explanation
Yes, Yes, No
NEW QUESTION # 121
You configure a route table named RT1 that has the routes shown in the following table.
You have an Azure virtual network named Vnet1 that has the subnets shown in the following table.
You have the resources shown in the following table.
Vnet1 connects to an ExpressRoute circuit. The on-premises router advertises the following routes:
* 0.0.0.0/0
* 10.0.0.0/16
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
NEW QUESTION # 122
You have an Azure firewall shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Explanation
Graphical user interface, text, application, email Description automatically generated
Box 1:
If forced tunneling was enabled, the Firewall Subnet would be named AzureFirewallManagementSubnet.
Forced tunneling can only be enabled during the creation of the firewall. It cannot be enabled after the firewall has been deployed.
Box 2:
The "Visit Azure Firewall Manager to configure and manage this firewall" link in the exhibit shows that the firewall is managed by Azure Firewall Manager.
NEW QUESTION # 123
......
Authentic AZ-700 Exam Dumps PDF - Dec-2023 Updated: https://passleader.testpassking.com/AZ-700-exam-testking-pass.html