Microsoft AZ-700 Designing and Implementing Microsoft Azure Networking Solutions Online Training
Microsoft AZ-700 Online Training
The questions for AZ-700 were last updated at Dec 20,2024.
- Exam Code: AZ-700
- Exam Name: Designing and Implementing Microsoft Azure Networking Solutions
- Certification Provider: Microsoft
- Latest update: Dec 20,2024
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Topic 3, Mix Questions
You have an Azure virtual network that contains two subnets named Subnet1 and Subnet2. Subnet1 contains a virtual machine named VM1. Subnet2 contains a virtual machine named VM2.
You have two network security groups (NSGs) named NSG1 and NSG2. NSG1 has 100 inbound security rules and is associated to VM1. NSG2 has 200 inbound security rules and is associated to Subnet1.
VM2 cannot connect to VM1.
You suspect that an NSG rule blocks connectivity.
You need to identify which rule blocks the connection. The issue must be resolved as quickly as possible.
Which Azure Network Watcher feature should you use?
- A . Effective security rules
- B . Connection troubleshoot
- C . NSG diagnostic
- D . NSG flow logs
You have an Azure Front Door instance that has a single frontend named Frontend1 and an Azure Web Application Firewall (WAF) policy named Policy1. Policy1 redirects requests that have a header containing "string1" to https://www.contoso.com/redirect1. Policy1 is associated to Frontend1. You need to configure additional redirection settings. Requests to Frontend1 that have a header containing "string2" must be redirected to https://www.contoso.com/redirect2.
Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . Create a custom rule.
- B . Configure a managed rule.
- C . Create a frontend host.
- D . Create a policy.
- E . Create an association.
- F . Add a custom rule to Policy1.
You have an Azure Front Door instance that has a single frontend named Frontend1 and an Azure Web Application Firewall (WAF) policy named Policy1. Policy1 redirects requests that have a header containing "string1" to https://www.contoso.com/redirect1. Policy1 is associated to Frontend1. You need to configure additional redirection settings. Requests to Frontend1 that have a header containing "string2" must be redirected to https://www.contoso.com/redirect2.
Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . Create a custom rule.
- B . Configure a managed rule.
- C . Create a frontend host.
- D . Create a policy.
- E . Create an association.
- F . Add a custom rule to Policy1.
You have an Azure virtual network that contains the subnets shown in the following table.
You deploy an Azure firewall to AzureFirewallSubnet. You route all traffic from Subnet2 through the firewall.
You need to ensure that all the hosts on Subnet2 can access an external site located at https://*.contoso.com.
What should you do?
- A . Create a network security group (NSG) and associate the NSG to Subnet2.
- B . In a firewall policy, create an application rule.
- C . In a firewall policy, create a DNAT rule.
- D . In a firewall policy, create a network rule.
You have an Azure subscription that contains the virtual networks shown in the following table.
You plan to deploy an Azure firewall named AF1 to RG1 in the West US Azure region.
To which virtual networks can you deploy AF1?
- A . Vnet1 only
- B . Vnet1 and Vnet2 only
- C . Vnet1, Vnet2, and Vnet4 only
- D . Vnet1 and Vnet4 only
- E . Vnet1, Vnet2. Vnet3, and Vnet4
HOTSPOT
You have an Azure application gateway named AppGW1 that provides access to the following hosts:
* www.adatum.com
* www.contoso.com
* www.fabrikam.com
AppGW1 has the listeners shown in the following table.
You create Azure Web Application Firewall (WAF) policies for AppGW1 as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT
You need to connect an on-premises network and an Azure environment. The solution must use ExpressRoute and support failing over to a Site-to-Site VPN connection if there is an ExpressRoute failure.
What should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You are planning an Azure Point-to-Site (P2S) VPN that will use OpenVPN. Users will authenticate by using an on premises Active Directory domain.
Which additional service should you deploy to support the VPN authentication?
- A . a certification authority (CA)
- B . a RADIUS server
- C . an Azure key vault
- D . Azure Active Directory (Azure AD) Application Proxy
HOTSPOT
You have an Azure subscription that contains a single virtual network and a virtual network gateway. You need to ensure that administrators can use Point-to-Site (P2S) VPN connections to access resources in the virtual network. The connections must be authenticated by Azure Active Directory (Azure AD).
What should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.