All About Breathing AZ-700 Pdf Exam

Master the AZ-700 Designing and Implementing Microsoft Azure Networking Solutions content and be ready for exam day success quickly with this Pass4sure AZ-700 free practice test. We guarantee it!We make it a reality and give you real AZ-700 questions in our Microsoft AZ-700 braindumps.Latest 100% VALID Microsoft AZ-700 Exam Questions Dumps at below page. You can use our Microsoft AZ-700 braindumps and pass your exam.

Also have AZ-700 free dumps questions for you:

NEW QUESTION 1
SIMULATION
Task 2
You need to create an Azure Firewall instance named FW1 that meets the following requirements:
• Has an IP address from the address range of 10.1.255.0/24
• Uses a new Premium firewall policy named FW-pohcy1
• Routes traffic directly to the internet


Solution:
✑ To create an Azure Firewall instance, you need to go to the Azure portal and select Create a resource. Type firewall in the search box and press Enter. Select Firewall and then select Create1.
✑ To assign an IP address from the address range of 10.1.255.0/24 to the firewall, you need to select a public IP address that belongs to that range. You can either create a new public IP address or use an existing one1.
✑ To use a new Premium firewall policy named FW-policy1, you need to select Premium as the Firewall tier and create a new policy with the name FW- policy12. A Premium firewall policy allows you to configure advanced features such as TLS Inspection, IDPS, URL Filtering, and Web Categories3.
✑ To route traffic directly to the internet, you need to enable SNAT (Source Network Address Translation) for the firewall. SNAT allows the firewall to use its public IP address as the source address for outbound traffic4.

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 2

You have an Azure Virtual Desktop deployment that has 500 session hosts. All outbound traffic to the internet uses a NAT gateway.
During peak business hours, some users report that they cannot access internet resources. In Azure Monitor, you discover many failed SNAT connections.
You need to increase the available SNAT connections. What should you do?

  • A. Add a public IP address.
  • B. Bind the NAT gateway to another subnet.
  • C. Deploy Azure Standard Load Balancer that has outbound rules.

Answer: A

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-gateway-resource

NEW QUESTION 3

You have the Azure Traffic Manager profiles shown in the following table.
AZ-700 dumps exhibit
You plan to add the endpoints shown in the following table.
AZ-700 dumps exhibit
Which endpoints can you add to Profile2?

  • A. Endpoint1 and Endpoint4 only
  • B. Endpoint1, Endpoint2, Endpoint3, and Endpoint4
  • C. Endpoint1 only
  • D. Endpoint2 and Endpoint3 only
  • E. Endpoint3 only

Answer: A

NEW QUESTION 4
DRAG DROP
You have an Azure virtual network named Vnet1 that connects to an on-premises network.
You have an Azure Storage account named storageaccount1 that contains blob storage.
You need to configure a private endpoint for the blob storage. The solution must meet the following requirements:
✑ Ensure that all on-premises users can access storageaccount1 through the private endpoint.
✑ Prevent access to storageaccount1 from being interrupted.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
AZ-700 dumps exhibit


Solution:
* 168.63.129.16 is the IP address of Azure DNS which hosts Azure Private DNS zones. It is only accessible from within a VNet which is why we need to forward on-prem DNS requests to the VM running DNS in the VNet. The VM will then forward the request to Azure DNS for the IP of the storage account private endpoint.

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 5
DRAG DROP
You need to implement outbound connectivity for VMScaleSet1. The solution must meet the virtual networking requirements and the business requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
AZ-700 dumps exhibit


Solution:
Graphical user interface, text, application Description automatically generated

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 6

You fail to establish a Site-to-Site VPN connection between your company's main office and an Azure virtual network.
You need to troubleshoot what prevents you from establishing the IPsec tunnel. Which diagnostic log should you review?

  • A. IKEDiagnosticLog
  • B. GatewayDiagnosticLog
  • C. TunnelDiagnosticLog
  • D. RouteDiagnosticLog

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/troubleshoot-vpn-with-azure- diagnostics
IKEDiagnosticLog = The IKEDiagnosticLog table offers verbose debug logging for IKE/IPsec. This is very useful to review when troubleshooting disconnections, or failure to connect VPN scenarios.
GatewayDiagnosticLog = Configuration changes are audited in the GatewayDiagnosticLog table.
TunnelDiagnosticLog = The TunnelDiagnosticLog table is very useful to inspect the historical connectivity statuses of the tunnel.
RouteDiagnosticLog = The RouteDiagnosticLog table traces the activity for statically modified routes or routes received via BGP.
P2SDiagnosticLog = The last available table for VPN diagnostics is P2SDiagnosticLog. This table traces the activity for Point to Site.
https://docs.microsoft.com/en-us/azure/vpn-gateway/troubleshoot-vpn-with-azure- diagnostics

NEW QUESTION 7

Your company has five offices. Each office has a firewall device and a local internet connection. The offices connect to a third-party SD-WAN.
You have an Azure subscription that contains a virtual network named Vnet1. Vnet1 contains a virtual network gateway named Gateway1. Each office connects to Gateway1 by using a Site-to-Site VPN connection.
You need to replace the third-party SD-WAN with an Azure Virtual WAN. What should you include in the solution?

  • A. Delete Gateway1.
  • B. Create new Point-to-Site (P2S) VPN connections on the firewall devices.
  • C. Create an Azure Traffic Manager profile.
  • D. Enable active-active mode on Gateway1.

Answer: B

NEW QUESTION 8
HOTSPOT
You have an on-premises datacenter.
You have an Azure subscription that contains 10 virtual machines and a virtual network named VNe1l in the East US Azure region. The virtual machines are connected to VNet1 and replicate across three availability zones.
You need to connect the datacenter to VNetl1by using ExpressRoute. The solution must meet the following requirements:
• Maintain connectivity to the virtual machines if two availability zones fail.
• Support 1000-Mbps connections-
What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
AZ-700 dumps exhibit


Solution:
AZ-700 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 9

You have an Azure subscription that contains the virtual networks shown in the following table.
AZ-700 dumps exhibit
You plan to deploy an Azure firewall named AF1 to RG1 in the West US Azure region. To which virtual networks can you deploy AF1?

  • A. Vnet1 only
  • B. Vnet1 and Vnet2 only
  • C. Vnet1, Vnet2, and Vnet4 only
  • D. Vnet1 and Vnet4 only
  • E. Vnet1, Vnet2. Vnet3, and Vnet4

Answer: A

NEW QUESTION 10
HOTSPOT
You are implementing the virtual network requirements for VM Analyze.
What should you include in a custom route that is linked to Subnet2? To answer, select the
appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-700 dumps exhibit


Solution:
AZ-700 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 11
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
AZ-700 dumps exhibit


Solution:
AZ-700 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 12

You have an Azure subscription that contains the Azure app service web apps show in the following table:
AZ-700 dumps exhibit
You need to deploy Azure Traffic Manager. The solution must meet the following requirements:
• Traffic to https//www.fabrikam.com must be directed to App1eu.
• If App1eu becomes unresponsive, all the traffic to https://www.fabrikam.com must be directed to App1us. You need to implement Traffic Manager to meet the requirements.
Which two resources should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

  • A. a Traffic Manager profile that uses the priority routing method
  • B. a Traffic Manager profile that uses the geographic routing method C a CNAME record in a DNS domain named fabrikam.com
  • C. a TXT record in a DNS domain named tabrikam.com
  • D. a real user measurements key in Traffic Manager

Answer: AC

NEW QUESTION 13

You have an Azure subscription that contains a user named Admin1 and a resource group named RG1.
RG1 contains an Azure Network Watcher instance named NW1.
You need to ensure that Admin1 can place a lock on NW1. The solution must use the principle of least privilege.
Which role should you assign to Admin1?

  • A. User Access Administrator
  • B. Network Contributor
  • C. Resource Policy Contributor
  • D. Monitoring Contributor

Answer: A

NEW QUESTION 14

You need to configure the default route in Vnet2 and Vnet3. The solution must meet the virtual networking requirements.
What should you use to configure the default route?

  • A. a user-defined route assigned to GatewaySubnet in Vnet2 and Vnet3
  • B. a user-defined route assigned to GatewaySubnet in Vnet1
  • C. BGP route exchange
  • D. route filters

Answer: C

Explanation:
VNet 1 will get the default from BGP and propagate it to VNET 2 and 3

NEW QUESTION 15

You have an Azure application gateway configured for a single website that is available at https://www.contoso.com.
The application gateway contains one backend pool and one rule. The backend pool contains two backend servers. Each backend server has an additional website that is available on port 8080.
You need to ensure that if port 8080 is unavailable on a backend server, all the traffic for https://www.contoso.com is redirected to the other backend server.
What should you do?

  • A. Create a health probe.
  • B. Add a new rule.
  • C. Add a new listener.
  • D. Change the port on the listener.

Answer: A

NEW QUESTION 16

You have an Azure virtual network that contains the subnets shown in the following table.
AZ-700 dumps exhibit
You deploy an Azure firewall to AzureFirewallSubnet. You route all traffic from Subnet2 through the firewall.
You need to ensure that all the hosts on Subnet2 can access an external site located at https://*.contoso.com.
What should you do?

  • A. Create a network security group (NSG) and associate the NSG to Subnet2.
  • B. In a firewall policy, create an application rule.
  • C. In a firewall policy, create a DNAT rule.
  • D. In a firewall policy, create a network rule.

Answer: B

NEW QUESTION 17
......

Thanks for reading the newest AZ-700 exam dumps! We recommend you to try the PREMIUM Downloadfreepdf.net AZ-700 dumps in VCE and PDF here: https://www.downloadfreepdf.net/AZ-700-pdf-download.html (263 Q&As Dumps)