Practice Free AZ-700 Exam Online Questions
You have an Azure application gateway for a web app named App1. The application gateway allows end-to-end encryption.
You configure the listener for HTTPS by uploading an enterprise signed certificate.
You need to ensure that the application gateway can provide end-to-end encryption for App1.
What should you do?
- A . Set Listener type to Multi site.
- B . Increase the Unhealthy threshold setting in the custom probe.
- C . Upload the public key certificate to the HTTPS settings.
- D . Enable the SSL profile for the listener.
HOTSPOT
Your company has 40 branch offices across North America and Europe.
You have an Azure subscription that contains the following virtual networks:
• Two networks in the East US Azure region
• Three networks in the West Europe Azure region
You need to implement Azure Virtual WAN.
The solution must meet the following requirements:
• Each branch office in North America must have an ExpressRoute circuit and a Site-to-Site VPN that
connects to the East US region.
• Each branch office in Europe must have an ExpressRoute circuit and a Site-to-Site VPN that connects to the West Europe region.
• Transitive connections must be supported between all the branch offices and all the virtual networks.
• Costs must be minimized.
What is the minimum number of Virtual WAN resources required? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Your company has an office in New York.
The company has an Azure subscription that contains the virtual networks shown in the following table.
You need to connect the virtual networks to the office by using ExpressRoute.
The solution must meet the following requirements:
• The connection must have up to 1 Gbps of bandwidth.
• The office must have access to all the virtual networks.
• Costs must be minimized.
How many ExpressRoute circuits should be provisioned, and which ExpressRoute 5KU should you enable?
- A . one ExpressRoute Standard circuit
- B . one ExpressRoute Premium circuit
- C . two ExpressRoute Premium circuits
- D . four ExpressRoute Standard circuits
HOTSPOT
You have on-premises datacenters in New York and Seattle.
You have an Azure subscription that contains the ExpressRoute circuits shown in the following table.
You need to ensure that all the data sent between the datacenters is routed via the ExoressRoute circuits. The solution must minimize costs.
HOTSPOT
Your on-premises network contains a VPN device.
You have an Azure subscription that contains a virtual network and a virtual network gateway.
You need to create a Site-to-Site VPN connection that has a custom cryptographic policy.
How should you complete the PowerShell script? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
DRAG DROP
You have an Azure subscription that contain a viral network named Vnet1 and an Azure SQL database named SQL1 has a private endpoint on Vnet1.
You have a partner company named fabrikam, has an Azure subscription that contains a virtual network named Vnet1 and a virtual machine named VM1, VM1 is connected to Vnet2 You need to provide VM1 with accesss to SQL 1 by using an Azure private Link service.
What should you implement on each virtual network? To answer, drag the appropriate resources to the correct virtual networks. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. Note: Each correct selection is worth one point.
Topic 1, Litware. Inc Case Study 1
Overview
Litware. Inc. is a financial company that has a main datacenter in Boston and 20 branch offices across the United States. Users have Android, iOS, and Windows 10 devices.
Existing Environment:
Hybrid Environment
The on-prernises network contains an Active Directory forest named litwareinc.com that syncs to an Azure Active Directory (Azure AD) tenant named litwareinc.com by usinq Azure AD Connect.
All the offices connect to a virtual network named Vnetl by using a Site-to-Site VPN connection.
Azure Environment
Litware has an Azure subscription named Sub1 that is linked to the litwareinc.com Azure AD tenant.
Sub1 contains resources in the East US Azure region as shown in the following table.
There is bidirectional peering between Vnet1 and Vnet2. There is bidirectional peering between Vnet1 and Vnet3. Currently, Vnet2 and Vnet3 cannot communicate directly.
Requirements:
Business Requirements
Litware wants to minimize costs whenever possible, as long as all other requirements are met.
Virtual Networking Requirements
Litware identifies the following virtual networking requirements:
* Direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 to the Boston datacenter over an ExpressRoute circuit.
* Ensure that the records in the cloud.litwareinc.com zone can be resolved from the on-premises locations.
* Automatically register the DNS names of Azure virtual machines to the cloud.litwareinc.com zone.
* Minimize the size of the subnets allocated to platform-managed services.
* Allow traffic from VMScaleSet1 to VMScaleSet2 on the TCP port 443 only.
Hybrid Networking Requirements
Litware identifies the following hybrid networking requirements:
* Users must be able to connect to Vnet1 by using a Point-to-Site (P2S) VPN when working remotely. Connections must be authenticated by Azure AD.
* Latency of the traffic between the Boston datacenter and all the virtual networks must be minimized.
* The Boston datacenter must connect to the Azure virtual networks by using an ExpressRoute FastPath connection.
* Traffic between Vnet2 and Vnet3 must be routed through Vnet1.
PaaS Networking Requirements
Litware identifies the following networking requirements for platform as a service (PaaS):
* The storage1 account must be accessible from all on-premises locations without exposing the public endpoint of storage1.
* The storage2 account must be accessible from Vnet2 and Vnet3 without exposing the public endpoint of storage2.
You need to connect Vnet2 and Vnet3. The solution must meet the virtual networking requirements and the business requirements.
Which two actions should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . On the peerings from Vnet2 and Vnet3, select Use remote gateways.
- B . On the peering from Vnet1, select Allow forwarded traffic.
- C . On the peering from Vnet1, select Use remote gateways.
- D . On the peering from Vnet1, select Allow gateway transit.
- E . On the peerings from Vnet2 and Vnet3, select Allow gateway transit.
HOTSPOT
You have an Azure subscription that contains an app named Appl.
App1 is hosted on the Azure App Service instances shown in the following table.
You need to implement Azure Traffic Manager to meet the following requirements:
• App1 traffic must be assigned equally to each App Service instance in each Azure region.
• App1 traffic from North Europe must be routed to the Appl instances in the North Europe region.
• App1 traffic from North America must be routed to the Appl instances in the East US Azure region.
You have an Azure subscription that contains multiple virtual machines in the West US Azure region.
You need to use Traffic Analytics.
Which two resources should you create? Each correct answer presents part of the solution. NOTE: Each correct answer selection is worth one point. (Choose two.)
- A . an Azure Monitor workbook
- B . a Log Analytics workspace C a storage account
- C . an Azure Sentinel workspace
- D . an Azure Monitor data collection rule
HOTSPOT
You have the Azure firewall shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
