Welcome to download the Newest 2passeasy AZ-700 dumps

https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

Exam Questions AZ-700

Designing and Implementing Microsoft Azure Networking Solutions

https://www.2passeasy.com/dumps/AZ-700/

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

NEW QUESTION 1
- (Exam Topic 1)
You need to prepare Vnet1 for the deployment of an ExpressRoute gateway. The solution must meet the hybrid connectivity requirements and the business
requirements.
Which three actions should you perform in sequence for Vnet1? To answer, move the appropriate actions from the list of actions to the answer area and arrange
them in the correct order.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 2
- (Exam Topic 1)
You need to implement a P2S VPN for the users in the branch office. The solution must meet the hybrid networking requirements.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 3
- (Exam Topic 1)
You need to recommend a configuration for the ExpressRoute connection from the Boston datacenter. The solution must meet the hybrid networking requirements
and business requirements.
What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
For the first question, only ExpressRoute GW SKU Ultra Performance support FastPath feature.
For the second question, vnet1 will connect to ExpressRoute gw, once Vnet1 peers with Vnet2, the traffic from on-premise network will bypass GW and Vnet1,
directly goes to Vnet2, while this feature is under public preview.
====Reference
ExpressRoute virtual network gateway is designed to exchange network routes and route network traffic. FastPath is designed to improve the data path
performance between your on-premises network and your virtual network. When enabled, FastPath sends network traffic directly to virtual machines in the virtual
network, bypassing the gateway.
To configure FastPath, the virtual network gateway must be either: Ultra Performance
ErGw3AZ
VNet Peering - FastPath will send traffic directly to any VM deployed in a virtual network peered to the one connected to ExpressRoute, bypassing the
ExpressRoute virtual network gateway.
https://docs.microsoft.com/en-us/azure/expressroute/about-fastpath Gateway SKU
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-about-virtual-network-gateways

NEW QUESTION 4
- (Exam Topic 2)
You create NSG10 and NSG11 to meet the network security requirements.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

For each of the following statements, select Yes it the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Yes
subnet1(WM1->NSG1 outbound->NSG10 outbound)->subnet2(NSG1 inbound->NSG11 inbound->VM2) Yes
NSG10 blocks ICMP from VNet4 (source 10.10.0.0/16) but it is not blocked from VM2€™s subnet (VNet1/Subnet2).
No
NSG11 blocks RDP (port TCP 3389) destined for €˜VirtualNetwork€™. VirtualNetwork is a service tag and means the address space of the virtual network (VNet1)
which in this case is 10.1.0.0/16. Therefore, RDP traffic from subnet2 to anywhere else in VNet1 is blocked.

NEW QUESTION 5
- (Exam Topic 2)
In which NSGs can you use ASG1 and to which virtual machine network interfaces can you associate ASG1? To answer, select the appropriate options in the
answer area.
NOTE: Each correct selection is worth one point.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 6
- (Exam Topic 2)
You need to meet the network security requirements for the NSG flow logs.
Which type of resource do you need, and how many instances should you create? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

NEW QUESTION 7
- (Exam Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have two Azure virtual networks named Vnet1 and Vnet2.
You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-to-Site (P2S) IKEv2 VPN.
You implement virtual network peering between Vnet1 and Vnet2. Vnet1 allows gateway transit. Vnet2 can use the remote gateway.
You discover that Client1 cannot communicate with Vnet2. You need to ensure that Client1 can communicate with Vnet2. Solution: You reset the gateway of
Vnet1.
Does this meet the goal?

A. Yes
B. No

Answer: B

Explanation:
The VPN client must be downloaded again if any changes are made to VNet peering or the network topology. Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site-routing

NEW QUESTION 8
- (Exam Topic 3)
You have an Azure subscription that contains the virtual machines shown in the following table.

Subnet1 and Subnet2 are associated to a network security group (NSG) named NSG1 that has the following outbound rule:
Priority: 100
Port: Any
Protocol: Any
Source: Any
Destination: Storage
Action: Deny
You create a private endpoint that has the following settings:
Name: Private1
Resource type: Microsoft.Storage/storageAccounts
Resource: storage1
Target sub-resource: blob
Virtual network: Vnet1
Subnet: Subnet1
For each of the following statements, select Yes of the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

A. Mastered
B. Not Mastered

Answer: A

Explanation:
Yes, Yes, Yes
NSG rules applied to the subnet hosting the private endpoint are not applied to the private endpoint.So the NSG1 doesn't limit storage access from either VM1 or
VM2.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

https://docs.microsoft.com/en-us/azure/storage/common/storage-private-endpoints#network-security-group-rule

NEW QUESTION 9
- (Exam Topic 3)
You have the Azure environment shown in the exhibit.

VM1 is a virtual machine that has an instance-level public IP address (ILPIP).

Basic Load Balancer uses a public IP address. VM1 and VM2 are in the backend pool. NAT Gateway uses a public IP address named IP3 that is associated to
SubnetA. VNet1 has a virtual network gateway that has a public IP address named IP4.
When initiating outbound traffic to the internet from VM1, which public address is used?

A. IP1
B. IP2
C. IP3
D. IP4

Answer: A

NEW QUESTION 10
- (Exam Topic 3)
You configure a route table named RT1 that has the routes shown in the following table.

You have an Azure virtual network named Vnet1 that has the subnets shown in the following table.

You have the resources shown in the following table.

Vnet1 connects to an ExpressRoute circuit.

The on-premises router advertises the following routes:
* 0.0.0.0/0
* 10.0.0.0/16
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 10
- (Exam Topic 3)
You are planning an Azure Point-to-Site (P2S) VPN that will use OpenVPN. Users will authenticate by using an on premises Active Directory domain. Which
additional service should you deploy to support the VPN authentication?

A. a certification authority (CA)

B. a RADIUS server
C. an Azure key vault
D. Azure Active Directory (Azure AD) Application Proxy

Answer: B

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/point-to-site-about

NEW QUESTION 12
- (Exam Topic 3)
You have an Azure subscription that contains the virtual networks shown in the following table.

You plan to deploy an Azure firewall named AF1 to RG1 in the West US Azure region. To which virtual networks can you deploy AF1?

A. Vnet1 only
B. Vnet1 and Vnet2 only
C. Vnet1, Vnet2, and Vnet4 only
D. Vnet1 and Vnet4 only
E. Vnet1, Vnet2. Vnet3, and Vnet4

Answer: C

NEW QUESTION 16
- (Exam Topic 3)
You have an Azure subscription that contains the public IP addresses shown in the following table.

You plan to deploy a NAT gateway named NAT1.

Which public IP addresses can be used as the public IP address for NAT1?

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

A. IP3 and IP5 only

B. IP5 only
C. IP1, IP3, and IP5 only
D. IP3 only
E. IP2 and IP4 only

Answer: D

Explanation:
Only static IPv4 addresses in the Standard SKU are supported. IPv6 doesn’t support NAT. Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-overview

NEW QUESTION 17
- (Exam Topic 3)
You have an Azure virtual network named Vnet1.
You need to ensure that the virtual machines in Vnet1 can access only the Azure SQL resources in the East US Azure region. The virtual machines must be
prevented from accessing any Azure Storage resources.
Which two outbound network security group (NSG) rules should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. an allow rule that has the IP address range of Vnet1 as the source and destination of Sql.EastUS
B. a deny rule that has a source of VirtualNetwork and a destination of Sql
C. a deny rule that has a source of VirtualNetwork and a destination of 168.63.129.0/24
D. a deny rule that has the IP address range of Vnet1 as the source and destination of Storage

Answer: CD

NEW QUESTION 21
- (Exam Topic 3)
You plan to publish a website that will use an FQDN of www.contoso.com. The website will be hosted by using the Azure App Service apps shown in the following
table.

You plan to use Azure Traffic Manager to manage the routing of traffic for www.contoso.com between AS1 and AS2.
You need to ensure that Traffic Manager routes traffic for www.contoso.com. Which DNS record should you create?

A. two A records that map wmv.contoso.com to 131 107 100 1 and 131 107 200 1
B. a CNAME record that maps www.contoso.com to TMprofile1.azurefd.net
C. a CNAME record that mapswww.contoso.comtoTMprofile1.trafficmanager.net
D. a TXT record that contains a string ofas1.contoso.com and as2.contoso.com in the details

Answer: C

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/traffic-manager/quickstart-create-traffic-manager-profile https://docs.microsoft.com/en-us/azure/app-service/configure-
domain-traffic-manager

NEW QUESTION 22
- (Exam Topic 3)
You have the Azure Traffic Manager profiles shown in the following table.

You plan to add the endpoints shown in the following table.

Which endpoints can you add to Profile2?

A. Endpoint1 and Endpoint4 only

B. Endpoint1, Endpoint2, Endpoint3, and Endpoint4
C. Endpoint1 only
D. Endpoint2 and Endpoint3 only
E. Endpoint3 only

Answer: A

NEW QUESTION 24
- (Exam Topic 3)
Azure virtual networks in the East US Azure region as shown in the following table.

The virtual networks are peered to one another. Each virtual network contains four subnets.
You plan to deploy a virtual machine named VM1 that will inspect and route traffic between all the subnets on both the virtual networks.
What is the minimum number of IP addresses that you must assign to VM1?

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

A. 1
B. 2
C. 4
D. 8

Answer: A

NEW QUESTION 28
- (Exam Topic 3)
You have a website that uses an FQDN of www.contoso.com. The DNS record tor www.contoso.com resolves to an on-premises web server.
You plan to migrate the website to an Azure web app named Web1. The website on Web1 will be published by using an Azure Front Door instance named
ContosoFD1.
You build the website on Web1.
You plan to configure ContosoFD1 to publish the website for testing.
When you attempt to configure a custom domain for www.contoso.com on ContosoFD1, you receive the error message shown in the exhibit.

You need to test the website and ContosoFD1 without affecting user access to the on-premises web server. Which record should you create in the contoso.com
DNS domain?

A. a CNAME record that maps www.contoso.com to ContosoFD1.azurefd.net

B. a CNAME record that maps www.contoso.com to Web1.contoso.com
C. a CNAME record that maps afdverify.www.contoso.com to ContosoFD1.azurefd.net
D. a CNAME record that maps afdverify.www.contoso.com to afdverify.ContosoFD1.azurefd.net

Answer: A

NEW QUESTION 32
- (Exam Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have two Azure virtual networks named Vnet1 and Vnet2.
You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-to-Site (P2S) IKEv2 VPN.
You implement virtual network peering between Vnet1 and Vnet2. Vnet1 allows gateway transit. Vnet2 can use the remote gateway.
You discover that Client1 cannot communicate with Vnet2. You need to ensure that Client1 can communicate with Vnet2. Solution: You enable BGP on the
gateway of Vnet1.
Does this meet the goal?

A. Yes
B. No

Answer: B

Explanation:
The VPN client must be downloaded again if any changes are made to VNet peering or the network topology. Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site-routing

NEW QUESTION 36
- (Exam Topic 3)
You are configuring two network virtual appliances (NVAs) in an Azure virtual network. The NVAs will be used to inspect all the traffic within the virtual network.
You need to provide high availability for the NVAs. The solution must minimize administrative effort. What should you include in the solution?

A. Azure Standard Load Balancer

B. Azure Traffic Manager
C. Azure Application Gateway

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

D. Azure Front Door

Answer: A

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/dmz/nva-ha?tabs=cli

NEW QUESTION 37
- (Exam Topic 3)
You have an Azure virtual network named Vnet1 and an on-premises network.
The on-premises network has policy-based VPN devices. In Vnet1, you deploy a virtual network gateway named GW1 that uses a SKU of VpnGw1 and is route-
based.
You have a Site-to-Site VPN connection for GW1 as shown in the following exhibit.

You need to ensure that the on-premises network can connect to the route-based GW1. What should you do before you create the connection?

A. Set Use Azure Private IP Address to Enabled

B. Set IPsec / IKE policy to Custom.
C. Set Connection Mode to ResponderOnly
D. Set BGP to Enabled

Answer: A

NEW QUESTION 39
- (Exam Topic 3)
You have the Azure resources shown in the following table.

You configure storage1 to provide access to the subnet in Vnet1 by using a service endpoint.
You need to ensure that you can use the service endpoint to connect to the read-only endpoint of storage1 in the paired Azure region.
What should you do first?

A. Configure the firewall settings for storage1.

B. Fail over storage1 to the paired Azure region.
C. Create a virtual network in the paired Azure region.
D. Create another service endpoint.

Answer: A

NEW QUESTION 42
- (Exam Topic 3)
You plan to configure BGP for a Site-to-Site VPN connection between a datacenter and Azure. Which two Azure resources should you configure? Each correct
answer presents a part of the solution.
(Choose two.)
NOTE: Each correct selection is worth one point.

A. a virtual network gateway

B. Azure Application Gateway
C. Azure Firewall
D. a local network gateway
E. Azure Front Door

Answer: AD

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/bgp-howto

NEW QUESTION 44
- (Exam Topic 3)
You have an Azure virtual network named Vnet1 that hosts an Azure firewall named FW1 and 150 virtual machines. Vnet1 is linked to a private DNS zone named
contoso.com. All the virtual machines have their name registered in the contoso.com zone.
Vnet1 connects to an on-premises datacenter by using ExpressRoute.
You need to ensure that on-premises DNS servers can resolve the names in the contoso.com zone. Which two actions should you perform? Each correct answer
presents part of the solution.
NOTE: Each correct selection is worth one point.

A. On the on-premises DNS servers, configure forwarders that point to the frontend IP address of FW1.
B. On the on-premises DNS servers, configure forwarders that point to the Azure provided DNS service at 168.63.129.16.
C. Modify the DNS server settings of Vnet1.
D. For FW1, enable DNS proxy.
E. For FW1, configure a custom DNS server.

Answer: AC

NEW QUESTION 46
- (Exam Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the
stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled. You configure the application gateway to direct traffic to the URL
of the application gateway.
You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.

You need to ensure that the URL is accessible through the application gateway.
Solution: You create a WAF policy exclusion request headers that contain 137.135.10.24. Does this meet the goat?

A. Yes
B. No

Answer: B

NEW QUESTION 51
- (Exam Topic 3)
You have an Azure subscription that contains multiple virtual machines in the West US Azure region. You need to use Traffic Analytics.
Which two resources should you create? Each correct answer presents part of the solution. (Choose two.) NOTE: Each correct answer selection is worth one
point.

A. an Azure Monitor workbook

B. a Log Analytics workspace C a storage account
C. an Azure Sentinel workspace
D. an Azure Monitor data collection rule

Answer: BC

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/traffic-analytics A storage acccount is used to store network security group flow logs.
A Log Analytics workspace is used by Traffic Analytics to store the aggregated and indexed data that is then used to generate the analytics.
https://docs.microsoft.com/en-us/azure/network-watcher/traffic-analytics#enable-flow-log-settings

NEW QUESTION 53
- (Exam Topic 3)
You have the network topology shown in the Topology exhibit. (Click the Topology tab.)

You have the Azure firewall shown in the Firewall 1 exhibit. (Click the Firewall tab.)

You have the route table shown in the RouteTable1 exhibit. (Click the RouteTable1 tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

A. Mastered
B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 58
......

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

 Welcome to download the Newest 2passeasy AZ-700 dumps
https://www.2passeasy.com/dumps/AZ-700/ (105 New Questions)

THANKS FOR TRYING THE DEMO OF OUR PRODUCT

Visit Our Site to Purchase the Full Set of Actual AZ-700 Exam Questions With Answers.

We Also Provide Practice Exam Software That Simulates Real Exam Environment And Has Many Self-Assessment Features. Order the
AZ-700 Product From:

https://www.2passeasy.com/dumps/AZ-700/

Money Back Guarantee

AZ-700 Practice Exam Features:

* AZ-700 Questions and Answers Updated Frequently

* AZ-700 Practice Questions Verified by Expert Senior Certified Staff

* AZ-700 Most Realistic Questions that Guarantee you a Pass on Your FirstTry

* AZ-700 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year

Passing Certification Exams Made Easy visit - https://www.2PassEasy.com

Powered by TCPDF (www.tcpdf.org)