Microsoft AZ-700 Exam Dumps

 You have an Azure subscription that contains a user named Admin1 and a resource group named RG1. RG1 contains an Azure Network Watcher instance named NW1. You need to ensure that Admin1 can place a lock on NW1. The solution must use the principle of least privilege. Which role should you assign to Admin1?

 Your company has offices in and Amsterdam. The company has an Azure subscription. Both offices connect to Azure by using a Site-to-Site VPN connection. The office in Amsterdam uses resources in the North Europe Azure region. The office in New York uses resources in the East US Azure region. You need to implement ExpressRoute circuits to connect each office to the nearest Azure region. Once the ExpressRoute circuits are connected, the on-premises computers in the Amsterdam office must be able to connect to the on-premises servers in the New York office by using the ExpressRoute circuits. Which ExpressRoute option should you use?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen. You have an Azure subscription that contains an Azure Front Door Premium profile named AFD1 and an Azure Web Application Firewall (WAF) policy named WAF1. AFD1 is associated with WAF1. You need to configure a rate limit for incoming requests to AFD1. Solution: You modify the policy settings of WAF1. Does this meet the goal?

 You have an Azure virtual network named Vnet1. You need to ensure that the virtual machines in Vnet1 can access only the Azure SQL resources in the East US Azure region. The virtual machines must be prevented from accessing any Azure Storage resources. Which two outbound network security group (NSG) rules should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

You have an Azure subscription. The subscription contains a locally-redundant storage 1LRS) account named stoiage1 that is deployed to the US East Azure region and has a Microsoft Storage service endpoint. You set Redundancy for storage 1 to Read-access geo-redundant storage (RA-GRS) You need to ensure that the contents of storage1 will be accessible by using a service endpoint in a paired region. The solution must minimize administrative effort What should you do first?

You are planning the IP addressing for the subnets in Azure virtual networks. Which type of resource requires IP addresses in the subnets?

 You have an Azure subscription that contains a virtual network name Vnet1. Vnet1 contains a virtual machine named VM1 and an Azure firewall named FW1. You have an Azure Firewall Policy named FP1 that is associated to FW1. You need to ensure that RDP requests to the public IP address of FW1 route to VM1. What should you configure on FP1?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have two Azure virtual networks named Vnet1 and Vnet2. You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-toSite (P2S) IKEv2 VPN. You implement virtual network peering between Vnet1 and Vnet2. Vnet1 allows gatewaytransit. Vnet2 can use the remote gateway.You discover that Client1 cannot communicate with Vnet2.You need to ensure that Client1 can communicate with Vnet2.Solution: You enable BGP on the gateway of Vnet1.Does this meet the goal?

You have an Azure virtual network named Vnet1 that hosts an Azure firewall named FW1 and 150 virtual machines. Vnet1 is linked to a private DNS zone named contoso.com. All the virtual machines have their name registered in the contoso.com zone. Vnet1 connects to an on-premises datacenter by using ExpressRoute. You need to ensure that on-premises DNS servers can resolve the names in the contoso.com zone. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

You are planning an Azure Point-to-Site (P2S) VPN that will use OpenVPN.Users will authenticate by using an on-premises Active Directory domain.Which additional service should you deploy to support the VPN authentication?

 You have an Azure Private Link service named PL1 that uses an Azure load balancer named LB1. You need to ensure that PL1 can support a higher volume of outbound traffic. What should you do?

You have an on-premises network named Site1. You have an Azure subscription that contains a storage account named storage1 and a virtual network named VNet1. VNet1 contains a subnet named Subnet1. A private endpoint for storage1 is connected to Subnet1 Site1 is connected to VNet1 by using a Site-to-Site (S2S) VPN. You need to control access to storage1 from Site1 by using network security groups (NSGs). What should you do first?

You have an Azure virtual network and an on-premises datacenter. You need to implement a Site-to-Site VPN connection between the datacenter and the virtual network. Which two resources should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

You have an Azure Front Door instance named FD1 that is protected by using Azure Web Application Firewall (WAF). FD1 uses a frontend host named app1.contoso.com to provide access to Azure web apps hosted in the East US Azure region and the West US Azure region. You need to configure FD1 to block requests to app1.contoso.com from all countries other than the United States. What should you include in the WAF policy?

 You have an Azure subscription that contains multiple virtual machines in the West US Azure region. You need to use Traffic Analytics. Which two resources should you create? Each correct answer presents part of the solution. (Choose two.) NOTE: Each correct answer selection is worth one point.

You have an Azure subscription that is linked to an Azure AD tenant named contoso.onmicrosoft.com. The subscription contains the following resources: • A virtual network named Vnet1 • An App Service plan named ASPI • An Azure App Service named webapp1 • An Azure private DNS zone named private.contoso.com • Virtual machines on Vnet1 that cannot communicate outside the virtual network You need to ensure that the virtual machines on Vnet1 can access webapp1 by using a URL of https:/Avwwprivate.contosocom. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point. 

 You have an Azure Web Application Firewall (WAF) policy in prevention mode that is associated to an Azure Front Door instance.You need to configure the policy to meet the following requirements:Log all connections from Australia. Deny all connections from New Zealand. Deny all further connections from a network of 131.107.100.0/24 if there are more than 100 connections during one minute. What is the minimum number of objects you should create?

You have two Azure subscriptions named Sub1 and Sub2. Sub1 contains a virtual machine named VM1. You plan to make VM1 available to the resources in Sub2 by using Azure Private Link. You need to ensure that the private link service can be configured to provide access to VM1. What should you configure in Sub1 first?

Your company has offices in Montreal. Seattle, and Paris. The outbound traffic from eachoffice originates from a specific public IP address. You create an Azure Front Door instance named FD1 that has Azure Web ApplicationFirewall (WAF) enabled. You configure a WAF policy named Policy! that has a rule named Rule1. Rule1 applies a rate limit of 100 requests for traffic that originates from the office inMontreal.You need to apply a rate limit of 100 requests for traffic that originates from each office.What should you do?

 You have a hybrid environment that uses ExpressRoute to connect an on-premises network and Azure. You need to log the uptime and the latency of the connection periodically by using an Azure virtual machine and an on-premises virtual machine.What should you use?

 You have an Azure subscription that contains a virtual network named VNet1. You deploy several web apps and configure the apps to use private endpoints on VNet1. You need to identity which DNS records the web apps registered automatically. Where will the records be created?

 You have five virtual machines that run Windows Server. Each virtual machine hosts a different web app. You plan to use an Azure application gateway to provide access to each web app by using a hostname of www.contoso.corn and a different URL path for each web app, for example: https://www.contoso.com/app1. You need to control the flow of traffic based on the URL path. What should you configure?

You plan to implement an Azure virtual network that will contain 10 virtual subnets. The subnets will use IPv6 addresses. Each subnet will host up to 200 load-balanced virtual machines. You need to recommend a load balancing solution for the virtual network. The solution must meet the following requirements: • The virtual machines and the load balancer must be accessible only from the virtual network. • Costs must be minimized. What should you include in the recommendation?

You are configuring two network virtual appliances (NVAs) in an Azure virtual network. The NVAs will be used to inspect all the traffic within the virtual network. You need to provide high availability for the NVAs. The solution must minimize administrative effort. What shtraffic ould you include in the solution?

You have an Azure application gateway named AppGW1 that balances requests to a web app named App1. You need to modify the server variables in the response header of App1. What should you configure on AppGW1?