2023 AZ-700 Question Bank Free PDF Download Recently Updated Questions [Q43-Q65]

2023 AZ-700 Question Bank: Free PDF Download Recently Updated Questions

AZ-700 Certification Exam Dumps with 120 Practice Test Questions

Objective of Microsoft AZ-700 Exam

The objective of Microsoft AZ-700 certification exam is to test that an individual has the skills and knowledge required to be a Microsoft Azure administrator. The hands-on experience needed for passing AZ-700 exam can be got through vMBBs training. Logging and troubleshooting a client connection can be the best way for an individual to get the experience they need for passing AZ-700 exam. To make it easier for an individual to work on their organizations projects, the use of Vmss can be used. Radius zones can be used to manage and monitor a wireless network. Create the necessary tools to assist an individual with their organizations projects. Netflow can be used to monitor and analyze network activity. The use of Netflow makes it easy for organizations to monitor and analyze network activity. Managed network printers can make it easier for an individual to find information about their organizations printers. The use of a managed network printer will make it easier for an individual to find information about their organizations printers. Interface can make it easier for an individual to setup and run their organizations projects.

Expert advisor software can be used to customize the network connection. Using expert advisor makes it easier for an individual to customize the network connection. Connections can be used to monitor and analyze network activity. Files from the cloud can be used to obtain any type of file an individual might need. The use of files from the cloud makes it easy for an individual to obtain any type of file they might need. Accounts can assist individuals with their organizations projects. Microsoft AZ-700 Dumps can make it easier for individuals to prepare for the exam. The profile can assist individuals with their organizations projects. Confidence management can be used to monitor and analyze the network connection. The use of confidence management makes it easier for an individual to monitor and analyze the network connection. Security for a centralized authentication can be used to ensure that the identity of a user is protected. Share point 2013 can be used to maintain employee working files. Using sharepoint 2013 makes it easier for an individual to maintain the working files of the individuals of their organization. Using services like SharePoint can make it easier for an individual to maintain the working files of their organizations employees.

Brief Overview of the Exam

Exam AZ-700 is also known as Designing and Implementing Microsoft Azure Networking Solutions. The exam testifies that you are able to deal with hybrid networking, apply core networking infrastructure, design routing and apply it, protect networks, and create and apply private access to Azure Services. The exam includes 40-60 questions of various types which you need to complete within 100 or 120 minutes. The duration depends on the inclusion of the lab questions in the test or not. Also, be ready to pay the exam fee, which is $165. Your success in the test will be marked by scoring 700 points in the test.

 

NEW QUESTION 43
You need to prepare Vnet1 for the deployment of an ExpressRoute gateway. The solution must meet the hybrid connectivity requirements and the business requirements.
Which three actions should you perform in sequence for Vnet1? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

1 - Set the subnet mask of GatewaySubnet to /27.
2 - Assign a user defined route to GatewaySubnet.
3 - Create a VPN gateway by using the Basic SKU.

 

NEW QUESTION 44
You have two Azure virtual networks named Hub1 and Spoke1. Hub1 connects to an on-premises network by using a Site-to-Site VPN connection.
You are implementing peering between Hub1 and Spoke1.
You need to ensure that a virtual machine connected to Spoke1 can connect to the on-premises network through Hub1.
How should you complete the PowerShell script? To answer, drag the appropriate values to the correct targets. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybrid-networking/hub-spoke?tabs=cli#virtual-network-peering

 

NEW QUESTION 45
You configure a route table named RT1 that has the routes shown in the following table.

You have an Azure virtual network named Vnet1 that has the subnets shown in the following table.

You have the resources shown in the following table.

Vnet1 connects to an ExpressRoute circuit. The on-premises router advertises the following routes:
* 0.0.0.0/0
* 10.0.0.0/16
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 46
You have the Azure Traffic Manager profiles shown in the following table.

You plan to add the endpoints shown in the following table.

Which endpoints can you add to Profile2?

• A. Endpoint3 only
• B. Endpoint1 and Endpoint4 only
• C. Endpoint2 and Endpoint3 only
• D. Endpoint1 only
• E. Endpoint1, Endpoint2, Endpoint3, and Endpoint4

Answer: B

Explanation:
Topic 1, Contoso
Existing Environment:
Azure Network Infrastructure
Contoso has an Azure Active Directory (Azure AD) tenant named contoso.com.
The Azure subscription contains the virtual networks shown in the following table.

Vnet1 contains a virtual network gateway named GW1.
Azure Virtual Machines
The Azure subscription contains virtual machines that run Windows Server 2019 as shown in the following table.

The NSGs are associated to the network interfaces on the virtual machines. Each NSG has one custom security rule that allows RDP connections from the internet. The firewall on each virtual machine allows ICMP traffic.
An application security group named ASG1 is associated to the network interface of VM1.
Azure Private DNS Zones
The Azure subscription contains the Azure private DNS zones shown in the following table.

Zone1.contoso.com has the virtual network links shown in the following table.

Other Azure Resources
The Azure subscription contains additional resources as shown in the following table.

Requirements:
Virtual Network Requirements
Contoso has the following virtual networks requirements:
* Create a virtual network named Vnet6 in West US that will contain the following resources and configurations:
Two container groups that connect to Vnet6
Three virtual machines that connect to Vnet6
Allow VPN connections to be established to Vnet6
Allow the resources in Vnet6 to access KeyVault1, DB1, and Vnet1 over the Microsoft backbone network
* The virtual machines in Vnet4 and Vnet5 must be able to communicate over the Microsoft backbone network.
* A virtual machine named VM-Analyze will be deployed to Subnet1. VM-Analyze must inspect the outbound network traffic from Subnet2 to the internet.
Network Security Requirements
Contoso has the following network security requirements:
* Configure Azure Active Directory (Azure AD) authentication for Point-to-Site (P2S) VPN users.
* Enable NSG flow logs for NSG3 and NSG4.
* Create an NSG named NSG10 that will be associated to Vnet1/Subnet1 and will have the custom inbound security rules shown in the following table.

* Create an NSG named NSG11 that will be associated to Vnet1/Subnet2 and will have the custom outbound security rules shown in the following table.

 

NEW QUESTION 47
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.
You configure the application gateway to direct traffic to the URL of the application gateway.
You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.

You need to ensure that the URL is accessible through the application gateway.
Solution: You create a WAF policy exclusion for request headers that contain 137.135.10.24.
Does this meet the goal?

• A. Yes
• B. No

Answer: B

 

NEW QUESTION 48
You need to restrict traffic from VMScaleSet1 to VMScaleSet2. The solution must meet the virtual networking requirements.
What is the minimum number of custom NSG rules and NSG assignments required? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Topic 1, Litware. Inc
Existing Environment:
Hybrid Environment
The on-prernises network contains an Active Directory forest named litwareinc.com that syncs to an Azure Active Directory (Azure AD) tenant named litwareinc.com by usinq Azure AD Connect.
All the offices connect to a virtual network named Vnetl by using a Site-to-Site VPN connection.
Azure Environment
Litware has an Azure subscription named Sub1 that is linked to the litwareinc.com Azure AD tenant. Sub1 contains resources in the East US Azure region as shown in the following table.

There is bidirectional peering between Vnet1 and Vnet2. There is bidirectional peering between Vnet1 and Vnet3. Currently, Vnet2 and Vnet3 cannot communicate directly.
Requirements:
Business Requirements
Litware wants to minimize costs whenever possible, as long as all other requirements are met.
Virtual Networking Requirements
Litware identifies the following virtual networking requirements:
* Direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 to the Boston datacenter over an ExpressRoute circuit.
* Ensure that the records in the cloud.litwareinc.com zone can be resolved from the on-premises locations.
* Automatically register the DNS names of Azure virtual machines to the cloud.litwareinc.com zone.
* Minimize the size of the subnets allocated to platform-managed services.
* Allow traffic from VMScaleSet1 to VMScaleSet2 on the TCP port 443 only.
Hybrid Networking Requirements
Litware identifies the following hybrid networking requirements:
* Users must be able to connect to Vnet1 by using a Point-to-Site (P2S) VPN when working remotely. Connections must be authenticated by Azure AD.
* Latency of the traffic between the Boston datacenter and all the virtual networks must be minimized.
* The Boston datacenter must connect to the Azure virtual networks by using an ExpressRoute FastPath connection.
* Traffic between Vnet2 and Vnet3 must be routed through Vnet1.
PaaS Networking Requirements
Litware identifies the following networking requirements for platform as a service (PaaS):
* The storage1 account must be accessible from all on-premises locations without exposing the public endpoint of storage1.
* The storage2 account must be accessible from Vnet2 and Vnet3 without exposing the public endpoint of storage2.

 

NEW QUESTION 49
You have Azure App Service apps in the West US Azure region as shown in the following table.

You need to ensure that all the apps can access the resources in a virtual network named Vnet1 without forwarding traffic through the internet-How many integration subnets should you create?

• A. 0
• B. 1
• C. 2
• D. 3
• E. 4

Answer: B

Explanation:
One integration subnet is required per App Service Plan regardless of how many apps are running in the App Service Plan.
Reference:
https://docs.microsoft.com/en-us/azure/app-service/overview-vnet-integration

 

NEW QUESTION 50
Your company has offices in Montreal. Seattle, and Paris. The outbound traffic from each office originates from a specific public IP address.
You create an Azure Front Door instance named FD1 that has Azure Web Application Firewall (WAF) enabled. You configure a WAF policy named Policy! that has a rule named Rule1. Rule1 applies a rate limit of 100 requests for traffic that originates from the office in Montreal.
You need to apply a rate limit of 100 requests for traffic that originates from each office.
What should you do?

• A. Modify the rate limit threshold of Rule1.
• B. Create two additional associations.
• C. Modify the rule type of Rule1.
• D. Modify the conditions of Rule1.

Answer: D

 

NEW QUESTION 51
You need to restrict traffic from VMScaleSet1 to VMScaleSet2. The solution must meet the virtual networking requirements.
What is the minimum number of custom NSG rules and NSG assignments required? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, text, application Description automatically generated

Box 2: One NSG
The minimum requirement is one NSG. You could attach the NSG to VMScaleSet1 and restrict outbound traffic, or you could attach the NSG to VMScaleSet2 and restrict inbound traffic. Either way you would need two custom NSG rules.
Box 1: Two custom rules
With the NSG attached to VMScaleSet2, you would need to create a custom rule blocking all traffic from VMScaleSet1. Then you would need to create another custom rule with a higher priority than the first rule that allows traffic on port 443.
The default rules in the NSG will allow all other traffic to VMScaleSet2.

 

NEW QUESTION 52
You need to configure GW1 to meet the network security requirements for the P2S VPN users.
Which Tunnel type should you select in the Point-to-site configuration settings of GW1?

• A. IKEv2
• B. IKEv2 and OpenVPN (SSL)
• C. OpenVPN (SSL)
• D. SSTP (SSL)
• E. IKEv2 and SSTP (SSL)

Answer: C

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/openvpn-azure-ad-tenant

 

NEW QUESTION 53
FirewallPolicy1 contains the following rules:
* Allow outbound traffic from Vnet1 and Vnet2 to the internet.
* Allow any traffic between Vnet1 and Vnet2.
No custom private endpoints, service endpoints, routing tables, or network security groups (NSGs) were created. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 54
You have an Azure subscription that contains the virtual machines shown in the following table.

Subnet1 and Subnet2 are associated to a network security group (NSG) named NSG1 that has the following outbound rule:
Priority: 100
Port: Any
Protocol: Any
Source: Any
Destination: Storage
Action: Deny
You create a private endpoint that has the following settings:
Name: Private1
Resource type: Microsoft.Storage/storageAccounts
Resource: storage1
Target sub-resource: blob
Virtual network: Vnet1
Subnet: Subnet1
For each of the following statements, select Yes of the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 55
You have an Azure application gateway named AGW1 that has a routing rule named Rule1. Rule 1 directs traffic for http://www.contoso.com to a backend pool named Pool1. Pool1 targets an Azure virtual machine scale set named VMSS1.
You deploy another virtual machine scale set named VMSS2.
You need to configure AGW1 to direct all traffic for http://www.adatum.com to VMSS2.
The solution must ensure that requests to http://www.contoso.com continue to be directed to Pool1.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

• A. Modify an HTTP setting.
• B. Add a listener.
• C. Add a rule.
• D. Add an HTTP setting.
• E. Add a backend pool.

Answer: B,C,E

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/configuration-overview

 

NEW QUESTION 56
You have the network security groups (NSGs) shown in the following table.

In NSG1, you create inbound rules as shown in the following table.

You have the Azure virtual machines shown in the following table.

NSG2 has only the default rules configured.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 57
You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2.
You have the NAT gateway shown in the NATgateway1 exhibit.

You have the virtual machine shown in the VM1 exhibit.

Subnet1 is configured as shown in the Subnet1 exhibit.

For each of the following statements, select Yes of the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/nat-gateway/nat-gateway-resource

 

NEW QUESTION 58
You have the network security groups (NSGs) shown in the following table.

In NSG1, you create inbound rules as shown in the following table.

You have the Azure virtual machines shown in the following table.

NSG2 has only the default rules configured.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 59
Your company has an Azure virtual network named Vnet1 that uses an IP address space of 192.168.0.0/20. Vnet1 contains a subnet named Subnet1 that uses an IP address space of 192.168.0.0/24.
You create an IPv6 address range to Vnet1 by using a CIDR suffix of /48.
You need to enable the virtual machines on Subnet1 to communicate with each other by using IPv6 addresses assigned by the company. The solution must minimize the number of additional IPv4 addresses.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/ipv6-overview
https://docs.microsoft.com/en-us/azure/virtual-network/ipv6-add-to-existing-vnet-powershell

 

NEW QUESTION 60
You are planning an Azure solution that will contain the following types of resources in a single Azure region:
Virtual machine
Azure App Service
Virtual Network gateway
Azure SQL Managed Instance
App Service and SQL Managed Instance will be delegated to create resources in virtual networks.
You need to identify how many virtual networks and subnets are required for the solution. The solution must minimize costs to transfer data between virtual networks.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-for-azure-services#services-that-can-be-deployed-into-a-virtual-network

 

NEW QUESTION 61
You have the network security groups (NSGs) shown in the following table.

In NSG1, you create inbound rules as shown in the following table.

You have the Azure virtual machines shown in the following table.

NSG2 has only the default rules configured.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 62
You have five virtual machines that run Windows Server. Each virtual machine hosts a different web app.
You plan to use an Azure application gateway to provide access to each web app by using a hostname of www.contoso.corn and a different URL path for each web app, for example: https://www.contoso.com/app1.
You need to control the flow of traffic based on the URL path.
What should you configure?

• A. listeners
• B. rules
• C. HTTP settings
• D. rewrites

Answer: B

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/url-route-overview

 

NEW QUESTION 63
You have an Azure application gateway named AppGw1.
You need to create a rewrite rule for AppGw1. The solution must rewrite the URL of requests from https://www.contoso.com/fashion/shirts to ttps://www.contoso.com/buy.aspx?category-fashion&product=shirts.
How should you complete the rule? To answer NOTE: Each correct selection is worth one point appropriate options in the answer area.

Answer:

Explanation:

 

NEW QUESTION 64
You have a hybrid environment that uses ExpressRoute to connect an on-premises network and Azure.
You need to log the uptime and the latency of the connection periodically by using an Azure virtual machine and an on-premises virtual machine.
What should you use?

• A. Azure Monitor
• B. Azure Internet Analyzer
• C. Connection Monitor
• D. IP flow verify

Answer: C

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/network-watcher/connection-monitor

 

NEW QUESTION 65
......

Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions (beta)

Candidates for this exam should have subject matter expertise in planning, implementing, and maintaining Azure networking solutions, including hybrid networking, connectivity, routing, security, and private access to Azure services.

Candidates for this exam should also have expert Azure administration skills, in addition to extensive experience and knowledge of networking, hybrid connections, and network security.

Part of the requirements for: Microsoft Certified: Azure Network Engineer Associate

Download exam skills outline

 

New AZ-700 Exam Dumps with High Passing Rate: https://actualtests.crampdf.com/AZ-700-exam-prep-dumps.html