Valid AZ-700 Dumps shared by ExamDiscuss.com for Helping Passing AZ-700 Exam! ExamDiscuss.com now offer the newest AZ-700 exam dumps, the ExamDiscuss.com AZ-700 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com AZ-700 dumps with Test Engine here:
Access AZ-700 Dumps Premium Version
(398 Q&As Dumps, 35%OFF Special Discount Code: freecram)
Online Access Free AZ-700 Exam Questions
| Exam Code: | AZ-700 |
| Exam Name: | Designing and Implementing Microsoft Azure Networking Solutions |
| Certification Provider: | Microsoft |
| Free Question Number: | 92 |
| Version: | v2024-02-19 |
| Rating: | |
| # of views: | 531 |
| # of Questions views: | 10390 |
| Go To AZ-700 Questions | |
- Other Version
- 164 viewsMicrosoft.AZ-700.v2025-08-05.q116
- 283 viewsMicrosoft.AZ-700.v2025-04-26.q86
- 276 viewsMicrosoft.AZ-700.v2025-01-24.q98
- 593 viewsMicrosoft.AZ-700.v2024-03-15.q77
- 587 viewsMicrosoft.AZ-700.v2023-12-13.q78
- 498 viewsMicrosoft.AZ-700.v2023-11-13.q66
- 461 viewsMicrosoft.AZ-700.v2023-10-06.q75
- 726 viewsMicrosoft.AZ-700.v2023-02-14.q38
- 689 viewsMicrosoft.AZ-700.v2023-01-30.q43
- 1560 viewsMicrosoft.AZ-700.v2022-06-03.q38
- 2162 viewsMicrosoft.AZ-700.v2022-05-16.q96
- 1867 viewsMicrosoft.AZ-700.v2022-01-31.q37
- 1300 viewsMicrosoft.AZ-700.v2021-12-01.q21
- 1243 viewsMicrosoft.AZ-700.v2021-11-06.q34
- Exam Question List
- Question 1: For each of the following statements, select Yes if the stat...
- Question 2: You have an Azure subscription that is linked to an Azure AD...
- Question 3: You have an Azure subscription that contains a virtual netwo...
- Question 4: You have an Azure subscription that contains the public IP a...
- 1 commentQuestion 5: You have an Azure virtual network named Vnet1 that contains ...
- Question 6: You have an Azure subscription that is linked to an Azure Ac...
- Question 7: You have five virtual machines that run Windows Server. Each...
- 1 commentQuestion 8: You have an Azure subscription that contains the resources s...
- Question 9: You have an Azure Front Door instance that provides access t...
- 1 commentQuestion 10: Your on-premises network contains the subnets shown in the f...
- 1 commentQuestion 11: You have an Azure virtual network named Vnet1 that has one s...
- Question 12: Note: This question is part of a series of questions that pr...
- Question 13: Your company has a single on-premises datacenter in New York...
- Question 14: You have an Azure subscription You plan to use Azure Virtual...
- 1 commentQuestion 15: You have an Azure virtual network named Vnet1. You need to e...
- Question 16: You plan to publish a website that will use an FQDN of www.c...
- Question 17: You have an Azure virtual network named Vnet1 that contains ...
- Question 18: Your company has 10 instances of a web service. Each instanc...
- Question 19: Your company has an office in New York. The company has an A...
- Question 20: You have Azure App Service apps in the West US Azure region ...
- 1 commentQuestion 21: You have two Azure subscriptions named Subscription1 and Sub...
- Question 22: Task 8 You need to ensure that the storage34280945 storage a...
- Question 23: You have an Azure virtual network named Vnet1 that hosts an ...
- 1 commentQuestion 24: You are planning an Azure Front Door deployment that will co...
- Question 25: You have an on-premises network. You have an Azure subscript...
- Question 26: You have an Azure subscription that contains the virtual net...
- Question 27: You have an Azure application gateway named AppGW1 that bala...
- Question 28: You have an Azure virtual network and an on-premises datacen...
- Question 29: You have an internal Basic Azure Load Balancer named LB1 Tha...
- Question 30: You need to ensure that connections to the storage34280945 s...
- Question 31: You have an Azure subscription that contains a virtual netwo...
- Question 32: Note: This question is part of a series of questions that pr...
- Question 33: You have an Azure subscription that contains a virtual netwo...
- Question 34: Which virtual machines can VM1 and VM4 ping successfully? To...
- Question 35: You have an Azure subscription that contains the public IPv4...
- 1 commentQuestion 36: Your company has five offices. Each office has a firewall de...
- Question 37: You plan to configure BGP for a Site-to-Site VPN connection ...
- Question 38: Note: This question is part of a series of questions that pr...
- 1 commentQuestion 39: You have 10 Azure App Service instances. Each instance hosts...
- Question 40: You have two Azure subscriptions named Subscnption1 and Subs...
- 2 commentQuestion 41: You have the Azure virtual networks shown in the following t...
- Question 42: You need to configure the default route in Vnet2 and Vnet3. ...
- Question 43: You have 10 on-premises networks that are connected by using...
- Question 44: You have an Azure virtual network that contains a subnet nam...
- Question 45: You have an Azure subscription that contain a viral network ...
- Question 46: You have three on-premises networks. You have an Azure subsc...
- Question 47: You need to implement a P2S VPN for the users in the branch ...
- Question 48: Task 5 You need to ensure that requests for wwwjelecloud.com...
- Question 49: You have the network security groups (NSGs) shown in the fol...
- Question 50: Note: This question is part of a series of questions that pr...
- Question 51: You create NSG10 and NSG11 to meet the network security requ...
- 1 commentQuestion 52: You have the Azure resources shown in the following table. (...
- Question 53: You have an Azure subscription that contains an Azure App Se...
- 1 commentQuestion 54: In which NSGs can you use ASG1 and to which virtual machine ...
- 1 commentQuestion 55: You have the Azure virtual networks shown in the following t...
- 1 commentQuestion 56: You have an Azure subscription that contains an app named Ap...
- Question 57: You have an Azure subscription. You have the on-premises sit...
- Question 58: You have the Azure Traffic Manager profiles shown in the fol...
- Question 59: You have an Azure subscription that contains an Azure key va...
- 1 commentQuestion 60: Your company has 40 branch offices across North America and ...
- Question 61: You have an Azure private DNS zone named contoso.com that is...
- Question 62: You have an Azure subscription that contains the resources s...
- 1 commentQuestion 63: You need to connect an on-premises network and an Azure envi...
- Question 64: You have a network security group named NSG1. You need to en...
- 1 commentQuestion 65: You have the network topology shown in the Topology exhibit....
- Question 66: Note: This question is part of a series of questions that pr...
- Question 67: Note: This question is part of a series of questions that pr...
- Question 68: You have the Azure environment shown in the following exhibi...
- Question 69: You configure a route table named RT1 that has the routes sh...
- Question 70: You have an Azure application gateway named AppGW1 that prov...
- Question 71: Your on-premises network contains a VPN device. You have an ...
- Question 72: Note: This question is part of a series of questions that pr...
- Question 73: Task 7 You need to ensure that hosts on VNET2 can access hos...
- Question 74: You have an Azure subscription that contains the following r...
- Question 75: You have the hybrid network shown in the Network Diagram exh...
- Question 76: You need to recommend a configuration for the ExpressRoute c...
- Question 77: You have two Azure virtual networks named Vnet1 and Vnet2 in...
- Question 78: You are configuring two network virtual appliances (NVAs) in...
- 1 commentQuestion 79: You plan to deploy an Azure virtual network. You need to des...
- 1 commentQuestion 80: Your company, named Contoso, Ltd, has an Azure subscription ...
- Question 81: You need to restrict traffic from VMScaleSet1 to VMScaleSet2...
- Question 82: You have an application named App1 that listens for incoming...
- Question 83: You have an Azure subscription that contains an app named Ap...
- Question 84: For each of the following statements, select Yes if the stat...
- Question 85: You need to use Traffic Analytics to monitor the usage of ap...
- Question 86: You have a website that uses an FQDN of www.contoso.com. The...
- Question 87: You have an Azure Front Door instance named FD1 that is prot...
- 1 commentQuestion 88: You have an Azure virtual network named Vnet1 and an on-prem...
- Question 89: You have the Azure resources shown in the following table. (...
- Question 90: You have an on-premises network. You have an Azure subscript...
- Question 91: Task 10 You need to configure VNET1 to log all events and me...
- Question 92: You have the Azure load balancer shown in the Load Balancer ...
Recent Comments (The most recent comments are at the top.)
No.# D. Set IPsec / IKE policy to Custom.
In order to ensure that the on-premises network can connect to the route-based virtual network gateway, you need to set the IPsec / IKE policy to Custom. The default policy settings for a virtual network gateway are not compatible with policy-based VPN devices. By setting the IPsec / IKE policy to Custom, you can configure the policy to match the requirements of the on-premises VPN devices.
Option A, "Set Connection Mode to ResponderOnly," is not a valid option for a route-based VPN gateway.
Option B, "Set BGP to Enabled," is not necessary to enable connectivity between a route-based gateway and a policy-based VPN device.
Option C, "Set Use Azure Private IP Address to Enabled," is not relevant to this scenario. This setting is used to specify whether the virtual network gateway should use a private or public IP address for the VPN connection.
No.# typo* i meant C
No.# 3 Backend Pools | 3 Rules
I believe this is a Classic Front Door question. The first reference link provides an overview of classic routing. The questions shows we have a single frontend (contoso.azurefd.net) and there are three paths - /uk, /us, and /images.
The second link shows the three paths would each be a separate rule.
Regarding the number of backend pools, the question states, "...must be routed to [App1uk or App1us]" for the two App Services. The third link does not indicate there is a way to route traffic to a specific app service based on location. However, if we put each app service in its own backend pool, we can have the path rule route to the correct App Service everytime. The Latency routing logic is fine for storage accounts, but not the App Services based on the question requirements.
References
https://learn.microsoft.com/en-us/azure/frontdoor/front-door-routing-architecture?pivots=front-door-classic
https://learn.microsoft.com/en-us/azure/frontdoor/front-door-route-matching?pivots=front-door-classic#frontend-host-matching
https://learn.microsoft.com/en-us/azure/frontdoor/routing-methods...
No.# all GW types and Bastion must have dedicated subnets
No.# Answer seems correct,
Y - it will go through VA which is firewall
Y - there is a peering, so subnet and subnet2 can communicate
N - there is no route for subnet 2 through VA/firewall
No.# The correct answer is route based and two virtual network gateways - one for ExpressRoute connection (ExpressRoute virtual network gateway) and the second for the VPN connection (VPN virtual network gateway).
Check the architecture and read the description at the source.
Source: https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybrid-networking/expressroute-vpn-failover
No.# Answer is 1 STD VWAN + 2 vHUBS and 4 VPNGWY and ER GWY
1 Standard VWAN as it will cross region support and hence connect both regions
2 vHUBS - each region will require one
4 Gateways - Most people i witnessed get this one wrong even in other questions that related to VPN, one MUST know when you create ER or S2S connection, the gateway for ER and S2S are different and hence you need to create one for each - so here 1 for ER and 1 for S2S in each region so total is 4
No.# 1 group: Multi-region active/active deployment: Create a single origin group. Within that origin group, create an origin for each of the App Service apps.
2 origins: Your App Service app might be configured to scale out across worker instances, but from Front Door's perspective there's a single origin.
https://learn.microsoft.com/en-us/azure/frontdoor/front-door-faq
No.# A. a route table associated to Subnet1 -1 and Subnet2-1
No.# Tested
NSG1, NSG2, and NSG5 only : ASG and NSG must be in the same region
VM2 only : network interfaces attached to an ASG must be in the same vNet.
https://docs.microsoft.com/en-us/azure/virtual-network/application-security-groups
No.# ou can share an ExpressRoute circuit across multiple subscriptions.
The circuit owner is the administrator/coadministrator of the subscription in which the ExpressRoute circuit is created. The circuit owner can authorize administrators/coadministrators of other subscriptions, referred to as circuit users, to use the dedicated circuit that they own. Circuit users who are authorized to use the organization's ExpressRoute circuit can link the virtual network in their subscription to the ExpressRoute circuit after they're authorized.
https://learn.microsoft.com/en-us/azure/expressroute/expressroute-howto-linkvnet-classic#administration
Sub1 : An ExpressRoute circuit connection authorization
Sub2 : An ExpressRoute circuit connection
No.# Answer is B.
The Connection Monitor is established per region.
And depending on the region we can connect multiple VMS, VMSS, endpoints and on-premises devices. Since, we have two regions only, we will need to Connection Monitors
No.# Select Performance routing when you have endpoints in different geographic locations and you want end users to use the "closest" endpoint for the lowest network latency.
elect Geographic routing to direct users to specific endpoints (Azure, External, or Nested) based on where their DNS queries originate from geographically. With this routing method, it enables you to be in compliance with scenarios such as data sovereignty mandates, localization of content & user experience and measuring traffic from different regions.
No.# Virtual Wan requires a Wan Hub Gateway, so Gateway1 should be deleted (after the new gateway is connected).
https://learn.microsoft.com/en-us/azure/virtual-wan/migrate-from-hub-spoke-topology#step-5-transition-connectivity-to-virtual-wan-hub
No.# : A Secret in Azure Key Vault + FD93.azurefd.net
Source: https://learn.microsoft.com/en-us/azure/frontdoor/front-door-custom-domain-https
No.# Y,N,Y,
https://learn.microsoft.com/en-us/azure/private-link/create-private-link-service-portal
https://learn.microsoft.com/en-us/azure/private-link/private-link-overview
No.# The correct answers are:
A. an allow rule that has the IP address range of Vnet1 as the source and destination of Sq1.EastUS
D. a deny rule that has the IP address range of Vnet1 as the source and destination of Storage
Explanation:
A. This allow rule will permit the virtual machines in Vnet1 to access the Azure SQL resources in the East US region. The source and destination of the rule should be the IP address range of Vnet1, which will allow the VMs to communicate with the SQL resources.
D. This deny rule will prevent the virtual machines in Vnet1 from accessing any Azure Storage resources. The source and destination of the rule should be the IP address range of Vnet1, which will block the VMs from communicating with the Storage resources.
B. This deny rule is not necessary, as the default behavior of an NSG is to deny any traffic that is not explicitly allowed. There is no need to create a separate deny rule for the VirtualNetwork source and Sq1 destination.
C. This deny rule is not relevant to the given scenario, as it would block access to the 168.63.129.0/24 IP address range, which is used for internal Azure infrastructure purposes and not related to the requirement of restricting access to Azure Storage resources.
Therefore, the two outbound NSG rules that should be created are the allow rule for Vnet1 to Sq1.EastUS (A) and the deny rule for Vnet1 to Storage (D).
Citations:
[1] https://learn.microsoft.com/en-us/sql/relational-databases/security/ledger/ledger-nsg-policies-configure?view=sql-server-ver16
[2] https://learn.microsoft.com/en-us/azure/azure-sql/database/vnet-service-endpoint-rule-overview?view=azuresql
[3] https://www.cloudbolt.io/azure-costs/azure-nsg/
[4] https://learn.microsoft.com/en-us/azure/virtual-network/network-security-group-how-it-works
[5] https://www.site24x7.com/learn/azure-network-security-groups.html...
No.# The correct answer is: B. Create a new subnet. Explanation:
Create a New Subnet First: The question states that Vnet1 currently has "one subnet". To provide App1 with access to the resources in Vnet1, a new subnet needs to be created within Vnet1 first.
Subnet is Required for Private Link: The search results indicate that to use a private link, a private endpoint needs to be created in a subnet within the virtual network. Therefore, creating a new subnet is a necessary first step before configuring the private link.
No.# To configure the LNG1 (Local Network Gateway) in this scenario, you should follow these steps:
Specify the on-premises network address space:
The on-premises network contains two subnets: Subnet1 (192.168.10.0/24) and Subnet2 (192.168.20.0/24).
You should configure the LNG1 local network gateway with the combined address space of these two subnets, which is 192.168.10.0/23.
Specify the on-premises gateway IP address:
The on-premises network contains a firewall named FW1 that uses a public IP address of 131.107.100.200.
You should configure the LNG1 local network gateway with the public IP address of the FW1 firewall, which is 131.107.100.200.
No.# disassciate pip1...
change pip sku to standard
associate pip1..