Win IT Exam with Last Dumps 2025

Microsoft AZ-700 Exam

Page 13/24
Viewing Questions 121 130 out of 231 Questions
54.17%

Question 121
DRAG DROP -
You have an Azure Front Door instance named FrontDoor1.
You deploy two instances of an Azure web app to different Azure regions.
You plan to provide access to the web app through FrontDoor1 by using the name app1.contoso.com.
You need to ensure that FrontDoor1 is the entry point for requests that use app1.contoso.com.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
AZ-700_121Q.jpg related to the Microsoft AZ-700 Exam
Image AZ-700_121R.jpg related to the Microsoft AZ-700 Exam



Reference:
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-custom-domain#associate-the-custom-domain-with-your-front-door
https://docs.microsoft.com/en-us/azure/frontdoor/quickstart-create-front-door

Question 122
You have a website that uses an FQDN of www.contoso.com. The DNS record for www. contoso.com resolves to an on-premises web server.
You plan to migrate the website to an Azure web app named Web1. The website on Web1 will be published by using an Azure Front Door instance named
ContosoFD1.
You build the website on Web1.
You plan to configure ContosoFD1 to publish the website for testing.
When you attempt to configure a custom domain for www.contoso.com on ContosoFD1, you receive the error message shown in the exhibit. (Click the Exhibit tab.)
AZ-700_122Q.jpg related to the Microsoft AZ-700 Exam
You need to test the website and ContosoFD1 without affecting user access to the on-premises web server.
Which record should you create in the contoso.com DNS domain?



Reference:
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-custom-domain#map-the-temporary-afdverify-subdomain

Question 123
You have the Azure load balancer shown in the Load Balancer exhibit.
AZ-700_123Q_1.jpg related to the Microsoft AZ-700 Exam
LB2 has the backend pools shown in the Backend Pools exhibit.
AZ-700_123Q_2.jpg related to the Microsoft AZ-700 Exam
You need to ensure that LB2 distributes traffic to all the members of VMSS1.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.



Reference:
https://docs.microsoft.com/en-us/azure/load-balancer/quickstart-load-balancer-standard-public-portal?tabs=option-1-create-load-balancer-standard

Question 124
You have an Azure subscription that contains the following resources:
- A virtual network named Vnet1
- Two subnets named subnet1 and AzureFirewallSubnet
- A public Azure Firewall named FW1
- A route table named RT1 that is associated to Subnet 1
- A rule routing of 0.0.0.0/0 to FW1 in RT1
After deploying 10 servers that run Windows Server to Subnet 1, you discover that none of the virtual machines were activated.
You need to ensure that the virtual machines can be activated.
What should you do?



Cause -
The Azure Windows VMs need to connect to the Azure KMS server for Windows activation. The activation requires that the activation request come from an Azure public IP address.
To resolve this problem, use the Azure custom route to route activation traffic to the Azure KMS server.
Reference:
https://docs.microsoft.com/en-us/troubleshoot/azure/virtual-machines/custom-routes-enable-kms-activation

Question 125
You have an Azure Front Door instance that has a single frontend named Frontend1 and an Azure Web Application Firewall (WAF) policy named Policy1. Policy1 redirects requests that have a header containing "string1" to https://www.contoso.com/redirect1. Policy1 is associated to Frontend1.
You need to configure additional redirection settings. Requests to Frontend1 that have a header containing "string2" must be redirected to https:// www.contoso.com/redirect2.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.



E: A WAF policy consists of two types of security rules:
custom rules that are authored by the customer.
managed rule sets that are a collection of Azure-managed pre-configured set of rules.
You can create a fully customized policy that meets your specific application protection requirements by combining managed and custom rules.
A web application delivered by Front Door can have only one WAF policy associated with it at a time.
CF: We create a frontend host and associate it with the Policy.
In the Association tab of the Create a WAF policy page, select + Associate a Front Door profile, enter the following settings, and then select Add:
AZ-700_125E.png related to the Microsoft AZ-700 Exam
Reference:
https://docs.microsoft.com/en-us/azure/web-application-firewall/afds/afds-overview
https://docs.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-create-portal


Question 126
You have 10 Azure App Service instances. Each instance hosts the same web app. Each instance is in a different Azure region.
You need to configure Azure Traffic Manager to direct users to the instance that has the lowest latency.
Which routing method should you use?



Select Performance routing when you have endpoints in different geographic locations and you want end users to use the "closest" endpoint for the lowest network latency.
Reference:
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods

Question 127
Your company has offices in London, Tokyo, and New York.
The company has a web app named App1 that has the Azure Traffic Manager profile shown in the following table.
AZ-700_127Q.jpg related to the Microsoft AZ-700 Exam
In Asia, you plan to deploy an additional endpoint that will host an updated version of App1.
You need to route 10 percent of the traffic from the Tokyo office to the new endpoint during testing.
What should you configure in Traffic Manager?



Need two profiles. Add one Child profile using Weighted routing. One additional trial endpoint, to the existing three, for the Child Profile is needed.
Note 1: Each Traffic Manager profile specifies a single traffic-routing method. However, there are scenarios that require more sophisticated traffic routing than the routing provided by a single Traffic Manager profile. You can nest Traffic Manager profiles to combine the benefits of more than one traffic-routing method.
Note 2: Weighted routing: Select Weighted routing when you want to distribute traffic across a set of endpoints based on their weight. Set the weight the same to distribute evenly across all endpoints.
Reference:
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-nested-profiles
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods

Question 128
HOTSPOT -
You configure a route table named RT1 that has the routes shown in the following table.
AZ-700_128Q_1.jpg related to the Microsoft AZ-700 Exam
You have an Azure virtual network named Vnet1 that has the subnets shown in the following table.
AZ-700_128Q_2.jpg related to the Microsoft AZ-700 Exam
You have the resources shown in the following table.
AZ-700_128Q_3.jpg related to the Microsoft AZ-700 Exam
Vnet1 connects to an ExpressRoute circuit. The on-premises router advertises the following routes:
- 0.0.0.0/0
- 10.0.0.0/16
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-700_128Q_4.jpg related to the Microsoft AZ-700 Exam
Image AZ-700_128R.jpg related to the Microsoft AZ-700 Exam



Box 1: Yes -
NVA1 with IP (NVA-network virtual appliance) 192.168.0.4 is on the DMZ subnet. It will use route 10.0.0.0/16 to the on-premises network.
Box 2: No -
VM2 has IP address 192.168.2.4 and is on the BackEnd subnet. VM2 will not use the RT1 route table, and will not reach the on-premises network through NVA1.
Box 3: Yes -
VM1 with IP address 192.168.1.4 is on the FrontEnd subnet, and will use the RT1 routing table. It will use Route2 and Next Hop IP address 192.168.0.4, IP address of NVA1, to reach VM2.

Question 129
HOTSPOT -
You have an Azure subscription. The subscription contains virtual machines that host websites as shown in the following table.
AZ-700_129Q_1.jpg related to the Microsoft AZ-700 Exam
You have the Azure Traffic Manager profiles shown in the following table.
AZ-700_129Q_2.jpg related to the Microsoft AZ-700 Exam
You have the endpoints shown in the following table.
AZ-700_129Q_3.jpg related to the Microsoft AZ-700 Exam
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-700_129Q_4.jpg related to the Microsoft AZ-700 Exam
Image AZ-700_129R.jpg related to the Microsoft AZ-700 Exam



Box 1: No -
VM1, which is hosting site1.contoso.com, is located in East US. The VM1 endpoint status is degraded. Endpoint monitoring health checks are failing. The endpoint isn't included in DNS responses and doesn't receive traffic.
When an endpoint has a Degraded status, it's no longer returned in response to DNS queries. Instead, an alternative endpoint is chosen and returned. The traffic- routing method configured in the profile determines how the alternative endpoint is chosen.
Priority. Endpoints form a prioritized list. The first available endpoint on the list is always returned. If an endpoint status is Degraded, then the next available endpoint is returned.
The user will connect to site2.us.contoso.com instead.
Box 2: No -
VM3, which is hosting site2.contoso.com, is located in in East US. The VM3 endpoint status is CheckingEndpoint. The endpoint is monitored, but the results of the first probe haven't been received yet. CheckingEndpoint is a temporary state that usually occurs immediately after adding or enabling an endpoint in the profile. An endpoint in this state is included in DNS responses and can receive traffic.
User will connect to site2.contoso.com, not to site2.uk.contoso.com
Box 3: No -
VM3, which is hosting site2.contoso.com, is located in in East US. The VM1 endpoint status is CheckingEndpoint, which is OK (see above).
User will connect to site2.contoso.com, not to site2.japan.contoso.com
Reference:
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-monitoring

Question 130
You have an Azure application gateway configured for a single website that is available at https://www.contoso.com.
The application gateway contains one backend pool and one rule. The backend pool contains two backend servers. Each backend server has an additional website that is available on port 8080.
You need to ensure that if port 8080 is unavailable on a backend server, all the traffic for https://www.contoso.com is redirected to the other backend server.
What should you do?



By default, Azure Application Gateway probes backend servers to check their health status and to check whether they're ready to serve requests. Users can also create custom probes to mention the host name, the path to be probed, and the status codes to be accepted as Healthy. In each case, if the backend server doesn't respond successfully, Application Gateway marks the server as Unhealthy and stops forwarding requests to the server. After the server starts responding successfully, Application Gateway resumes forwarding the requests.
Note: The default probe request is sent in the format of <protocol>://127.0.0.1:<port>/. For example,
http://127.0.0.1:80 for an http probe on port 80. Only HTTP status codes of 200 through 399 are considered healthy. The protocol and destination port are inherited from the HTTP settings. If you want Application Gateway to probe on a different protocol, host name, or path and to recognize a different status code as Healthy, configure a custom probe and associate it with the HTTP settings.
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-backend-health-troubleshooting