HOTSPOT - You have an Azure subscription that contains the virtual networks shown in the following table. The subscription contains the virtual machines shown in the following table. You create a load balancer named LB1 that has the following configurations: • SKU: Basic • Type: Internal • Subnet: Subnet12 • Virtual network: VNet1 For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Question 152
HOTSPOT - You have an Azure subscription. The subscription contains an Azure application gateway that has the following configurations: • Name: AppGW1 • Tier: Standard V2 • Autoscaling: Disabled You create an Azure AD user named User1. You need to ensure that User1 can change the tier of AppGW1. The solution must use the principle of least privilege. Which role should you assign to User1, and to which tiers can AppGW1 be changed? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 153
You have an Azure subscription that contains the following resources: • A virtual network named Vnet1 • Two subnets named subnet1 and AzureFirewallSubnet • A public Azure Firewall named FW1 • A route table named RT1 that is associated to Subnet1 • A rule routing of 0.0.0.0/0 to FW1 in RT1 After deploying 10 servers that run Windows Server to Subnet1, you discover that none of the virtual machines were activated. You need to ensure that the virtual machines can be activated. What should you do?
Question 154
You have an Azure subscription that contains the following resources: • A virtual network named Vnet1 • Two subnets named subnet1 and AzureFirewallSubnet • A public Azure Firewall named FW1 • A route table named RT1 that is associated to Subnet1 • A rule routing of 0.0.0.0/0 to FW1 in RT1 After deploying 10 servers that run Windows Server to Subnet1, you discover that none of the virtual machine operating systems were activated. You need to ensure that the virtual machines can be activated. What should you do?
Question 155
DRAG DROP - You have an Azure subscription. You plan to deploy Azure Front Door with Azure Web Application Firewall (WAF). You plan to implement custom rules and managed rules that meet the following requirements: • Block malicious bots. • Throttle client IP addresses that exceed 100 connections per minute. You need to identify which Front Door SKU to configure, and which type of rule to configure for each requirement. The solution must minimize administrative effort and costs. What should you identify? To answer, drag the appropriate options to the correct targets. Each option may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Question 156
HOTSPOT - You have an Azure application gateway. You need to create a rewrite rule that will remove the origin port from the HTTP header of incoming requests that are being forwarded to the backend pool. How should you configure each setting? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 157
You have an Azure virtual machine named VM1. You need to capture all the network traffic of VM1 by using Azure Network Watcher. To which locations can the capture be written?
Once your packet capture session has completed, the capture file is uploaded to blob storage or to a local file on the virtual machine. The storage location of the packet capture is defined during creation of the packet capture. Reference: https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-packet-capture-manage-portal
Question 158
You have an Azure virtual network that contains the subnets shown in the following table. You deploy an Azure firewall to AzureFirewallSubnet. You route all traffic from Subnet2 through the firewall. You need to ensure that all the hosts on Subnet2 can access an external site located at https://*.contoso.com. What should you do?
You have an Azure Web Application Firewall (WAF) policy in prevention mode that is associated to an Azure Front Door instance. You need to configure the policy to meet the following requirements: - Log all connections from Australia. - Deny all connections from New Zealand. - Deny all further connections from a network of 131.107.100.0/24 if there are more than 100 connections during one minute. What is the minimum number of objects you should create?
You have an Azure subscription that contains multiple virtual machines in the West US Azure region. You need to use Traffic Analytics. Which two resources should you create? Each correct answer presents part of the solution. (Choose two.) NOTE: Each correct answer selection is worth one point.
