Win IT Exam with Last Dumps 2025

Microsoft AZ-700 Exam

Page 19/24
Viewing Questions 181 190 out of 231 Questions
79.17%

Question 181
You have an Azure subscription that contains the following resources:
• A virtual network named Vnet1
• Two subnets named subnet1 and AzureFirewallSubnet
• A public Azure Firewall named FW1
• A route table named RT1 that is associated to Subnet1
• A rule routing of 0.0.0.0/0 to FW1 in RT1
After deploying 10 servers that run Windows Server to Subnet1, you discover that none of the virtual machines were activated.
You need to ensure that the virtual machines can be activated.
What should you do?
A. On FW1, create an outbound network rule that allows traffic to the Azure Key Management Service (KMS).
B. On FW1, create an outbound service tag rule for Azure Cloud.
C. Deploy a NAT gateway.
D. On FW1, configure a DNAT rule for port 1688.

Question 182
SIMULATION
-
AZ-700_182Q.png related to the Microsoft AZ-700 Exam

Username and password
-
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Azure Username: [email protected]
Azure Password: xxxxxxxxxx
-
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the
portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 12345678
-
You need to create an Azure Firewall instance named FW1 that meets the following requirements:
• Has an IP address from the address range of 10.1.255.0/24
• Uses a new Premium firewall policy named FW-policy1
• Routes traffic directly to the internet
To complete this task, sign in to the Azure portal.

AZ-700_182E.png related to the Microsoft AZ-700 Exam

Question 183
SIMULATION
-
AZ-700_183Q.png related to the Microsoft AZ-700 Exam

Username and password
-
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Azure Username: [email protected]
Azure Password: xxxxxxxxxx
-
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the
portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 12345678
-
You plan to implement an Azure application gateway in the East US Azure region. The
application gateway will have Web Application Firewall (WAF) enabled.
You need to create a policy that can be linked to the planned application gateway. The policy must block connections from IP addresses in the 131.107.150.0/24 range. You do NOT need to provision the application gateway to complete this task.
To complete this task, sign in to the Azure portal.

AZ-700_183E.png related to the Microsoft AZ-700 Exam

Question 184
SIMULATION
-
AZ-700_184Q.png related to the Microsoft AZ-700 Exam

Username and password
-
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Azure Username: [email protected]
Azure Password: xxxxxxxxxx
-
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the
portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance: 12345678
-
You need to configure VNET1 to log all events and metrics. The solution must ensure that you can query the events and metrics directly from the Azure portal by using KQL.
To complete this task, sign in to the Azure portal.

AZ-700_184E.png related to the Microsoft AZ-700 Exam

Question 185
You have an Azure subscription that contains a virtual network named Vnet1. Vnet1 contains 20 subnets and 500 virtual machines. Each subnet contains a virtual machine that runs network monitoring software.
You have a network security group (NSG) named NSG1 associated to each subnet.
When a new subnet is created in Vnet1 an automated process creates an additional network monitoring virtual machine in the subnet and links the subnet to NSG1.
You need to create an inbound security rule in NSG1 that will allow connections to the network monitoring virtual machines from an IP address of 131.107.1.15. The solution must meet the following requirements:
• Ensure that only the monitoring virtual machines receive a connection from 131.1071.15.
• Minimize changes to NSG1 when a new subnet is created.
What should you use as the destination in the inbound security rule?
A. an application security group
B. a service tag
C. a virtual network
D. an IP address


Question 186
You have an Azure subscription that contains the resources shown in the following table.
AZ-700_186Q.png related to the Microsoft AZ-700 Exam
Subnet1 contains three virtual machines that host an app named App1. App1 is accessed by using the SFTP protocol.
From NSG1, you configure an inbound security rule named Rule2 that allows inbound SFTP connections to ASG1.
You need to ensure that the inbound SFTP connections are managed by using ASG1. The solution must minimize administrative effort.
What should you do?
A. From NSG1, modify the priority of Rule2.
B. From each virtual machine, associate the network interface to ASG1.
C. From Subnet1, create a subnet delegation.
D. From ASG1, modify the role assignments.

Question 187
You have an Azure subscription that contains the resources shown in the following table.
AZ-700_187Q.png related to the Microsoft AZ-700 Exam
Users on HP1 connect to App1 by using a URL of https://app1.contoso.com.
You need to ensure that the IDPS on FW1 can identify security threats in the connections from HP1 to Server1.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Enable TLS inspection for FW1.
B. Import a server certificate to KV1.
C. Enable threat intelligence for FW1.
D. Add an application group to HP1.
E. Add a secured virtual network to FW1.

Question 188
HOTSPOT -
You are implementing the virtual network requirements for VM-Analyze.
What should you include in a custom route that is linked to Subnet2? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-700_188Q.png related to the Microsoft AZ-700 Exam
Image AZ-700_188R.png related to the Microsoft AZ-700 Exam
Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview

Question 189
HOTSPOT
-
You have the Azure firewall shown in the following exhibit.
AZ-700_189Q_1.png related to the Microsoft AZ-700 Exam
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
AZ-700_189Q_2.png related to the Microsoft AZ-700 Exam
Image AZ-700_189R.png related to the Microsoft AZ-700 Exam

Question 190
HOTSPOT
-
You have an Azure subscription that contains 10 virtual machines. The virtual machines are assigned private IP addresses. The subscription contains the resources shown in the following table.
AZ-700_190Q_1.png related to the Microsoft AZ-700 Exam
You need to configure FWPolicy1 to meet the following requirements:
• Allow incoming connections to the virtual machines from the internet on port 4567.
• Block outbound connections from the virtual machines to an FQDN of *.fabrikam.com.
What should you configure in FWPolicy1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-700_190Q_2.png related to the Microsoft AZ-700 Exam
Image AZ-700_190R.png related to the Microsoft AZ-700 Exam