Win IT Exam with Last Dumps 2025

Microsoft AZ-700 Exam

Page 2/24
Viewing Questions 11 20 out of 231 Questions
8.33%

Question 11
HOTSPOT -
You have the hybrid network shown in the Network Diagram exhibit.
AZ-700_11Q_1.jpg related to the Microsoft AZ-700 Exam
You have a peering connection between Vnet1 and Vnet2 as shown in the Peering-Vnet1-Vnet2 exhibit.
AZ-700_11Q_2.jpg related to the Microsoft AZ-700 Exam
You have a peering connection between Vnet1 and Vnet3 as shown in the Peering-Vnet1-Vnet3 exhibit.
AZ-700_11Q_3.png related to the Microsoft AZ-700 Exam
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-700_11Q_4.png related to the Microsoft AZ-700 Exam
Image AZ-700_11R.jpg related to the Microsoft AZ-700 Exam
Box 1: Yes -
Virtual network peering seamlessly connects two Azure virtual networks, merging the two virtual networks into one for connectivity purposes.
Box 2: No -
No Virtual Gateway is used.
Gateway transit is a peering property that lets one virtual network use the VPN gateway in the peered virtual network for cross-premises or VNet-to-VNet connectivity. The following diagram shows how gateway transit works with virtual network peering.
AZ-700_11E.png related to the Microsoft AZ-700 Exam
In the diagram, gateway transit allows the peered virtual networks to use the Azure VPN gateway in Hub-RM. Connectivity available on the VPN gateway, including S2S, P2S, and VNet-to-VNet connections, applies to all three virtual networks.
Box 3: No -
No Virtual Gateway is used.
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-peering-gateway-transit

Question 12
HOTSPOT -
You have the Azure environment shown in the exhibit.
AZ-700_12Q_1.jpg related to the Microsoft AZ-700 Exam
You have virtual network peering between Vnet1 and Vnet2. You have virtual network peering between Vnet4 and Vnet5. The virtual network peering is configured as shown in the following table.
AZ-700_12Q_2.png related to the Microsoft AZ-700 Exam
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
Hot Area:
AZ-700_12Q_3.png related to the Microsoft AZ-700 Exam
Image AZ-700_12R.jpg related to the Microsoft AZ-700 Exam
Box 1: Yes -
Virtual network peering seamlessly connects two Azure virtual networks, merging the two virtual networks into one for connectivity purposes. Gateway transit is a peering property that lets one virtual network use the VPN gateway in the peered virtual network for cross-premises or VNet-to-VNet connectivity.
The following diagram shows how gateway transit works with virtual network peering.
AZ-700_12E.png related to the Microsoft AZ-700 Exam
In the diagram, gateway transit allows the peered virtual networks to use the Azure VPN gateway in Hub-RM. Connectivity available on the VPN gateway, including S2S, P2S, and VNet-to-VNet connections, applies to all three virtual networks.
In hub-and-spoke network architecture, gateway transit allows spoke virtual networks to share the VPN gateway in the hub, instead of deploying VPN gateways in every spoke virtual network.
Box 2: Yes -
VM2 uses the remote gateway GW1 to reach VM4.
Box 3: No -
VM2 can reach VM4 through GW1, but not VM5 as VNEt1 does not use remote Gateways.
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-peering-gateway-transit
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-troubleshoot-peering-issues

Question 13
HOTSPOT -
You have on-premises datacenters in New York and Seattle.
You have an Azure subscription that contains the ExpressRoute circuits shown in the following table.
AZ-700_13Q_1.jpg related to the Microsoft AZ-700 Exam
You need to ensure that all the data sent between the datacenters is routed via the ExpressRoute circuits. The solution must minimize costs.
How should you configure the network? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
AZ-700_13Q_2.jpg related to the Microsoft AZ-700 Exam
Image AZ-700_13R.jpg related to the Microsoft AZ-700 Exam
Box 1: Global Reach -
ExpressRoute Global Reach is the service where if you have two datacenters, which are located at different geo-locations and both are connected to Microsoft
Azure via Express Route then these two datacenters can also connect to each other securely via Microsoft's backbone.
Incorrect:
FastPath is designed to improve the data path performance between your on-premises network and your virtual network. When enabled, FastPath sends network traffic directly to virtual machines in the virtual network, bypassing the gateway.
Box 2: Private -
With ExpressRoute Global Reach, you can link ExpressRoute circuits together to make a private network between your on-premises networks.
Reference:
https://docs.microsoft.com/en-us/azure/expressroute/expressroute-global-reach

Question 14
You have an Azure virtual network named Vnet1 and an on-premises network. The on-premises network has policy-based VPN devices.
In Vnet1, you deploy a virtual network gateway named GW1 that uses a SKU of VpnGw1 and is route-based.
You have a Site-to-Site VPN connection for GW1 as shown in the following exhibit.
AZ-700_14Q.jpg related to the Microsoft AZ-700 Exam
You need to ensure that the on-premises network can connect to the route-based GW1.
What should you do before you create the connection?
A. Set Connection Mode to ResponderOnly.
B. Set BGP to Enabled.
C. Set Use Azure Private IP Address to Enabled.
D. Set IPsec / IKE policy to Custom.
BGP is the standard routing protocol commonly used in the Internet to exchange routing and reachability information between two or more networks. BGP enables the Azure VPN Gateways and your on-premises VPN devices, called BGP peers or neighbors, to exchange "routes" that will inform both gateways on the availability and reachability for those prefixes to go through the gateways or routers involved. BGP can also enable transit routing among multiple networks by propagating routes a BGP gateway learns from one BGP peer to all other BGP peers.
Incorrect:
Not C: A VPN gateway must have a Public IP address. Verify that you have an externally facing public IPv4 address for your VPN device.
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-bgp-resource-manager-ps
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-cli

Question 15
HOTSPOT
-
Your on-premises network contains a VPN device.
You have an Azure subscription that contains a virtual network and a virtual network gateway.
You need to create a Site-to-Site VPN connection that has a custom cryptographic policy.
How should you complete the PowerShell script? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-700_15Q.png related to the Microsoft AZ-700 Exam
Image AZ-700_15R.png related to the Microsoft AZ-700 Exam


Question 16
HOTSPOT
-
You have an Azure virtual network and an on-premises datacenter that connect by using a Site-to-Site VPN tunnel.
You need to ensure that all traffic from the virtual network to the internet is routed through the datacenter.
How should you complete the PowerShell script to configure forced tunneling? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-700_16Q.png related to the Microsoft AZ-700 Exam
Image AZ-700_16R.png related to the Microsoft AZ-700 Exam

Question 17
You are planning an Azure deployment that will contain three virtual networks in the East US Azure region as shown in the following table.
AZ-700_17Q.png related to the Microsoft AZ-700 Exam
A Site-to-Site VPN will connect Vnet1 to your company’s on-premises network.
You need to recommend a solution that ensures that the virtual machines on all the virtual networks can communicate with the on-premises network. The solution must minimize costs.
What should you recommend for Vnet2 and Vnet3?
A. VNet-to-VNet VPN connections
B. peering
C. service endpoints
D. route tables

Question 18
Your company has an office in New York.
The company has an Azure subscription that contains the virtual networks shown in the following table.
AZ-700_18Q.png related to the Microsoft AZ-700 Exam

You need to connect the virtual networks to the office by using ExpressRoute. The solution must meet the following requirements:
• The connection must have up to 1 Gbps of bandwidth.
• The office must have access to all the virtual networks.
• Costs must be minimized.
How many ExpressRoute circuits should be provisioned, and which ExpressRoute SKU should you enable?
A. one ExpressRoute Premium circuit
B. two ExpressRoute Premium circuits
C. four ExpressRoute Standard circuits
D. one ExpressRoute Standard circuit

Question 19
You have an Azure subscription that contains a virtual network.
You plan to deploy an Azure VPN gateway and 90 Site-to-Site VPN connections. The solution must meet the following requirements:
• Ensure that the Site-to-Site VPN connections remain available if an Azure datacenter fails.
• Minimize costs.
Which gateway SKU should you specify?
A. VpnGw1AZ
B. VpnGw2AZ
C. VpnGw4AZ
D. VpnGw5AZ

Question 20
DRAG DROP
-
Your on-premises network contains an Active Directory Domain Services (AD DS) domain named contoso.com that has an internal certification authority (CA).
You have an Azure subscription.
You deploy an Azure application gateway named AppGwy1 and perform the following actions:
• Configure an HTTP listener
• Associate a routing rule with the listener
You need to configure AppGwy1 to perform mutual authentication for requests from domain-joined computers to contoso.com.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
AZ-700_20Q.png related to the Microsoft AZ-700 Exam
Image AZ-700_20R.png related to the Microsoft AZ-700 Exam