Free Microsoft AZ-700 Exam Questions

Become Microsoft Certified with updated AZ-700 exam questions and correct answers

Page: 1 / 63

Total 311 Questions | Updated On: Aug 04, 2021

Add To Cart

Question 1

You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains a subnet named Subnet1.

You deploy an instance of Azure Application Gateway v2 named AppGw1 to Subnet1. You create a network security group (NSG) named NSG1 and link NSG1 to Subnet1.

You need to ensure that AppGw1 will only load balance traffic that originates from VNet1. The solution must minimize the impact on the functionality of AppGw1.

What should you add to NSG1?

A : an outbound rule that has a priority of 4096 and blocks all internet traffic

B : an inbound rule that has a priority of 4096 and blocks all internet traffic

C : an inbound rule that has a priority of 100 and blocks all internet traffic

D : an outbound rule that has a priority 100 and blocks all internet traffic

Answer: B

Question 2

You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. The subscription contains the following resources: * An Azure App Service app named App1 * An Azure DNS zone named contoso.com * An Azure private DNS zone named private.contoso.com * A virtual network named Vnet1 You create a private endpoint for App1. The record for the endpoint is registered automatically in Azure DNS. You need to provide a developer with the name that is registered in Azure DNS for the private endpoint. What should you provide?

A : app1.privatelink.azurewebsites.net

B : app1.contoso.com

C : app1.contoso.onmicrosoft.com

D : app1.private.contoso.com

Answer: A

Question 3

You have an Azure virtual network named Vnet1 and an on-premises network. The on-premises network has policy-based VPN devices. In Vnet1, you deploy a virtual network gateway named GW1 that uses a SKU of VpnGw1 and is route-based. You have a Site-to-Site VPN connection for GW1 as shown in the following exhibitYou need to ensure that the on-premises network can connect to the route-based GW1. What should you do before you create the connection?

A : Set Use Azure Private IP Address to Enabled

B : Set IPsec / IKE policy to Custom.

C : Set Connection Mode to ResponderOnly

D : Set BGP to Enabled

Answer: A

Question 4

You have the Azure load balancer shown in the Load Balancer exhibit.LB2 has the backend pools shown in the Backend Pools exhibit.You need to ensure that LB2 distributes traffic to all the members of VMSS1. Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A : Add a network interface to VMSS1.

B : Configure a health probe.

C : Add a public IP address to each member of VMSS1.

D : Add a load balancing rule.

Answer: B,D

Question 5

You have an Azure subscription that contains an instance of Azure Firewall Standard named AzFW1. You plan to enable the following: • TLS inspection • Threat intelligence • A network intrusion detection and prevention system (IDPS) What can you enable by using AzFW1?

A : TLS inspection only

B : threat intelligence only

C : TLS inspection and the IDPS only

D : threat intelligence and the IDPS only

E : TLS inspection, threat intelligence, and the IDPS

Answer: E

Page: 1 / 63

Total 311 Questions | Updated On: Aug 04, 2021

Add To Cart