Free Microsoft AZ-700 Exam Questions

You have an on-premises DNS server named Server1 that hosts a primary DNS zone named fabrikam.com. You have an Azure subscription that contains the resources shown in the following table.Users on the on-premises network access resources on all the virtual networks by using a Site-to-Site (S2S) VPN. You need to deploy an Azure DNS Private Resolver solution that meets the following requirements: • Resources connected to the virtual networks must be able to resolve DNS names for fabrikam.com. • Server1 must be able to resolve the DNS names of the resources in contoso.com. • The solution must minimize costs and administrative effort. What is the minimum number of resolvers you should deploy? 

You have an Azure application gateway for a web app named App1. The application gateway allows end-toend encryption. You configure the listener for HTTPS by uploading an enterprise signed certificate. You need to ensure that the application gateway can provide end-to-end encryption for App1. What should you do? 

You have an Azure Web Application Firewall (WAF) policy in prevention mode that is associated to an Azure Front Door instance. You need to configure the policy to meet the following requirements: Log all connections from Australia. Deny all connections from New Zealand. Deny all further connections from a network of 131.107.100.0/24 if there are more than 100 connections during one minute. What is the minimum number of objects you should create?

Your company has a single on-premises datacenter in New York. The East US Azure region has a peering location in New York. The company only has Azure resources in the East US region. You need to implement ExpressRoute to support up to 1 Gbps. You must use only ExpressRoute Unlimited data plans. The solution must minimize costs. Which type of ExpressRoute circuits should you create?

You have an Azure subscription that contains a virtual machine named VM1 and a network security group (NSG) named NSG1. NSG1 has the default rules configured VM1 runs Windows Server and contains a single NIC named NIC1 NIC! is associated with NSG1. You need to prevent access to the Azure Instance Metadata Service (IMDS) REST API on VM1 The solution must minimize administrative effort. What should you add to NSG1?