Free Microsoft AZ-700 Exam Questions

You have an Azure subscription that contains a user named Admin1 and a resource group named RG1. RG1 contains an Azure Network Watcher instance named NW1. You need to ensure that Admin1 can place a lock on NW1. The solution must use the principle of least privilege. Which role should you assign to Admin1?

You have an Azure subscription that contains a virtual machine named VM1 and a network security group (NSG) named NSG1. NSG1 has the default rules configured VM1 runs Windows Server and contains a single NIC named NIC1 NIC! is associated with NSG1. You need to prevent access to the Azure Instance Metadata Service (IMDS) REST API on VM1 The solution must minimize administrative effort. What should you add to NSG1?

You have the Azure subscriptions shown in the following table.Each virtual network contains 20 internet-accessible resources that are assigned public IP addresses. You need to implement Azure DDoS Network Protection to protect the resources. The solution must minimize costs. What is the minimum number of DDoS Network Protection plans you should deploy? 

You have five virtual machines that run Windows Server. Each virtual machine hosts a different web app. You plan to use an Azure application gateway to provide access to each web app by using a hostname of www.contoso.corn and a different URL path for each web app, for example: https://www.contoso.com/app1. You need to control the flow of traffic based on the URL path. What should you configure?

Your company has a single on-premises datacenter in New York. The East US Azure region has a peering location in New York. The company only has Azure resources in the East US region. You need to implement ExpressRoute to support up to 1 Gbps. You must use only ExpressRoute Unlimited data plans. The solution must minimize costs. Which type of ExpressRoute circuits should you create?