Free Microsoft AZ-700 Exam Questions

Question 1

Your on-premises network contains a DNS server named Server1. You have an Azure subscription that contains the resources shown in the following table.

The on-premises network is connected to VNet1 by using a Site-to-Site (S2S) VPN. You need to ensure that Server1 can resolve the DNS name of storage1. The solution must minimize costs and administrative effort. What should you use?

A : Azure DNS Private Resolver

B : an Azure public DNS zone

C : an Azure Private DNS zone

D : an Azure virtual machine that hosts a DNS service

Answer: A

Question 2

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure subscription that contains an Azure Front Door Premium profile named AFD1 and an Azure Web Application Firewall (WAF) policy named WAF1. AFD1 is associated with WAF1.

You need to configure a rate limit for incoming requests to AFD1.

Solution: You configure a managed rule for WAF1.

Does this meet the goal?

A : Yes

B : No

Answer: B

Question 3

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have two Azure virtual networks named Vnet1 and Vnet2. You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-to-Site (P2S) IKEv2 VPN. You implement virtual network peering between Vnet1 and Vnet2. Vnet1 allows gateway transit. Vnet2 can use the remote gateway. You discover that Client1 cannot communicate with Vnet2. You need to ensure that Client1 can communicate with Vnet2. Solution: You reset the gateway of Vnet1. Does this meet the goal?

A : Yes

B : No

Answer: B

Question 4

You have an Azure virtual network and an on-premises datacenter. You are planning a Site-to-Site VPN connection between the datacenter and the virtual network. Which two resources should you include in your plan? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A : a user-defined route

B : a virtual network gateway

C : Azure Firewall

D : Azure Web Application Firewall (WAF)

E : an on-premises data gateway

F : an Azure application gateway

G : a local network gateway

Answer: B,G

Question 5

You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains a subnet named Subnet1.

You deploy an instance of Azure Application Gateway v2 named AppGw1 to Subnet1. You create a network security group (NSG) named NSG1 and link NSG1 to Subnet1.

You need to ensure that AppGw1 will only load balance traffic that originates from VNet1. The solution must minimize the impact on the functionality of AppGw1.

What should you add to NSG1?

A : an outbound rule that has a priority of 4096 and blocks all internet traffic

B : an inbound rule that has a priority of 4096 and blocks all internet traffic

C : an inbound rule that has a priority of 100 and blocks all internet traffic

D : an outbound rule that has a priority 100 and blocks all internet traffic

Answer: B