Free Microsoft AZ-700 Exam Questions

You have the Azure subscriptions shown in the following table.Each virtual network contains 20 internet-accessible resources that are assigned public IP addresses. You need to implement Azure DDoS Network Protection to protect the resources. The solution must minimize costs. What is the minimum number of DDoS Network Protection plans you should deploy? 

You have an Azure subscription that contains an instance of Azure Firewall Standard named AzFW1. You plan to enable the following: • TLS inspection • Threat intelligence • A network intrusion detection and prevention system (IDPS) What can you enable by using AzFW1?

You have an Azure virtual network named Vnet1 and an on-premises network. The on-premises network has policy-based VPN devices. In Vnet1, you deploy a virtual network gateway named GW1 that uses a SKU of VpnGw1 and is route-based. You have a Site-to-Site VPN connection for GW1 as shown in the following exhibitYou need to ensure that the on-premises network can connect to the route-based GW1. What should you do before you create the connection?

You are planning an Azure deployment that will contain three virtual networks in the East US Azure region as shown in the following table. A Site-to-Site VPN will connect Vnet1 to your company's on-premises network. You need to recommend a solution that ensures that the virtual machines on all the virtual networks can communicate with the on-premises network- The solution must minimize costs. What should you recommend for Vnet2 and Vnet3?

You have an Azure subscription that contains a user named Admin1 and a resource group named RG1. RG1 contains an Azure Network Watcher instance named NW1. You need to ensure that Admin1 can place a lock on NW1. The solution must use the principle of least privilege. Which role should you assign to Admin1?