Free Microsoft AZ-700 Exam Questions

Become Microsoft Certified with updated AZ-700 exam questions and correct answers

Page: 1 / 63

Total 311 Questions | Updated On: Dec 17, 2025

Add To Cart

Question 1

You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains a subnet named Subnet1.

You deploy an instance of Azure Application Gateway v2 named AppGw1 to Subnet1. You create a network security group (NSG) named NSG1 and link NSG1 to Subnet1.

You need to ensure that AppGw1 will only load balance traffic that originates from VNet1. The solution must minimize the impact on the functionality of AppGw1.

What should you add to NSG1?

A : an outbound rule that has a priority of 4096 and blocks all internet traffic

B : an inbound rule that has a priority of 4096 and blocks all internet traffic

C : an inbound rule that has a priority of 100 and blocks all internet traffic

D : an outbound rule that has a priority 100 and blocks all internet traffic

Answer: B

Question 2

You have an Azure subscription that contains a virtual machine named VM1 and a network security group (NSG) named NSG1. NSG1 has the default rules configured VM1 runs Windows Server and contains a single NIC named NIC1 NIC! is associated with NSG1. You need to prevent access to the Azure Instance Metadata Service (IMDS) REST API on VM1 The solution must minimize administrative effort. What should you add to NSG1?

A : an outbound rule that blocks traffic to an IP address

B : an outbound rule that blocks traffic to a service tag

C : an inbound and outbound rule that blocks traffic to an application security group.

D : an inbound rule that blocks traffic to an IP address

Answer: B

Question 3

You have an on-premises DNS server named Server1 that hosts a primary DNS zone named fabrikam.com. You have an Azure subscription that contains the resources shown in the following table.Users on the on-premises network access resources on all the virtual networks by using a Site-to-Site (S2S) VPN. You need to deploy an Azure DNS Private Resolver solution that meets the following requirements: • Resources connected to the virtual networks must be able to resolve DNS names for fabrikam.com. • Server1 must be able to resolve the DNS names of the resources in contoso.com. • The solution must minimize costs and administrative effort. What is the minimum number of resolvers you should deploy?

A : 1

B : 2

C : 3

D : 4

Answer: B

Question 4

You have an Azure virtual network and an on-premises datacenter. You need to implement a Site-to-Site VPN connection between the datacenter and the virtual network. Which two resources should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A : a virtual network gateway

B : Azure Firewall

C : a local network gateway

D : Azure Web Application Firewall (WAF)

E : an on-premises data gateway

F : an Azure application gateway

G : a user-defined route

Answer: A,C

Question 5

Your company has offices in London, Tokyo, and New York. The company has a web app named App1 that has the Azure Traffic Manager profile shown in the following table.In Asia, you plan to deploy an additional endpoint that will host an updated version of App1. You need to route 10 percent of the traffic from the Tokyo office to the new endpoint during testi What should you configure in Traffic Manager?

A : one profile and five endpoints

B : two profiles and four endpoints

C : three profiles and four endpoints

D : two profiles and five endpoints

Answer: B

Page: 1 / 63

Total 311 Questions | Updated On: Dec 17, 2025

Add To Cart