Free Microsoft AZ-700 Exam Questions

Become Microsoft Certified with updated AZ-700 exam questions and correct answers

Page: 1 / 63

Total 311 Questions | Updated On: Apr 14, 2026

Add To Cart

Question 1

Your on-premises network contains a DNS server named Server 1. You have an Azure subscription that contains the resources shown in the following table.The on-premises network is connected to VNet1 by using a Site-to-Site (S2S) VPN. You need to ensure that Server1 can resolve the DNS name of storage1. The solution must minimize costs and administrative effort. What should you use?

A : an Azure Private DNS zone

B : an Azure virtual machine that hosts a DNS service

C : an Azure public DNS zone

D : Azure DNS Private Resolver

Answer: D

Question 2

You have an Azure virtual network named Vnet1 and an on-premises network. The on-premises network has policy-based VPN devices. In Vnet1, you deploy a virtual network gateway named GW1 that uses a SKU of VpnGw1 and is route-based. You have a Site-to-Site VPN connection for GW1 as shown in the following exhibitYou need to ensure that the on-premises network can connect to the route-based GW1. What should you do before you create the connection?

A : Set Use Azure Private IP Address to Enabled

B : Set IPsec / IKE policy to Custom.

C : Set Connection Mode to ResponderOnly

D : Set BGP to Enabled

Answer: A

Question 3

You have an Azure application gateway for a web app named App1. The application gateway allows end-toend encryption. You configure the listener for HTTPS by uploading an enterprise signed certificate. You need to ensure that the application gateway can provide end-to-end encryption for App1. What should you do?

A : Set Listener type to Multi site.

B : Increase the Unhealthy threshold setting in the custom probe.

C : Upload the public key certificate to the HTTPS settings.

D : Enable the SSL profile for the listener.

Answer: C

Question 4

You have an Azure subscription that contains a virtual machine named VM1 and a network security group (NSG) named NSG1. NSG1 has the default rules configured VM1 runs Windows Server and contains a single NIC named NIC1 NIC! is associated with NSG1. You need to prevent access to the Azure Instance Metadata Service (IMDS) REST API on VM1 The solution must minimize administrative effort. What should you add to NSG1?

A : an outbound rule that blocks traffic to an IP address

B : an outbound rule that blocks traffic to a service tag

C : an inbound and outbound rule that blocks traffic to an application security group.

D : an inbound rule that blocks traffic to an IP address

Answer: B

Question 5

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled. You configure the application gateway to direct traffic to the URL of the application gateway. You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.You need to ensure that the URL is accessible through the application gateway. Solution: You add a rewrite rule for the host header. Does this meet the goal?

A : Yes

B : No

Answer: B

Page: 1 / 63

Total 311 Questions | Updated On: Apr 14, 2026

Add To Cart