Free Microsoft AZ-700 Exam Questions

You have an Azure virtual network and an on-premises datacenter. You need to implement a Site-to-Site VPN connection between the datacenter and the virtual network. Which two resources should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

You have an Azure subscription that contains a user named Admin1 and a resource group named RG1. RG1 contains an Azure Network Watcher instance named NW1. You need to ensure that Admin1 can place a lock on NW1. The solution must use the principle of least privilege. Which role should you assign to Admin1?

You have an on-premises DNS server named Server1 that hosts a primary DNS zone named fabrikam.com. You have an Azure subscription that contains the resources shown in the following table.Users on the on-premises network access resources on all the virtual networks by using a Site-to-Site (S2S) VPN. You need to deploy an Azure DNS Private Resolver solution that meets the following requirements: • Resources connected to the virtual networks must be able to resolve DNS names for fabrikam.com. • Server1 must be able to resolve the DNS names of the resources in contoso.com. • The solution must minimize costs and administrative effort. What is the minimum number of resolvers you should deploy? 

You need to configure the default route in Vnet2 and Vnet3. The solution must meet the virtual networking requirements. What should you use to configure the default route?

You have an Azure subscription that contains a virtual machine named VM1 and a network security group (NSG) named NSG1. NSG1 has the default rules configured VM1 runs Windows Server and contains a single NIC named NIC1 NIC! is associated with NSG1. You need to prevent access to the Azure Instance Metadata Service (IMDS) REST API on VM1 The solution must minimize administrative effort. What should you add to NSG1?