[Dec-2021] Latest AZ-700 Exam Dumps for Pass Guaranteed [Q16-Q37]

[Dec-2021] Latest AZ-700 Exam Dumps for Pass Guaranteed

Reliable Microsoft Certified: Azure Network Engineer Associate AZ-700 Dumps PDF Dec 14, 2021 Recently Updated Questions

Skills measured

• Design and Implement Core Networking Infrastructure (20% to 25%)
• Design and Implement Private Access to Azure Services (10% to 15%)
• Design, Implement, and Manage Hybrid Networking (10% to 15%)
• Secure and Monitor Networks (15% to 20%)
• Design and Implement Routing (25% to 30%)

Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions (beta)

Candidates for this exam should have subject matter expertise in planning, implementing, and maintaining Azure networking solutions, including hybrid networking, connectivity, routing, security, and private access to Azure services.

Candidates for this exam should also have expert Azure administration skills, in addition to extensive experience and knowledge of networking, hybrid connections, and network security.

Part of the requirements for: Microsoft Certified: Azure Network Engineer Associate

Download exam skills outline

 

NEW QUESTION 16
You have the Azure resources shown in the following table.

You configure storage1 to provide access to the subnet in Vnet1 by using a service endpoint.
You need to ensure that you can use the service endpoint to connect to the read-only endpoint of storage1 in the paired Azure region.
What should you do first?

• A. Configure the firewall settings for storage1.
• B. Create another service endpoint.
• C. Fail over storage1 to the paired Azure region.
• D. Create a virtual network in the paired Azure region.

Answer: A

 

NEW QUESTION 17
You have an Azure subscription that contains an Azure App Service app. The app uses a URL of
https://www.contoso.com.
You need to use a custom domain on Azure Front Door for www.contoso.com. The custom domain must use a certificate from an allowed certification authority (CA).
What should you include in the solution?

• A. Active Directory Certificate Services (AD CS)
• B. Azure Key Vault
• C. Azure Application Gateway
• D. an enterprise application in Azure Active Directory (Azure AD)

Answer: B

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/frontdoor/front-door-custom-domain-https

 

NEW QUESTION 18
You have two Azure App Service instances that host the web apps shown the following table.

You deploy an Azure application gateway that has one public frontend IP address and two backend pools.
You need to publish all the web apps to the application gateway. Requests must be routed based on the HTTP host headers.
What is the minimum number of listeners and routing rules you should configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

1, 2

 

NEW QUESTION 19
You have the Azure App Service app shown in the App Service exhibit.

The VNet Integration settings for as12 are configured as shown in the Vnet Integration exhibit.

The Private Endpoint connections settings for as12 are configured as shown in the Private Endpoint connections exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, text, application Description automatically generated

Reference:
https://docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnet

 

NEW QUESTION 20
You configure a route table named RT1 that has the routes shown in the following table.

You have an Azure virtual network named Vnet1 that has the subnets shown in the following table.

You have the resources shown in the following table.

Vnet1 connects to an ExpressRoute circuit. The on-premises router advertises the following routes:
* 0.0.0.0/0
* 10.0.0.0/16
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 21
You have an Azure application gateway for a web app named App1. The application gateway allows end-to-end encryption.
You configure the listener for HTTPS by uploading an enterprise signed certificate.
You need to ensure that the application gateway can provide end-to-end encryption for App1. What should you do?

• A. Increase the Unhealthy threshold setting in the custom probe.
• B. Upload the public key certificate to the HTTP settings.
• C. Set Listener type to Multi site.
• D. Enable the SSL profile for the listener.

Answer: B

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/end-to-end-ssl-portal

 

NEW QUESTION 22
You have two Azure subscriptions named Subscnption1 and Subscription2. Subscription1 contains a virtual network named Vnet1. Vnet1 contains an application server. Subscription2 contains a virtual network named Vnet2.
You need to provide the virtual machines in Vnet2 with access to the application server in Vnet1 by using a private endpoint.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

 

NEW QUESTION 23
Your company has an on-premises network and three Azure subscriptions named Subscription1, Subscription2, and Subscription3.
The departments at the company use the Azure subscriptions as shown in the following table.

All the resources in the subscriptions are in either the West US Azure region or the West US 2 Azure region.
You plan to connect all the subscriptions to the on-premises network by using ExpressRoute.
What is the minimum number of ExpressRoute circuits required?

• A. 0
• B. 1
• C. 2
• D. 3
• E. 4

Answer: B

 

NEW QUESTION 24
You have the network security groups (NSGs) shown in the following table.

In NSG1, you create inbound rules as shown in the following table.

You have the Azure virtual machines shown in the following table.

NSG2 has only the default rules configured.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 25
You have an Azure subscription that contains the public IPv4 addresses shown in the following table.

You plan to create a load balancer named LB1 that will have the following settings:
* Name: LB1
* Location: West US
* Type: Public
* SKU: Standard
Which public IPv4 addresses can be used by LB1?

• A. IP3 and IP5 only
• B. IP1, IP2. IP3. IP4. and IP5
• C. IP1 and IP3 only
• D. IP3 only
• E. IP1, IP3, IP4, and 1P5 only
• F. IP2only

Answer: B

 

NEW QUESTION 26
You have an Azure Traffic Manager parent profile named TM1. TM1 has two child profiles named TM2 and TM3.
TM1 uses the performance traffic-routing method and has the endpoints shown in the following table.

TM2 uses the weighted traffic-routing method with MinChildEndpoint = 2 and has the endpoints shown in the following table.

TM3 uses priority traffic-routing method and has the endpoints shown in the following table.

The App2, App4, and App6 endpoints have a degraded monitoring status.
To which endpoint is traffic directed? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point

Answer:

Explanation:

Explanation
Diagram Description automatically generated

Reference:
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-nested-profiles

 

NEW QUESTION 27
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.
You configure the application gateway to direct traffic to the URL of the application gateway.
You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.

You need to ensure that the URL is accessible through the application gateway.
Solution: You disable the WAF rule that has a ruleld of 920300.
Does this meet the goal?

• A. Yes
• B. No

Answer: A

 

NEW QUESTION 28
You have an Azure firewall shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, text, application, email Description automatically generated

Box 1:
If forced tunneling was enabled, the Firewall Subnet would be named AzureFirewallManagementSubnet.
Forced tunneling can only be enabled during the creation of the firewall. It cannot be enabled after the firewall has been deployed.
Box 2:
The "Visit Azure Firewall Manager to configure and manage this firewall" link in the exhibit shows that the firewall is managed by Azure Firewall Manager.

 

NEW QUESTION 29
You plan to configure BGP for a Site-to-Site VPN connection between a datacenter and Azure.
Which two Azure resources should you configure? Each correct answer presents a part of the solution.
(Choose two.)
NOTE: Each correct selection is worth one point.

• A. a local network gateway
• B. a virtual network gateway
• C. Azure Front Door
• D. Azure Application Gateway
• E. Azure Firewall

Answer: A,B

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/bgp-howto

 

NEW QUESTION 30
You have an Azure subscription that contains two virtual networks named Vnet1 and Vnet2.
You register a public DNS zone named fabrikam.com. The zone is configured as shown in the Public DNS Zone exhibit.

You have a private DNS zone named fabrikam.com. The zone is configured as shown in the Private DNS Zone exhibit.

You have a virtual network link configured as shown in the Virtual Network Link exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 31
You have an Azure Front Door instance named FrontDoor1.
You deploy two instances of an Azure web app to different Azure regions.
You plan to provide access to the web app through FrontDoor1 by using the name app1.contoso.com.
You need to ensure that FrontDoor1 is the entry point for requests that use app1.contoso.com.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

 

NEW QUESTION 32
Azure virtual networks in the East US Azure region as shown in the following table.

The virtual networks are peered to one another. Each virtual network contains four subnets.
You plan to deploy a virtual machine named VM1 that will inspect and route traffic between all the subnets on both the virtual networks.
What is the minimum number of IP addresses that you must assign to VM1?

• A. 0
• B. 1
• C. 2
• D. 3

Answer: D

Explanation:
Topic 1, Contoso Case Study 2
Overview
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab. note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Existing Environment:
Azure Network Infrastructure
Contoso has an Azure Active Directory (Azure AD) tenant named contoso.com.
The Azure subscription contains the virtual networks shown in the following table.

Vnet1 contains a virtual network gateway named GW1.
Azure Virtual Machines
The Azure subscription contains virtual machines that run Windows Server 2019 as shown in the following table.

The NSGs are associated to the network interfaces on the virtual machines. Each NSG has one custom security rule that allows RDP connections from the internet. The firewall on each virtual machine allows ICMP traffic.
An application security group named ASG1 is associated to the network interface of VM1.
Azure Private DNS Zones
The Azure subscription contains the Azure private DNS zones shown in the following table.

Zone1.contoso.com has the virtual network links shown in the following table.

Other Azure Resources
The Azure subscription contains additional resources as shown in the following table.

Requirements:
Virtual Network Requirements
Contoso has the following virtual networks requirements:
* Create a virtual network named Vnet6 in West US that will contain the following resources and configurations:
Two container groups that connect to Vnet6
Three virtual machines that connect to Vnet6
Allow VPN connections to be established to Vnet6
Allow the resources in Vnet6 to access KeyVault1, DB1, and Vnet1 over the Microsoft backbone network
* The virtual machines in Vnet4 and Vnet5 must be able to communicate over the Microsoft backbone network.
* A virtual machine named VM-Analyze will be deployed to Subnet1. VM-Analyze must inspect the outbound network traffic from Subnet2 to the internet.
Network Security Requirements
Contoso has the following network security requirements:
* Configure Azure Active Directory (Azure AD) authentication for Point-to-Site (P2S) VPN users.
* Enable NSG flow logs for NSG3 and NSG4.
* Create an NSG named NSG10 that will be associated to Vnet1/Subnet1 and will have the custom inbound security rules shown in the following table.

* Create an NSG named NSG11 that will be associated to Vnet1/Subnet2 and will have the custom outbound security rules shown in the following table.

 

NEW QUESTION 33
You have a website that uses an FQDN of www.contoso.com. The DNS record tor www.contoso.com resolves to an on-premises web server.
You plan to migrate the website to an Azure web app named Web1. The website on Web1 will be published by using an Azure Front Door instance named ContosoFD1.
You build the website on Web1.
You plan to configure ContosoFD1 to publish the website for testing.
When you attempt to configure a custom domain for www.contoso.com on ContosoFD1, you receive the error message shown in the exhibit.

You need to test the website and ContosoFD1 without affecting user access to the on-premises web server.
Which record should you create in the contoso.com DNS domain?

• A. a CNAME record that maps afdverify.www.contoso.com to afdverify.ContosoFD1.azurefd.net
• B. a CNAME record that maps www.contoso.com to Web1.contoso.com
• C. a CNAME record that maps www.contoso.com to ContosoFD1.azurefd.net
• D. a CNAME record that maps afdverify.www.contoso.com to ContosoFD1.azurefd.net

Answer: C

 

NEW QUESTION 34
You have an Azure application gateway named AppGW1 that balances requests to a web app named App1.
You need to modify the server variables in the response header of App1.
What should you configure on AppGW1?

• A. listeners
• B. HTTP settings
• C. rules
• D. rewrites

Answer: B

 

NEW QUESTION 35
You have an Azure subscription that contains the resources shown in the following table.

The IP Addresses settings for Vnet1 are configured as shown in the exhibit.

You need to ensure that you can integrate WebApp1 and Vnet1.
Which three actions should you perform in sequence before you can integrate WebApp1 and Vnet1? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation
Text Description automatically generated with medium confidence

Reference:
https://docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnet#gateway-required-vnet-integra

 

NEW QUESTION 36
You have an Azure virtual network and an on-premises datacenter.
You need to implement a Site-to-Site VPN connection between the datacenter and the virtual network.
Which two resources should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

• A. a local network gateway
• B. a virtual network gateway
• C. a user-defined route
• D. an on-premises data gateway
• E. Azure Web Application Firewall (WAF)
• F. an Azure application gateway
• G. Azure Firewall

Answer: A,C

 

NEW QUESTION 37
......

Latest 2021 Realistic Verified AZ-700 Dumps: https://www.topexamcollection.com/AZ-700-vce-collection.html

Pass Your  Microsoft AZ-700 Exam with Correct 98 Questions and Answers: https://drive.google.com/open?id=1_FQQnoPwT3pWhrGQYUowBiPZZqwnxLQK