AZ-700 Exam Question 56
Statement: If the 1st network interface allocated to an application security group titled ASBGWeb is in the virtual network titled VNet1, all subsequent network interfaces allocated to ASGWeb must exist in VNet1.
Is the statement true?
Is the statement true?
AZ-700 Exam Question 57
Case Study 1 - Litware. Inc
Overview
Litware. Inc. is a financial company that has a main datacenter in Boston and 20 branch offices across the United States. Users have Android, iOS, and Windows 10 devices.
Existing Environment:
Hybrid Environment
The on-prernises network contains an Active Directory forest named litwareinc.com that syncs to an Azure Active Directory (Azure AD) tenant named litwareinc.com by usinq Azure AD Connect.
All the offices connect to a virtual network named Vnetl by using a Site-to-Site VPN connection.
Azure Environment
Litware has an Azure subscription named Sub1 that is linked to the litwareinc.com Azure AD tenant. Sub1 contains resources in the East US Azure region as shown in the following table.
A diagram of the resource in the East US Azure region is shown in the Network Diagram exhibit.
There is bidirectional peering between Vnet1 and Vnet2. There is bidirectional peering between Vnet1 and Vnet3. Currently, Vnet2 and Vnet3 cannot communicate directly.
Azure Environment Diagram
Requirements:
Business Requirements
Litware wants to minimize costs whenever possible, as long as all other requirements are met.
Virtual Networking Requirements
Litware identifies the following virtual networking requirements:
- Direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 to the
Boston datacenter over an ExpressRoute circuit.
- Ensure that the records in the cloud.litwareinc.com zone can be
resolved from the on-premises locations.
- Automatically register the DNS names of Azure virtual machines to the cloud.litwareinc.com zone.
- Minimize the size of the subnets allocated to platform-managed
services.
- Allow traffic from VMScaleSet1 to VMScaleSet2 on the TCP port 443
only.
Hybrid Networking Requirements
Litware identifies the following hybrid networking requirements:
- Users must be able to connect to Vnet1 by using a Point-to-Site (P2S) VPN when working remotely. Connections must be authenticated by Azure AD.
- Latency of the traffic between the Boston datacenter and all the
virtual networks must be minimized.
- The Boston datacenter must connect to the Azure virtual networks by
using an ExpressRoute FastPath connection.
- Traffic between Vnet2 and Vnet3 must be routed through Vnet1.
PaaS Networking Requirements
Litware identifies the following networking requirements for platform as a service (PaaS):
- The storage1 account must be accessible from all on-premises
locations without exposing the public endpoint of storage1.
- The storage2 account must be accessible from Vnet2 and Vnet3 without
exposing the public endpoint of storage2.
You need to configure the default route in Vnet2 and Vnet3. The solution must meet the virtual networking requirements.
What should you use to configure the default route?
Overview
Litware. Inc. is a financial company that has a main datacenter in Boston and 20 branch offices across the United States. Users have Android, iOS, and Windows 10 devices.
Existing Environment:
Hybrid Environment
The on-prernises network contains an Active Directory forest named litwareinc.com that syncs to an Azure Active Directory (Azure AD) tenant named litwareinc.com by usinq Azure AD Connect.
All the offices connect to a virtual network named Vnetl by using a Site-to-Site VPN connection.
Azure Environment
Litware has an Azure subscription named Sub1 that is linked to the litwareinc.com Azure AD tenant. Sub1 contains resources in the East US Azure region as shown in the following table.
A diagram of the resource in the East US Azure region is shown in the Network Diagram exhibit.
There is bidirectional peering between Vnet1 and Vnet2. There is bidirectional peering between Vnet1 and Vnet3. Currently, Vnet2 and Vnet3 cannot communicate directly.
Azure Environment Diagram
Requirements:
Business Requirements
Litware wants to minimize costs whenever possible, as long as all other requirements are met.
Virtual Networking Requirements
Litware identifies the following virtual networking requirements:
- Direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 to the
Boston datacenter over an ExpressRoute circuit.
- Ensure that the records in the cloud.litwareinc.com zone can be
resolved from the on-premises locations.
- Automatically register the DNS names of Azure virtual machines to the cloud.litwareinc.com zone.
- Minimize the size of the subnets allocated to platform-managed
services.
- Allow traffic from VMScaleSet1 to VMScaleSet2 on the TCP port 443
only.
Hybrid Networking Requirements
Litware identifies the following hybrid networking requirements:
- Users must be able to connect to Vnet1 by using a Point-to-Site (P2S) VPN when working remotely. Connections must be authenticated by Azure AD.
- Latency of the traffic between the Boston datacenter and all the
virtual networks must be minimized.
- The Boston datacenter must connect to the Azure virtual networks by
using an ExpressRoute FastPath connection.
- Traffic between Vnet2 and Vnet3 must be routed through Vnet1.
PaaS Networking Requirements
Litware identifies the following networking requirements for platform as a service (PaaS):
- The storage1 account must be accessible from all on-premises
locations without exposing the public endpoint of storage1.
- The storage2 account must be accessible from Vnet2 and Vnet3 without
exposing the public endpoint of storage2.
You need to configure the default route in Vnet2 and Vnet3. The solution must meet the virtual networking requirements.
What should you use to configure the default route?
AZ-700 Exam Question 58
You plan to implement an Azure virtual network that will contain 10 virtual subnets. The subnets will use IPv6 addresses. Each subnet will host up to 200 load-balanced virtual machines.
You need to recommend a load balancing solution for the virtual network. The solution must meet the following requirements:
- The virtual machines and the load balancer must be accessible only from the virtual network.
- Costs must be minimized.
What should you include in the recommendation?
You need to recommend a load balancing solution for the virtual network. The solution must meet the following requirements:
- The virtual machines and the load balancer must be accessible only from the virtual network.
- Costs must be minimized.
What should you include in the recommendation?
AZ-700 Exam Question 59
Hotspot Question
You need to connect an on-premises network and art Azure environment.
The solution must use ExpressRoute and support failing over to a Site-to Site VPN connection if there is an ExpressRoute failure.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to connect an on-premises network and art Azure environment.
The solution must use ExpressRoute and support failing over to a Site-to Site VPN connection if there is an ExpressRoute failure.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
AZ-700 Exam Question 60
You need to configure a security policy. As a process, first you find the name for the resource group containing Front Door profile with the help of Get-AzResourceGroup. Now, which of the following cmdlet would you use to configure a security policy in the identified resource group?