AZ-700 Exam Question 81
You have an Azure virtual machine named VM1.
You need to capture all the network traffic of VM1 by using Azure Network Watcher.
To which locations can the capture be written?
You need to capture all the network traffic of VM1 by using Azure Network Watcher.
To which locations can the capture be written?
AZ-700 Exam Question 82
Hotspot Question
You have an on-premises server named Server1 that runs Windows Server and has the DNS Server role installed.
You have an Azure subscription that contains two virtual networks named VNet1 and VNet2.
VNet1 contains an Azure Firewall instance named FW1. VNet1 peers with VNet2.
The on-premises network is connected to VNet1 by using ExpressRoute. The on-premises network is inaccessible from VNet2.
You need to ensure that virtual machines connected to VNet2 use Server1 to perform name resolution. The solution must minimize administrative effort.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct answer is worth one point.
You have an on-premises server named Server1 that runs Windows Server and has the DNS Server role installed.
You have an Azure subscription that contains two virtual networks named VNet1 and VNet2.
VNet1 contains an Azure Firewall instance named FW1. VNet1 peers with VNet2.
The on-premises network is connected to VNet1 by using ExpressRoute. The on-premises network is inaccessible from VNet2.
You need to ensure that virtual machines connected to VNet2 use Server1 to perform name resolution. The solution must minimize administrative effort.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct answer is worth one point.
AZ-700 Exam Question 83
Hotspot Question
You have an Azure subscription that contains the resources shown in the following table.
The virtual network topology is shown in the following exhibit.
Firewall1 is configured as shown in following exhibit.
FirewallPolicy1 contains the following rules:
- Allow outbound traffic from Vnet1 and Vnet2 to the internet.
- Allow any traffic between Vnet1 and Vnet2.
No custom private endpoints, service endpoints, routing tables, or network security groups (NSGs) were created.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains the resources shown in the following table.
The virtual network topology is shown in the following exhibit.
Firewall1 is configured as shown in following exhibit.
FirewallPolicy1 contains the following rules:
- Allow outbound traffic from Vnet1 and Vnet2 to the internet.
- Allow any traffic between Vnet1 and Vnet2.
No custom private endpoints, service endpoints, routing tables, or network security groups (NSGs) were created.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
AZ-700 Exam Question 84
You have a network security group (NSG) named NSG1 associated to each subnet.
When a new subnet is created in Vnet1 an automated process creates an additional network monitoring virtual machine in the subnet and links the subnet to NSG1.
You need to create an inbound security rule in NSG1 that will allow connections to the network monitoring virtual machines from an IP address of 131.107.1.15. The solution must meet the following requirements:
- Ensure that only the monitoring virtual machines receive a connection from 131.1071.15.
- Minimize changes to NSG1 when a new subnet is created.
What should you use as the destination in the inbound security rule?
When a new subnet is created in Vnet1 an automated process creates an additional network monitoring virtual machine in the subnet and links the subnet to NSG1.
You need to create an inbound security rule in NSG1 that will allow connections to the network monitoring virtual machines from an IP address of 131.107.1.15. The solution must meet the following requirements:
- Ensure that only the monitoring virtual machines receive a connection from 131.1071.15.
- Minimize changes to NSG1 when a new subnet is created.
What should you use as the destination in the inbound security rule?
AZ-700 Exam Question 85
SIMULATION
Username and password
Use the following login credentials as needed:
- To enter your username, place your cursor in the Sign in box and click on the username below.
- To enter your password, place your cursor in the Enter password box and click on the password below.
- Azure Username: [email protected]
- Azure Password: xxxxxxxxxx
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
- Lab Instance: 12345678
You plan to configure a VPN tunnel for VNET2.
You need to ensure that all internet traffic from subnet2-1 is routed through an on-premises firewall before reaching the destination. The solution must be achieved without using dynamic routing protocols.
To complete this task, sign in to the Azure portal.
Username and password
Use the following login credentials as needed:
- To enter your username, place your cursor in the Sign in box and click on the username below.
- To enter your password, place your cursor in the Enter password box and click on the password below.
- Azure Username: [email protected]
- Azure Password: xxxxxxxxxx
If the Azure portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
- Lab Instance: 12345678
You plan to configure a VPN tunnel for VNET2.
You need to ensure that all internet traffic from subnet2-1 is routed through an on-premises firewall before reaching the destination. The solution must be achieved without using dynamic routing protocols.
To complete this task, sign in to the Azure portal.
