microsoft az-700 practice test

designing and implementing microsoft azure networking solutions

Last exam update: Sep 07 ,2024
Page 1 out of 26. Viewing questions 1-10 out of 256

Question 1

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.
You configure the application gateway to direct traffic to the URL of the application gateway.
You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.

You need to ensure that the URL is accessible through the application gateway from any IP address.
Solution: You add a rewrite rule for the host header.
Does this meet the goal?

  • A. Yes
  • B. No
Mark Question:
Answer:

b

User Votes:
A
50%
B 1 votes
50%

The log shows that WAF rule with ruleId 920300 was trigged. Instead we should disable the WAF rule that has a ruleId 920300.
Reference:
https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/web-application-firewall-troubleshoot

Discussions
vote your answer:
A
B
0 / 1000

Question 2

You have an Azure Web Application Firewall (WAF) policy in prevention mode that is associated to an Azure Front Door instance.
You need to configure the policy to meet the following requirements:
Log all connections from Australia.
Deny all connections from New Zealand.
Deny all further connections from a network of 131.107.100.0/24 if there are more than 100 connections during one minute.
What is the minimum number of objects you should create?

  • A. three custom rules that each has one condition
  • B. one custom rule that has three conditions
  • C. one custom rule that has one condition
  • D. one rule that has two conditions and another rule that has one condition
Mark Question:
Answer:

a

User Votes:
A 1 votes
50%
B
50%
C
50%
D
50%

Reference:
https://docs.microsoft.com/en-us/azure/web-application-firewall/afds/afds-overview

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

You have an Azure subscription that contains the public IPv4 addresses shown in the following table.

You plan to create a load balancer named LB1 that will have the following settings:
Name: LB1
Location: West US
Type: Public
SKU: Standard
Which public IPv4 addresses can be used by LB1?

  • A. IP1, IP3, IP4, and IP5 only
  • B. IP3 only
  • C. IP1 and IP3 only
  • D. IP2 only
  • E. IP1, IP2, IP3, IP4, and IP5
  • F. IP3 and IP5 only
Mark Question:
Answer:

f

User Votes:
A
50%
B 1 votes
50%
C
50%
D
50%
E
50%
F
50%

Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-public-ip-address

Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 4

You plan to deploy Azure virtual network.
You need to design the subnets.
Which three types of resources require a dedicated subnet? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. Azure Bastion
  • B. Azure Active Directory Domain Services (Azure AD DS)
  • C. Azure Private Link
  • D. Azure Application Gateway v2
  • E. VPN gateway
Mark Question:
Answer:

ade

User Votes:
A 1 votes
50%
B
50%
C
50%
D 1 votes
50%
E 1 votes
50%

Reference:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-for-azure-services

Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 5

HOTSPOT

You have an Azure subscription that contains a virtual network gateway named VNetGwy1. VNetGwy1 has a public IP address of 20.25.32.214.

You need to query the health probe of VNetGwy1.

How should you complete the URI? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Mark Question:
Answer:

Discussions
0 / 1000

Question 6

HOTSPOT

You have an Azure virtual network named Vnet1 that contains two subnets named Subnet1 and Subnet2. Both subnets contain virtual machines.

You create a NAT gateway named NATgateway1 as shown in the following exhibit.



Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

NOTE: Each correct selection is worth one point.

Mark Question:
Answer:

Discussions
0 / 1000

Question 7

HOTSPOT

You have the Azure resources shown in the following table.



You need to link VNet2 to Circuit1.

What should you create in each subscription? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Mark Question:
Answer:

Discussions
0 / 1000

Question 8

You have an Azure application gateway configured for a single website that is available at https://www.contoso.com.
The application gateway contains one backend pool and one rule. The backend pool contains two backend servers. Each backend server has an additional website that is available on port 8080.
You need to ensure that if port 8080 is unavailable on a backend server, all the traffic for https://www.contoso.com is redirected to the other backend server.
What should you do?

  • A. Create a health probe
  • B. Add a new rule
  • C. Change the port on the listener
  • D. Add a new listener
Mark Question:
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%

By default, Azure Application Gateway probes backend servers to check their health status and to check whether they're ready to serve requests. Users can also create custom probes to mention the host name, the path to be probed, and the status codes to be accepted as Healthy. In each case, if the backend server doesn't respond successfully, Application Gateway marks the server as Unhealthy and stops forwarding requests to the server. After the server starts responding successfully, Application Gateway resumes forwarding the requests.
Note: The default probe request is sent in the format of <protocol>://127.0.0.1:<port>/. For example, http://127.0.0.1:80 for an http probe on port 80. Only HTTP status codes of 200 through 399 are considered healthy. The protocol and destination port are inherited from the HTTP settings. If you want Application Gateway to probe on a different protocol, host name, or path and to recognize a different status code as Healthy, configure a custom probe and associate it with the HTTP settings.
Reference:
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-backend-health-troubleshooting

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

You have an Azure subscription that contains the following resources:

A virtual network named Vnet1
Two subnets named subnet1 and AzureFirewallSubnet
A public Azure Firewall named FW1
A route table named RT1 that is associated to Subnet1
A rule routing of 0.0.0.0/0 to FW1 in RT1

After deploying 10 servers that run Windows Server to Subnet1, you discover that none of the virtual machines were activated.

You need to ensure that the virtual machines can be activated.

What should you do?

  • A. On FW1, create an outbound network rule that allows traffic to the Azure Key Management Service (KMS).
  • B. On FW1, create an outbound service tag rule for Azure Cloud.
  • C. Deploy a NAT gateway.
  • D. On FW1, configure a DNAT rule for port 1688.
Mark Question:
Answer:

a

User Votes:
A
50%
B
50%
C
50%
D
50%

None

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return it. As a result, these questions will not appear in the review screen.

You have an Azure subscription that contains an Azure Virtual WAN named VWAN1. VWAN1 contains a hub named Hub1.

Hub1 has a security status of Unsecured.

You need to ensure that the security status of Hub1 is marked as Secured.

Solution: You implement an Azure Front Door profile.

Does this meet the requirement?

  • A. Yes
  • B. No
Mark Question:
Answer:

b

User Votes:
A
50%
B
50%

None

Discussions
vote your answer:
A
B
0 / 1000
To page 2