Microsoft AZ-700 Exam Practice Test Instant Access

Question 1

SIMULATION

Task 5

You need to ensure that requests for wwwjelecloud.com from any of your Azure virtual networks resolve to frontdoor1.azurefd.net.

ASee the Explanation below for step by step instructions

Answer : A

Here are the steps and explanations for ensuring that requests for wwwjelecloud.com from any of your Azure virtual networks resolve to frontdoor1.azurefd.net:

To use a custom domain with your Azure Front Door, you need to create a CNAME record with your domain provider that points to the Front Door default frontend host.A CNAME record is a type of DNS record that maps a source domain name to a destination domain name1.

To create a CNAME record, you need to sign in to your domain registrar's website and go to the page for managing DNS settings1.

Create a CNAME record with the following information1:

Source domain name: wwwjelecloud.com

Destination domain name: frontdoor1.azurefd.net

Save your changes and wait for the DNS propagation to take effect1.

To verify the custom domain, you need to go to the Azure portal and select your Front Door profile.Then select Domains under Settings and select Add2.

On the Add a domain page, select Non-Azure validated domain as the Domain type and enter wwwjelecloud.com as the Domain name.Then select Add2.

On the Domains page, select wwwjelecloud.com and select Verify.This will check if the CNAME record is correctly configured2.

Once the domain is verified, you can associate it with your Front Door endpoint. On the Domains page, select wwwjelecloud.com and select Associate endpoint.Then select your Front Door endpoint from the drop-down list and select Associate2.

Question 2

You have an on-premises DNS server named Server1 that hosts a primary DNS zone named fabrikam.com.

You have an Azure subscription that contains the resources shown in the following table.

Users on the on-premises network access resources on all the virtual networks by using a Site-to-Site (S2S) VPN. You need to deploy an Azure DNS Private Resolver solution that meets the following requirements:

* Resources connected to the virtual networks must be able to resolve DNS names for fabrikam.com.

* Server1 must be able to resolve the DNS names of the resources in contoso.com.

* The solution must minimize costs and administrative effort.

What is the minimum number of resolvers you should deploy?

Answer : B

Question 3

You have an Azure subscription that contains an instance of Azure Firewall Standard named AzFW1. You plan to enable the following:

* TLS inspection

* Threat intelligence

* A network intrusion detection and prevention system (IDPS)

What can you enable by using AzFW1?

ATLS inspection only

Bthreat intelligence only

CTLS inspection and the IDPS only

Dthreat intelligence and the IDPS only

ETLS inspection, threat intelligence, and the IDPS

Answer : E

Question 4

You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains an Azure Virtual Desktop host pool named Pool1.

You need to implement Azure Firewall and TLS inspection for all the outbound traffic from Pool1.

Which two resources should you configure? Each correct answer present part of the solution.

NOTE: Each correct answer is worth one point

Aan Azure Private DNS zone

Ba private endpoint

Can Azure key vault

Dan Azure NAT gateway

Ea Microsoft Entra enterprise app

Fa managed identity

Answer : D, F

Question 5

You have an Azure subscription that contains the resources shown in the following table.

You need to ensure that the virtual machines can access storage1, storage2, and DB1 by using service endpoints.

What is the minimum number of service endpoints you should create?

D12

Answer : B

Question 6

You are planning an Azure deployment that will contain three virtual networks in the East US Azure region as shown in the following table.

A Site-to-Site VPN will connect Vnet1 to your company's on-premises network.

You need to recommend a solution that ensures that the virtual machines on all the virtual networks can communicate with the on-premises network- The solution must minimize costs.

What should you recommend for Vnet2 and Vnet3?

Aservice endpoints

Broute tables

CVNet-to-VNet VPN connections

Dpeering

Answer : D

Question 7

You have an Azure subscription that contains 100 network security groups (NSGs).

You need to ensure that you log the application of specific NSG rules.

Which type of log should you configure?

Aflow log

Bactivity log

CAzure resource log

Daudit log

Answer : A

Microsoft AZ-700 Designing and Implementing Microsoft Azure Networking Solutions Exam Practice Test