- Expert Verified, Online, Free.

MAIL US

info@examtopicspro.com

Microsoft AZ-700 Exam Questions

Certification Exams

Downloadable PDF versions

100% Confidential

Updated Regularly

Advanced Features

Number Of Questions

237

$ 39

Description

Exam Name: Designing and Implementing Microsoft Azure Networking Solutions
Exam Code: AZ-700
Related Certification(s): Microsoft Azure Network Engineer Associate Certification
Certification Provider: Microsoft
Number of AZ-700 practice questions in our database: 263 (updated: Jan. 08, 2025)
Expected AZ-700 Exam Topics, as suggested by Microsoft :

  • Module 1: Design and implement core networking infrastructure: This section of the exam covers how to design and implement IP addressing for Azure resources, how to design and implement name resolution, design and implement VNet connectivity and routing, and network monitoring.
  • Module 2: Design, implement, and manage connectivity services: In this section, the focus is given to how to design, implement, and manage a site-to-site VPN connection, design, implement, and manage a point-to-site VPN connection, design, implement, and manage Azure ExpressRoute, and design and implement an Azure Virtual WAN architecture.
  • Module 3: Design and implement application delivery services: In this section of the exam, the focus is given to how to design and implement Azure Load Balancer and Azure Traffic Manager, how to design and implement Azure Application Gateway, and how to design and implement Azure Front Door.
  • Module 4: Design and implement private access to Azure services: In this section of the exam, candidates are tested for their skill to design and implement Azure Private Link service and Azure private endpoints.
  • Module 5: Design and implement Azure network security services: In this section, topics covered include Implementing and managing network security groups, how to implement Azure Firewall and Azure Firewall Manager, and implementing a Web Application Firewall (WAF) deployment.

Description

Exam Name: Designing and Implementing Microsoft Azure Networking Solutions
Exam Code: AZ-700
Related Certification(s): Microsoft Azure Network Engineer Associate Certification
Certification Provider: Microsoft
Number of AZ-700 practice questions in our database: 263 (updated: Jan. 08, 2025)
Expected AZ-700 Exam Topics, as suggested by Microsoft :

  • Module 1: Design and implement core networking infrastructure: This section of the exam covers how to design and implement IP addressing for Azure resources, how to design and implement name resolution, design and implement VNet connectivity and routing, and network monitoring.
  • Module 2: Design, implement, and manage connectivity services: In this section, the focus is given to how to design, implement, and manage a site-to-site VPN connection, design, implement, and manage a point-to-site VPN connection, design, implement, and manage Azure ExpressRoute, and design and implement an Azure Virtual WAN architecture.
  • Module 3: Design and implement application delivery services: In this section of the exam, the focus is given to how to design and implement Azure Load Balancer and Azure Traffic Manager, how to design and implement Azure Application Gateway, and how to design and implement Azure Front Door.
  • Module 4: Design and implement private access to Azure services: In this section of the exam, candidates are tested for their skill to design and implement Azure Private Link service and Azure private endpoints.
  • Module 5: Design and implement Azure network security services: In this section, topics covered include Implementing and managing network security groups, how to implement Azure Firewall and Azure Firewall Manager, and implementing a Web Application Firewall (WAF) deployment.

Reviews

There are no reviews yet.

Be the first to review “Microsoft AZ-700 Exam Questions”

Your email address will not be published. Required fields are marked *

Q1. SIMULATION Task 5 You need to archive all the metrics of VNET1 to an existing storage account.

A.See the Explanation below for step by step instructions

Correct Answer: A To archive all the metrics of VNET1 to an existing storage account, you can use Azure Monitor’s diagnostic settings. Here’s how you can do it: Step-by-Step Solution Step 1: Navigate to VNET1 in the Azure Portal Open the Azure Portal. Search for ”Virtual networks”and selectVNET1from the list. Step 2: Configure Diagnostic Settings In the VNET1 blade, select”Diagnostic settings”under the ”Monitoring” section. Click on ”Add diagnostic setting”. Step 3: Set Up the Diagnostic Setting Enter a namefor the diagnostic setting (e.g.,VNET1-Metrics-Archive). Select the metricsyou want to archive. You can choose from various metrics likeTotalBytesReceived,TotalBytesSent, etc. Under ”Destination details”, select”Archive to a storage account”. Choose the existing storage accountwhere you want to archive the metrics. Configure the retention periodif needed. Step 4: Save the Configuration Review your settingsto ensure everything is correct. Click on ”Save”to apply the diagnostic setting. Explanation Diagnostic Settings: These allow you to collect and route metrics and logs from your Azure resources to various destinations, including storage accounts, Log Analytics workspaces, and Event Hubs. Metrics: Metrics provide numerical data about the performance and health of your resources. Archiving these metrics helps in long-term analysis and compliance. Storage Account: Using an existing storage account ensures that the metrics are stored securely and can be accessed for future analysis. By following these steps, you can ensure that all the metrics of VNET1 are archived to your existing storage account, enabling you to monitor and analyze the performance and health of your virtual network over time.

Q2. SIMULATION Task 5 You need to ensure that requests for wwwjelecloud.com from any of your Azure virtual networks resolve to frontdoor1.azurefd.net.

A.See the Explanation below for step by step instructions

Correct Answer: A Here are the steps and explanations for ensuring that requests for wwwjelecloud.com from any of your Azure virtual networks resolve to frontdoor1.azurefd.net: To use a custom domain with your Azure Front Door, you need to create a CNAME record with your domain provider that points to the Front Door default frontend host. A CNAME record is a type of DNS record that maps a source domain name to a destination domain name1. To create a CNAME record, you need to sign in to your domain registrar’s website and go to the page for managing DNS settings1. Create a CNAME record with the following information1: Source domain name: wwwjelecloud.com Destination domain name: frontdoor1.azurefd.net Save your changes and wait for the DNS propagation to take effect1. To verify the custom domain, you need to go to the Azure portal and select your Front Door profile.Then select Domains under Settings and select Add2. On the Add a domain page, select Non-Azure validated domain as the Domain type and enter wwwjelecloud.com as the Domain name. Then select Add2. On the Domains page, select wwwjelecloud.com and select Verify. This will check if the CNAME record is correctly configured2. Once the domain is verified, you can associate it with your Front Door endpoint. On the Domains page, select wwwjelecloud.com and select Associate endpoint. Then select your Front Door endpoint from the drop-down list and select Associate2.

Q3. You have an on-premises server named Server1 that runs Windows Server. You have an Azure subscription that contains a virtual network named VNet1. You plan to connect Server1 to VNet1 by using Azure Network Adapter. You need to minimize how long it takes to deploy the adapter to Server1. What should you create first?

A.an Azure VPN gateway

B. a route server

C. a private endpoint

D. an Azure Bastion host

Correct Answer: A

Q4. SIMULATION Task 7 You need to ensure that hosts on VNET2 can access hosts on both VNET1 and VNET3. The solution must prevent hosts on VNET1 and VNET3 from communicating through VNET2.

A.See the Explanation below for step by step instructions

Correct Answer: A Here are the steps and explanations for ensuring that hosts on VNET2 can access hosts on both VNET1 and VNET3, but hosts on VNET1 and VNET3 cannot communicate through VNET2: To connect different virtual networks in Azure, you need to use virtual network peering. Virtual network peering allows you to create low-latency, high-bandwidth connections between virtual networks without using gateways or the internet1. To create a virtual network peering, you need to go to the Azure portal and select your virtual network. Then select Peerings under Settings and select + Add2. On the Add peering page, enter or select the following information: Name: Type a unique name for the peering from the source virtual network to the destination virtual network. Virtual network deployment model: Select Resource manager. Subscription: Select the subscription that contains the destination virtual network. Virtual network: Select the destination virtual network from the list or enter its resource ID. Name of the peering from [destination virtual network] to [source virtual network]: Type a unique name for the peering from the destination virtual network to the source virtual network. Configure virtual network access settings: Select Enabled to allow resources in both virtual networks to communicate with each other. Allow forwarded traffic: Select Disabled to prevent traffic that originates from outside either of the peered virtual networks from being forwarded through either of them. Allow gateway transit: Select Disabled to prevent either of the peered virtual networks from using a gateway in the other virtual network. Use remote gateways: Select Disabled to prevent either of the peered virtual networks from using a gateway in the other virtual network as a transit point to another network. Select Add to create the peering2. Repeat the previous steps to create peerings between VNET2 and VNET1, and between VNET2 and VNET3. This will allow hosts on VNET2 to access hosts on both VNET1 and VNET3. To prevent hosts on VNET1 and VNET3 from communicating through VNET2, you need to use network security groups (NSGs) to filter traffic between subnets. NSGs are rules that allow or deny inbound or outbound traffic based on source or destination IP address, port, or protocol3. To create an NSG, you need to go to the Azure portal and select Create a resource. Search for network security group and select Network security group. Then select Create4. On the Create a network security group page, enter or select the following information: Subscription: Select your subscription name. Resource group: Select your resource group name. Name: Type a unique name for your NSG. Region: Select the same region as your virtual networks. Select Review + create and then select Create to create your NSG4. To add rules to your NSG, you need to go to the Network security groups service in the Azure portal and select your NSG. Then select Inbound security rules or Outbound security rules under Settings and select + Add4. On the Add inbound security rule page or Add outbound security rule page, enter or select the following information: Source or Destination: Select CIDR block. Source CIDR blocks or Destination CIDR blocks: Enter the IP address range of the source or destination subnet that you want to filter. For example, 10.0.1.0/24 for VNET1 subnet 1, 10.0.2.0/24 for VNET2 subnet 1, and 10.0.3.0/24 for VNET3 subnet 1. Protocol: Select Any to apply the rule to any protocol. Action: Select Deny to block traffic from or to the source or destination subnet. Priority: Enter a number between 100 and 4096 that indicates the order of evaluation for this rule. Lower numbers have higher priority than higher numbers. Name: Type a unique name for your rule. Select Add to create your rule4. Repeat the previous steps to create inbound and outbound rules for your NSG that deny traffic between VNET1 and VNET3 subnets. For example, you can create an inbound rule that denies traffic from 10.0.1.0/24 (VNET1 subnet 1) to 10.0.3.0/24 (VNET3 subnet 1), and an outbound rule that denies traffic from 10.0.3.0/24 (VNET3 subnet 1) to 10.0.1.0/24 (VNET1 subnet 1). To associate your NSG with a subnet, you need to go to the Virtual networks service in the Azure portal and select your virtual network. Then select Subnets under Settings and select the subnet that you want to associate with your NSG5. On the Edit subnet page, under Network security group, select your NSG from the drop-down list. Then select Save5. Repeat the previous steps to associate your NSG with the subnets in VNET1 and VNET3 that you want to isolate from each other.

Frequently Asked Questions

ExamTopics Pro is a premium service offering a comprehensive collection of exam questions and answers for over 1000 certification exams. It is regularly updated and designed to help users pass their certification exams confidently.
Please contact team@examtopics.com and we will provide you with alternative payment options.
The subscriptions at Examtopics.com are recurring according to the Billing Cycle of your Subscription Plan, i.e. after a certain period of time your credit card is re-billed automatically until/unless you cancel your subscription.
Free updates are available for the duration of your subscription, after the subscription is expired, your access will no longer be available.