Microsoft AZ-700 - Designing and Implementing Microsoft Azure Networking Solutions
You have an Azure subscription that contains the virtual machines shown in the following table.
VNet1 and VNet2 are NOT connected to each other.
You need to block traffic from SQL Server 2019 to IIS by using application security groups. The solution must minimize administrative effort.
How should you configure the application security groups? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains the resources shown in the following table.
You need to associate Gateway 1 with Subnet1. The solution must minimize downtime on VM1.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You have the Azure subscriptions shown in the following table.
Each virtual network contains 20 internet-accessible resources that are assigned public IP addresses.
You need to implement Azure DDoS Network Protection to protect the resources. The solution must minimize costs.
What is the minimum number of DDoS Network Protection plans you should deploy?
You have Azure App Service apps in the West US Azure region as shown in the following table.
You need to ensure that all the apps can access the resources in a virtual network named Vnet1 without forwarding traffic through the internet-How many integration subnets should you create?
You need to provide access to storage2. The solution must meet the PaaS networking requirements and the business requirements.
Which connectivity method should you use?
You need to restrict traffic from VMScaleSet1 to VMScaleSet2. The solution must meet the virtual networking requirements.
What is the minimum number of custom NSG rules and NSG assignments required? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains the resources shown in the following table.
You create a virtual network named Vnet2 in the West US region.
You plan to enable peering between Vnet1 and Vnet2.
You need to ensure that the virtual machines connected to Vnet2 can connect to VM1 and VM2 via LB1.
What should you do?
Your on-premises network uses an IP address range of 10.1.0.0 to 10.1.255.255.
You plan to deploy a new Azure virtual network solution that will include the following elements:
• A virtual network named VNet1
• A Site-to-Site (S2S) VPN connection between VNet1 and the on-premises network
• GatewaySubnet in VNet1, which will be used as a route-based virtual network gateway
You need to recommend which subnet masks to assign to VNet1 and GatewaySubnet. The solution must meet the following requirements:
• Maximize the number of available IP addresses on VNet1.
• Minimize the number of available IP addresses on GatewaySubnet
Which address spaces should you assign to VNet1 and GatewaySubnet? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure virtual network named VNet1 that contains the subnets shown in the following table.
You need to deploy an Azure application gateway named AppGW1 to VNetl To where can you deploy AppGW1?
You have an Azure subscription that contains the resources shown in the following table.
The virtual network topology is shown in the following exhibit.
Firewall1 is configured as shown in following exhibit.
FirewallPolicy1 contains the following rules:
• Allow outbound traffic from Vnet1 and Vnet2 to the internet.
• Allow any traffic between Vnet1 and Vnet2.
No custom private endpoints. service endpoints. routing tables, or network security groups (NSGs) were created. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
