October/2022 Latest Braindump2go AZ-700 Exam Dumps with PDF and VCE Free Updated Today! Following are some new Braindump2go AZ-700 Real Exam Questions!
You have on-premises datacenters in New York and Seattle.
You have an Azure subscription that contains the ExpressRoute circuits shown in the following table.
You need to ensure that all the data sent between the datacenters is routed via the ExpressRoute circuits. The solution must minimize costs.
How should you configure the network? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Box 1: Global Reach
ExpressRoute Global Reach is the service where if you have two datacenters, which are located at different geo-locations and both are connected to Microsoft Azure via Express Route then these two datacenters can also connect to each other securely via Microsoft’s backbone.
FastPath is designed to improve the data path performance between your on-premises network and your virtual network. When enabled, FastPath sends network traffic directly to virtual machines in the virtual network, bypassing the gateway.
Box 2: Private
With ExpressRoute Global Reach, you can link ExpressRoute circuits together to make a private network between your on-premises networks.
You have an Azure virtual network named Vnet1 and an on-premises network. The on-premises network has policy-based VPN devices.
In Vnet1, you deploy a virtual network gateway named GW1 that uses a SKU of VpnGw1 and is route-based.
You have a Site-to-Site VPN connection for GW1 as shown in the following exhibit.
You need to ensure that the on-premises network can connect to the route-based GW1.
What should you do before you create the connection?
A. Set Connection Mode to ResponderOnly.
B. Set BGP to Enabled.
C. Set Use Azure Private IP Address to Enabled.
D. Set IPsec / IKE policy to Custom.
Previously, when working with policy-based VPNs, you were limited to using the policy-based VPN gateway Basic SKU and could only connect to 1 on-premises VPN/firewall device. Now, using custom IPsec/IKE policy, you can use a route-based VPN gateway and connect to multiple policy-based VPN/firewall devices. To make a policy-based VPN connection using a route-based VPN gateway, configure the route-based VPN gateway to use prefix-based traffic selectors with the option “PolicyBasedTrafficSelectors”.
You have the Azure resources shown in the following table.
WebApp1 uses the Standard pricing tier.
You need to ensure that WebApp1 can access the virtual machines deployed to Vnet1\Subnet1 and Vnet2\Subnet1. The solution must minimize costs.
What should you create in each virtual network? To answer, select the appropriate options in the answer area.
Box 1: An additional subnet
Regional virtual network integration: When you connect to virtual networks in the same region, you must have a dedicated subnet in the virtual network you’re integrating with.
Box 2: A VPN gateway
Gateway-required virtual network integration: When you connect directly to virtual networks in other regions or to a classic virtual network in the same region, you need an Azure Virtual Network gateway created in the target virtual network.
Note: If your app is in an App Service Environment, it’s already in a virtual network and doesn’t require use of the VNet integration feature to reach resources in the same virtual network.
You have a hub-and-spoke topology. The topology includes multiple on-premises locations that connect to a hub virtual network in Azure via ExpressRoute circuits.
You have an Azure Application Gateway named GW1 that provides a single point of ingress from the internet.
You plan to migrate the hub-and-spoke topology to Azure Virtual WAN.
You need to identify which changes must be applied to the existing topology. The solution must ensure that you maintain a single point of ingress from the internet.
Which three changes should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Add user-defined routes.
B. Add virtual network peerings.
C. Replace the user-defined routes used by the current topology.
D. Create virtual network connections.
E. Remove the existing virtual network peerings.
F. Redeploy GW1.
Transition connectivity to virtual WAN hub:
Step 1. (E) Delete the existing peering connections from Spoke virtual networks to the old customer-managed hub. Access to applications in spoke virtual networks is unavailable until steps 1-3 are complete.
Step 2. (D) Connect the spoke virtual networks to the Virtual WAN hub via VNet connections.
Step 3. (C) Remove any user-defined routes (UDR) previously used within spoke virtual networks for spoke-to-spoke communications. This path is now enabled by dynamic routing available within the Virtual WAN hub.
Drag and Drop Question
You register a DNS domain with a third-party registrar.
You need to host the DNS zone on Azure.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Step 1: Create a public DNS zone.
Create a DNS zone
1. Go to the Azure portal to create a DNS zone. Search for and select DNS zones.
2. Select Create DNS zone.
3. On the Create DNS zone page, enter the following values, and then select Create.
Step 2: Identify the FQDNs of the name servers.
Retrieve name servers.
Before you can delegate your DNS zone to Azure DNS, you need to know the name servers for your zone. Azure DNS gives name servers from a pool each time a zone is created.
With the DNS zone created, in the Azure portal Favorites pane, select All resources. On the All resources page, select your DNS zone. If the subscription you’ve selected already has several resources in it, you can enter your domain name in the Filter by name box to easily access the application gateway.
Retrieve the name servers from the DNS zone page. In this example, the zone contoso.net has been assigned name servers ns1-01.azure-dns.com, ns2-
01.azure-dns.net, *ns3-01.azure-dns.org, and ns4-01.azure-dns.info:
Azure DNS automatically creates authoritative NS records in your zone for the assigned name servers.
Step 3: Modify the NS records for the domain.
Delegate the domain –
Once the DNS zone gets created and you have the name servers, you’ll need to update the parent domain with the Azure DNS name servers.
Each registrar has its own DNS management tools to change the name server records for a domain.
1. In the registrar’s DNS management page, edit the NS records and replace the NS records with the Azure DNS name servers.
2. When you delegate a domain to Azure DNS, you must use the name servers that Azure DNS provides. Use all four name servers, regardless of the name of your domain. Domain delegation doesn’t require a name server to use the same top-level domain as your domain.
You have the network topology shown in the Topology exhibit.
You have the Azure firewall shown in the Firewall1 exhibit.
You have the route table shown in the RouteTable1 exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Box 1: Yes
Resources in Subnet1 will use the Route2 and its Next hop ID address to the Firewall to reach the Internet.
Box 2: Yes
Yes, with network network peering.
Box 3: No
Resources in Subnet2 can only reach resources in Subnet1, as gateway transit for virtual network peering has not been configured.
Note: This QUESTION 1is part of a series of questions that present the same scenario. Each QUESTION 1in the series contains a unique solution that might meet the stated goals. Some QUESTION 1sets might have more than one correct solution, while others might not have a correct solution.
After you answer a QUESTION 1in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have two Azure virtual networks named Vnet1 and Vnet2.
You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-to-Site (P2S) IKEv2 VPN.
You implement virtual network peering between Vnet1 and Vnet2. Vnet1 allows gateway transit. Vnet2 can use the remote gateway.
You discover that Client1 cannot communicate with Vnet2.
You need to ensure that Client1 can communicate with Vnet2.
Solution: You resize the gateway of Vnet1 to a larger SKU.
Does this meet the goal?
The VPN client must be downloaded again if any changes are made to VNet peering or the network topology.
Your company has offices in London, Tokyo, and New York.
The company has a web app named App1 that has the Azure Traffic Manager profile shown in the following table.
In Asia, you plan to deploy an additional endpoint that will host an updated version of App1.
You need to route 10 percent of the traffic from the Tokyo office to the new endpoint during testing.
What should you configure in Traffic Manager?
A. two profiles and five endpoints
B. two profiles and four endpoints
C. three profiles and four endpoints
D. one profile and five endpoints
Need two profiles. Add one Child profile using Weighted routing. One additional trial endpoint, to the existing three, for the Child Profile is needed.
Note 1: Each Traffic Manager profile specifies a single traffic-routing method. However, there are scenarios that require more sophisticated traffic routing than the routing provided by a single Traffic Manager profile. You can nest Traffic Manager profiles to combine the benefits of more than one traffic-routing method.
Note 2: Weighted routing: Select Weighted routing when you want to distribute traffic across a set of endpoints based on their weight. Set the weight the same to distribute evenly across all endpoints.
1.2022 Latest Braindump2go AZ-700 Exam Dumps (PDF & VCE) Free Share:
2.2022 Latest Braindump2go AZ-700 PDF and AZ-700 VCE Dumps Free Share:
3.2021 Free Braindump2go AZ-700 Exam Questions Download:
Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!