Instant Access Microsoft.AZ-700.v2022-11-23.q124 Actual Practice Test Engine for Free (Page 18)

Question 81

You have an Azure subscription that is linked to an Azure AD tenant named contoso.onmicrosoft.com. The subscription contains the following resources:
* A virtual network named Vnet1
* An App Service plan named ASPI
* An Azure App Service named webapp1
* An Azure private DNS zone named private.contoso.com
* Virtual machines on Vnet1 that cannot communicate outside the virtual network
You need to ensure that the virtual machines on Vnet1 can access webapp1 by using a URL of https:/Avwwprivate.contosocom.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A.Create a CNAME record that maps www.pnvate.contoso.com to webapp1.privatelink.azurewebsites.net.
B.Register an enterprise application in Azure AD for webapp1.
C.Create a private endpoint for webapp1.
D.Create a CNAME record that maps wow.private.contoso.com to webapp 1 [email protected].
E.Create a CNAME record that maps wwwprivatemntoso.com to webapp1.contoso.onmicrosoft.com.
F.Create a service endpoint for webapp1.

Question 82

You have an Azure Traffic Manager parent profile named TM1. TM1 has two child profiles named TM2 and TM3.
TM1 uses the performance traffic-routing method and has the endpoints shown in the following table.

TM2 uses the weighted traffic-routing method with MinChildEndpoint = 2 and has the endpoints shown in the following table.

TM3 uses priority traffic-routing method and has the endpoints shown in the following table.

The App2, App4, and App6 endpoints have a degraded monitoring status.
To which endpoint is traffic directed? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point

Question 83

You have an Azure virtual network named Vnet1 that connects to an on-premises network.
You have an Azure Storage account named storageaccount1 that contains blob storage.
You need to configure a private endpoint for the blob storage. The solution must meet the following requirements:
Ensure that all on-premises users can access storageaccount1 through the private endpoint.
Prevent access to storageaccount1 from being interrupted.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Question 84

You have an Azure subscription that contains the following resources:
A virtual network named Vnet1
Two subnets named subnet1 and AzureFirewallSubnet
A public Azure Firewall named FW1
A route table named RT1 that is associated to Subnet1
A rule routing of 0.0.0.0/0 to FW1 in RT1
After deploying 10 servers that run Windows Server to Subnet1, you discover that none of the virtual machines were activated.
You need to ensure that the virtual machines can be activated.
What should you do?

A.On FW1, create an outbound network rule that allows traffic to the Azure Key Management Service (KMS).
B.On FW1, create an outbound service tag rule for AzureCloud.
C.To Subnetl, associate a network security group (NSG) that allows outbound access to port 1688.
D.Deploy a NAT gateway.

Question 85

You are planning an Azure Point-to-Site (P2S) VPN that will use OpenVPN.
Users will authenticate by using an on premises Active Directory domain.
Which additional service should you deploy to support the VPN authentication?

A.a certification authority (CA)
B.a RADIUS server
C.an Azure key vault
D.Azure Active Directory (Azure AD) Application Proxy

Question 81

Question 82

Question 83

Question 84

Question 85

Download PDF File