You have an Azure subscription that contains the resources shown in the following table.

NSG1 is associated to the NIC of VM1 and contains the rules shown in the following table.

You collect NSG flow logs for five minutes for the following activities:
* Two RDP sessions from VM1 to VM2, each initiated from a different TCP port
* Three SSH sessions from VM2 to VM1, each initiated from a different TCP port You analyze the logs by using Traffic Analytics in Azure Network Watcher. How many aggregated flow entries will Traffic Analytics identify?

• A.10
• B.2
• C.1
• D.5

Comment: *

Name: *

Email: *

Verification: *

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.
You configure the application gateway to direct traffic to the URL of the application gateway.
You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.

You need to ensure that the URL is accessible through the application gateway.
Solution: You configure a custom cookie and an exclusion rule.
Does this meet the goal?

• A.Yes
• B.No

Comment: *

Name: *

Email: *

Verification: *

You have an Azure subscription that contains a virtual machine named VM1. VM1 contains a NIC named NIC1 and a public IP address named PIP1.PIP1 is assigned to NIC1.
You plan to deploy four Network Virtual Appliances (NVAs).
You need to ensure that all the inbound traffic from the internet to PIP1 is inspected by the NVAs. The solution must ensure that the NVA deployment is highly available.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Correct Answer:

Explanation:

Comment: *

Name: *

Email: *

Verification: *

You have an Azure private DNS zone named contoso.com that is linked to the virtual networks shown in the following table.

The links have auto registration enabled.
You create the virtual machines shown in the following table.

You manually add the following entry to the contoso.com zone:
* Name: VM1
* IP address: 10.1.10.9
For each of the following statements, select Yes of the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Correct Answer:

Explanation:

Box 1: No
The manual DNS record will overwrite the auto-registered DNS record so VM1 will resolve to 10.1.10.9.
Box 2: No
The DNS record for VM1 is now a manually created record rather than an auto-registered record. Only auto- registered DNS records are deleted when a VM is deleted.
Box 3: No
This answer depends on how the IP address is changed. To change the IP address of a VM manually, you would need to select 'Static' as the IP address assignment. In this case, the DNS record will not be updated because only DHCP assigned IP addresses are auto-registered.
Reference:
https://docs.microsoft.com/en-us/azure/dns/dns-faq-private

Comment: *

Name: *

Email: *

Verification: *

You have an Azure Front Door instance named FrontDoor1.
You deploy two instances of an Azure web app to different Azure regions.
You plan to provide access to the web app through FrontDoor1 by using the name app1.contoso.com.
You need to ensure that FrontDoor1 is the entry point for requests that use app1.contoso.com.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Correct Answer:

Explanation

Table Description automatically generated

Comment: *

Name: *

Email: *

Verification: *