AZ-700 Designing and Implementing Microsoft Azure Networking Solutions Exam Dumps – Updated for [2023]

We updated AZ-700 Designing and Implementing Microsoft Azure Networking Solutions exam dumps as a helpful tool. It is important to ensure that you can have the right study materials with actual questions and answers to help you pass the Designing and Implementing Microsoft Azure Networking Solutions AZ-700 exam successfully. With valid Microsoft AZ-700 dumps, you can prepare for the Designing and Implementing Microsoft Azure Networking Solutions AZ-700 real test at home without needing to enroll in expensive classes.

Try to read free AZ-700 demo questions to check the updated AZ-700 exam:

1. Topic 1, Litware. Inc Case Study 1

Overview

Litware. Inc. is a financial company that has a main datacenter in Boston and 20 branch offices across the United States. Users have Android, iOS, and Windows 10 devices.

Existing Environment:

Hybrid Environment

The on-prernises network contains an Active Directory forest named litwareinc.com that syncs to an Azure Active Directory (Azure AD) tenant named litwareinc.com by usinq Azure AD Connect.

All the offices connect to a virtual network named Vnetl by using a Site-to-Site VPN connection.

Azure Environment

Litware has an Azure subscription named Sub1 that is linked to the litwareinc.com Azure AD tenant.

Sub1 contains resources in the East US Azure region as shown in the following table.

There is bidirectional peering between Vnet1 and Vnet2. There is bidirectional peering between Vnet1 and Vnet3. Currently, Vnet2 and Vnet3 cannot communicate directly.

Requirements:

Business Requirements

Litware wants to minimize costs whenever possible, as long as all other requirements are met.

Virtual Networking Requirements

Litware identifies the following virtual networking requirements:

* Direct the default route of 0.0.0.0/0 on Vnet2 and Vnet3 to the Boston datacenter over an ExpressRoute circuit.

* Ensure that the records in the cloud.litwareinc.com zone can be resolved from the on-premises locations.

* Automatically register the DNS names of Azure virtual machines to the cloud.litwareinc.com zone.

* Minimize the size of the subnets allocated to platform-managed services.

* Allow traffic from VMScaleSet1 to VMScaleSet2 on the TCP port 443 only.

Hybrid Networking Requirements

Litware identifies the following hybrid networking requirements:

* Users must be able to connect to Vnet1 by using a Point-to-Site (P2S) VPN when working remotely. Connections must be authenticated by Azure AD.

* Latency of the traffic between the Boston datacenter and all the virtual networks must be minimized.

* The Boston datacenter must connect to the Azure virtual networks by using an ExpressRoute FastPath connection.

* Traffic between Vnet2 and Vnet3 must be routed through Vnet1.

PaaS Networking Requirements

Litware identifies the following networking requirements for platform as a service (PaaS):

* The storage1 account must be accessible from all on-premises locations without exposing the public endpoint of storage1.

* The storage2 account must be accessible from Vnet2 and Vnet3 without exposing the public endpoint of storage2.

You need to configure the default route in Vnet2 and Vnet3. The solution must meet the virtual networking requirements.

What should you use to configure the default route?

2. You need to configure the default route on Vnet2 and Vnet3. The solution must meet the virtual networking requirements.

What should you use to configure the default route?

3. You need to connect Vnet2 and Vnet3. The solution must meet the virtual networking requirements and the business requirements.

Which two actions should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

4. HOTSPOT

You need to implement a P2S VPN for the users in the branch office. The solution must meet the hybrid networking requirements.

What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

5. HOTSPOT

You need to implement name resolution for the cloud.liwareinc.com. The solution must meet the networking requirements.

What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

6. HOTSPOT

You need to restrict traffic from VMScaleSet1 to VMScaleSet2. The solution must meet the virtual networking requirements.

What is the minimum number of custom NSG rules and NSG assignments required? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

7. You need to provide connectivity to storage1. The solution must meet the PaaS networking requirements and the business requirements.

What should you include in the solution?

8. DRAG DROP

You need to prepare Vnet1 for the deployment of an ExpressRoute gateway. The solution must meet the hybrid connectivity requirements and the business requirements.

Which three actions should you perform in sequence for Vnet1? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

9. DRAG DROP

You need to implement outbound connectivity for VMScaleSet1. The solution must meet the virtual networking requirements and the business requirements.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

10. HOTSPOT

You need to recommend a configuration for the ExpressRoute connection from the Boston datacenter. The solution must meet the hybrid networking requirements and business requirements.

What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

11. Topic 2, Contoso Case Study 2

Overview

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study

To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab. note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Existing Environment:

Azure Network Infrastructure

Contoso has an Azure Active Directory (Azure AD) tenant named contoso.com.

The Azure subscription contains the virtual networks shown in the following table.

Vnet1 contains a virtual network gateway named GW1.

Azure Virtual Machines

The Azure subscription contains virtual machines that run Windows Server 2019 as shown in the following table.

The NSGs are associated to the network interfaces on the virtual machines. Each NSG has one custom security rule that allows RDP connections from the internet. The firewall on each virtual machine allows ICMP traffic.

An application security group named ASG1 is associated to the network interface of VM1.

Azure Private DNS Zones

The Azure subscription contains the Azure private DNS zones shown in the following table.

Zone1.contoso.com has the virtual network links shown in the following table.

Other Azure Resources

The Azure subscription contains additional resources as shown in the following table.

Requirements:

Virtual Network Requirements

Contoso has the following virtual networks requirements:

* Create a virtual network named Vnet6 in West US that will contain the following resources and configurations:

Two container groups that connect to Vnet6

Three virtual machines that connect to Vnet6

Allow VPN connections to be established to Vnet6

Allow the resources in Vnet6 to access KeyVault1, DB1, and Vnet1 over the Microsoft backbone network

* The virtual machines in Vnet4 and Vnet5 must be able to communicate over the Microsoft backbone network.

* A virtual machine named VM-Analyze will be deployed to Subnet1. VM-Analyze must inspect the outbound network traffic from Subnet2 to the internet.

Network Security Requirements

Contoso has the following network security requirements:

* Configure Azure Active Directory (Azure AD) authentication for Point-to-Site (P2S) VPN users.

* Enable NSG flow logs for NSG3 and NSG4.

* Create an NSG named NSG10 that will be associated to Vnet1/Subnet1 and will have the custom inbound security rules shown in the following table.

* Create an NSG named NSG11 that will be associated to Vnet1/Subnet2 and will have the custom outbound security rules shown in the following table.

HOTSPOT

Which virtual machines can VM1 and VM4 ping successfully? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

12. HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

13. CORRECT TEXT

You are implementing the Virtual network requirements for Vnet6.

What is the minimum number of subnets and service endpoints you should create? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

14. You need to configure GW1 to meet the network security requirements for the P2S VPN users.

Which Tunnel type should you select in the Point-to-site configuration settings of GW1?

15. HOTSPOT

In which NSGs can you use ASG1 and to which virtual machine network interfaces can you associate ASG1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

16. HOTSPOT

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

17. What should you implement to meet the virtual network requirements for the virtual machines that connect to Vnet4 and Vnet5?

18. HOTSPOT

You are implementing the virtual network requirements for VM Analyze.

What should you include in a custom route that is linked to Subnet2? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

19. HOTSPOT

You create NSG10 and NSG11 to meet the network security requirements.

For each of the following statements, select Yes it the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

20. HOTSPOT

You need to meet the network security requirements for the NSG flow logs.

Which type of resource do you need, and how many instances should you create? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

21. Topic 3, Mix Questions

You have an Azure virtual network named Vnet1 that has one subnet. Vnet1 is in the West Europe Azure region.

You deploy an Azure App Service app named App1 to the West Europe region.

You need to provide App1 with access to the resources in Vnet1. The solution must minimize costs.

What should you do first?

22. DRAG DROP

You have an Azure Front Door instance named FrontDoor1.

You deploy two instances of an Azure web app to different Azure regions.

You plan to provide access to the web app through FrontDoor1 by using the name app1.contoso.com.

You need to ensure that FrontDoor1 is the entry point for requests that use app1.contoso.com.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

23. CORRECT TEXT

You have two Azure App Service instances that host the web apps shown the following table.

You deploy an Azure application gateway that has one public frontend IP address and two backend pools.

You need to publish all the web apps to the application gateway. Requests must be routed based on the HTTP host headers.

What is the minimum number of listeners and routing rules you should configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

24. HOTSPOT

You have an Azure subscription that contains a single virtual network and a virtual network gateway.

You need to ensure that administrators can use Point-to-Site (P2S) VPN connections to access resources in the virtual network. The connections must be authenticated by Azure Active Directory (Azure AD).

What should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

25. Youhave an Azure Web Application Firewall (WAF) policy in prevention mode that is associated to an Azure Front Door instance.

You need to configure the policy to meet the following requirements:

✑ Log all connections from Australia.

✑ Deny all connections from New Zealand.

✑ Deny all further connections from a network of 131.107.100.0/24 if there are more than 100 connections during one minute.

What is the minimum number of objects you should create?

26. HOTSPOT

You have an Azure subscription.

You have the on-premises sites shown the following table.

You plan to deploy Azure Virtual WAN.

You are evaluating Virtual WAN Basic and Virtual WAN Standard.

Which type of Virtual WAN can you use for each site? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

27. DRAG DROP

You have three on-premises sites. Each site has a third-party VPN device.

You have an Azure virtual WAN named VWAN1that has a hub named Hub1. Hub1 connects two of the three on-premises sites by using a Site-to-Site VPN connection.

You need to connect the third site to the other two sites by using Hub1.

Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

28. HOTSPOT

You are planning an Azure solution that will contain the following types of resources in a single Azure region:

✑ Virtual machine

✑ Azure App Service

✑ Virtual Network gateway

✑ Azure SQL Managed Instance

App Service and SQL Managed Instance will be delegated to create resources in virtual networks.

You need to identify how many virtual networks and subnets are required for the solution.

The solution must minimize costs to transfer data between virtual networks.

What should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

29. You have five virtual machines that run Windows Server. Each virtual machine hosts a different web app.

You plan to use an Azure application gateway to provide access to each web app by using a hostname of www.contoso.corn and a different URL path for each web app, for example: https://www.contoso.com/app1.

You need to control the flow of traffic based on the URL path.

What should you configure?

30. You are planning an Azure Point-to-Site (P2S) VPN that will use OpenVPN.

Users will authenticate by using an on premises Active Directory domain.

Which additional service should you deploy to support the VPN authentication?

31. HOTSPOT

You have an Azure subscription that contains two virtual networks named Vnet1 and Vnet2.

You register a public DNS zone named fabrikam.com.

The zone is configured as shown in the Public DNS Zone exhibit.

You have a private DNS zone named fabrikam.com.

The zone is configured as shown in the Private DNS Zone exhibit.

You have a virtual network link configured as shown in the Virtual Network Link exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

32. You have an Azure application gateway named AppGW1 that balances requests to a web app named App1.

You need to modify the server variables in the response header of App1.

What should you configure on AppGW1?

33. Your company has an on-premises network and three Azure subscriptions named Subscription1, Subscription2, and Subscription3.

The departments at the company use the Azure subscriptions as shown in the following table.

All the resources in the subscriptions are in either the West US Azure region or the West US 2 Azure region.

You plan to connect all the subscriptions to the on-premises network by using ExpressRoute.

What is the minimum number of ExpressRoute circuits required?

34. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.

You configure the application gateway to direct traffic to the URL of the application gateway.

You attempt to access the URL and receive an HTTP 403 error.

You view the diagnostics log and discover the following error.

You need to ensure that the URL is accessible through the application gateway.

Solution: You create a WAF policy exclusion for request headers that contain 137.135.10.24.

Does this meet the goal?

35. You have the Azure resources shown in the following table.

You configure storage1 to provide access to the subnet in Vnet1 by using a service endpoint.

You need to ensure that you can use the service endpoint to connect to the read-only endpoint of storage1 in the paired Azure region.

What should you do first?

36. You have an Azure virtual network that contains a subnet named Subnet1. Subnet1 is associated to a network security group (NSG) named NSG1. NSG1 blocks all outbound traffic that is not allowed explicitly.

Subnet1 contains virtual machines that must communicate with the Azure Cosmos DB service.

You need to create an outbound security rule in NSG1 to enable the virtual machines to connect to Azure Cosmos DB.

What should you include in the solution?

37. DRAG DROP

You have two Azure subscriptions named Subscnption1 and Subscription2. Subscription1 contains a virtual network named Vnet1. Vnet1 contains an application server. Subscription2 contains a virtual network named Vnet2.

You need to provide the virtual machines in Vnet2 with access to the application server in Vnet1 by using a private endpoint.

Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

38. You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.

The subscription contains the following resources:

* An Azure App Service app named App1

* An Azure DNS zone named contoso.com

* An Azure private DNS zone named private.contoso.com

* A virtual network named Vnet1

You create a private endpoint for App1. The record for the endpoint is registered automatically in Azure DNS.

You need to provide a developer with the name that is registered in Azure DNS for the private endpoint.

What should you provide?

39. HOTSPOT

Your company has 10 instances of a web service. Each instance is hosted in a different Azure region and is accessible through a public endpoint.

The development department at the company is creating an application named App1. Every 10 minutes. App1 will use a list of end points and connect to the first available endpoint.

You plan to use Azure Traffic Manager to maintain the list of endpoints.

You need to configure a Traffic Manager profile that will minimize the impact of DNS caching.

What should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

40. You have an Azure virtual network named Vnet1 and an on-premises network.

The on-premises network has policy-based VPN devices. In Vnet1, you deploy a virtual network gateway named GW1 that uses a SKU ofVpnGw1 and is route-based.

You have a Site-to-Site VPN connection for GW1 as shown in the following exhibit.

You need to ensure that the on-premises network can connect to the route-based GW1.

What should you do before you create the connection?

41. You have the Azure Traffic Manager profiles shown in the following table.

You plan to add the endpoints shown in the following table.

Which endpoints can you add to Profile2?

42. You have an Azure subscription that contains multiple virtual machines in the West US Azure region.

You need to use Traffic Analytics.

Which two resources should you create? Each correct answer presents part of the solution. NOTE: Each correct answer selection is worth one point. (Choose two.)

43. You have a website that uses an FQDN of www.contoso.com. The DNS record tor www.contoso.com resolves to an on-premises web server.

You plan to migrate the website to an Azure web app named Web1. The website on Web1 will be published by using an Azure Front Door instance named ContosoFD1.

You build the website on Web1.

You plan to configure ContosoFD1 to publish the website for testing.

When you attempt to configure a custom domain for www.contoso.com on ContosoFD1, you receive the error message shown in the exhibit.

You need to test the website and ContosoFD1 without affecting user access to the on-premises web server.

Which record should you create in the contoso.com DNS domain?

44. You are planning the IP addressing for the subnets in Azure virtual networks.

Which type of resource requires IP addresses in the subnets?

45. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.

You configure the application gateway to direct traffic to the URL of the application gateway.

You attempt to access the URL and receive an HTTP 403 error.

You view the diagnostics log and discover the following error.

You need to ensure that the URL is accessible through the application gateway.

Solution: You create a WAF policy exclusion request headers that contain 137.135.10.24.

Does this meet the goat?

46. You plan to deploy an Azure virtual network.

You need to design the subnets.

Which three types of resources require a dedicated subnet? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

47. You have an Azure Front Door instance named FD1 that is protected by using Azure Web Application Firewall (WAF).

FD1 uses a frontend host named app1.contoso.com to provide access to Azure web apps hosted in the East US Azure region and the WestUS Azure region.

You need to configure FD1 to block requests to app1.contoso.com from all countries other than the United States.

What should you include in the WAF policy?

48. HOTSPOT

You have an Azure application gateway named AppGw1.

You need to create a rewrite rulefor AppGw1. The solution must rewrite the URL of requests from https://www.contoso.com/fashion/shirts to ttps://www.contoso.com/buy.aspx?category-fashion&product=shirts.

How should you complete the rule? To answer NOTE: Each correct selection is worth onepoint appropriate options in the answer area.


 

Pass the Microsoft Managing Modern Desktops (MD-101) Exam with Confidence: The Latest MD-101 Dumps
Microsoft DP-300 Dumps V13.02 - Updated DP-300 Dumps Questions For Preparation

Add a Comment

Your email address will not be published. Required fields are marked *