MultipleChoice
Task 11
You are preparing to connect your on-premises network to VNET4 by using a Site-to-Site VPN. The on-premises endpoint of the VPN will be created on a firewall named Firewall 1.
The on-premises network has the following configurations:
Internal address range: 10.10.0.0/16.
Firewall 1 internal IP address: 10.10.1.1.
Firewall1 public IP address: 131.107.50.60.
BGP is NOT used.
You need to create the object that will provide the IP addressing configuration of the on-premises network to the Site-to-Site VPN. You do NOT need to create a virtual network gateway to complete this task.
OptionsHotspot
You have an Azure load balancer that has the following configurations:
Name:LB1
Location: East US 2
SKU: Standard
Private IP address: 10.3.0.7
Load balancing rule: rule! (Tcp/80)
Health probe: probe1 (Http:80)
NAT rules; 0 inbound
The backend pool of LB1 has the following configurations:
Name: backend I
Virtual network: Vnet1
Backend pool configuration: NIC
IP version: IPv4
Virtual machines: VM1.VM2. VM3:
You have an Azure virtual machine named VM4 that has the following network configurations:
Network interface: vm49Sl
Virtual network/subnet: Vnet3/Subnet3
NIC private IP address: 10.4.0.4
Accelerated networking: Enabled
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hotspot
You have two Azure virtual networks named Vnet1 and Vnet2 in an Azure region that has three availability zones.
You deploy 12 virtual machines to each virtual network, deploying four virtual machines per zone. The virtual machines in Vnet1 host an app named App1. The virtual machines in Vnet2 host an app named App2.
You plan to use Azure Virtual Network NAT to implement outbound connectivity for App1 and App2.
You need to identify the minimum number of subnets and Virtual Network NAT instances required to meet the following requirements:
A failure of two zones must NOT affect the availability of either App1 or App2.
A failure of two zones must NOT affect the outbound connectivity of either App1 or App2.
What should you identify? To answer, select the appropriate options in the answer are
a.
NOTE: Each correct selection is worth one point.
MultipleChoice
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure subscription that contains the following resources:
A virtual network named Vnet1
A subnet named Subnet1 in Vnet1
A virtual machine named VM1 that connects to Subnet1
Three storage accounts named storage1, storage2, and storage3
You need to ensure that VM1 can access storage1. VM1 must be prevented from accessing any other storage accounts.
Solution: You configure the firewall on storage1 to only accept connections from Vnet1.
Does this meet the goal?
OptionsHotspot
You configure a route table named RT1 that has the routes shown in the following table.
You have an Azure virtual network named Vnet1 that has the subnets shown in the following table.
You have the resources shown in the following table.
Vnet1 connects to an ExpressRoute circuit. The on-premises router advertises the following routes:
0.0.0.0/0
10.0.0.0/16
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
MultipleChoice
You have an Azure subscription that contains the public IPv4 addresses shown in the following table.
You plan to create a load balancer named LB1 that will have the following settings:
Name: LB1
Location: West US
Type: Public
SKU: Standard
Which public IPv4 addresses can be used by LB1?
OptionsMultipleChoice
You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com. The subscription contains the following resources:
An Azure App Service app named App1
An Azure DNS zone named contoso.com
An Azure private DNS zone named private.contoso.com
A virtual network named Vnet1
You create a private endpoint for App1. The record for the endpoint is registered automatically in Azure DNS.
You need to provide a developer with the name that is registered in Azure DNS for the private endpoint.
What should you provide?
OptionsMultipleChoice
You plan to publish a website that will use an FQDN of www.contoso.com. The website will be hosted by using the Azure App Service apps shown in the following table.
Which DNS record should you create?
OptionsMultipleChoice
You have an Azure subscription that contains an Azure App Service app. The app uses a URL of https://www.contoso.com.
What should you include in the solution?
OptionsMultipleChoice
Your company has offices in New York and Amsterdam. The company has an Azure subscription. Both offices connect to Azure by using a Site-to-Site VPN connection.
The office in Amsterdam uses resources in the North Europe Azure region. The office in New York uses resources in the East US Azure region.
You need to implement ExpressRoute circuits to connect each office to the nearest Azure region. Once the ExpressRoute circuits are connected, the on-premises computers in the Amsterdam office must be able to connect to the on-premises servers in the New York office by using the ExpressRoute circuits.
Which ExpressRoute option should you use?
Options