01. You are configuring two network virtual appliances (NVAs) in an Azure virtual network. The NVAs will be used to inspect all the traffic within the virtual network. You need to provide high availability for the NVAs.
The solution must minimize administrative effort. What should you include in the solution?
a) Azure Standard Load Balancer
b) Azure Traffic Manager
c) Azure Application Gateway
d) Azure Front Door
02. You have an Azure application gateway named AppGW1 that balances requests to a web app named App1.
You need to modify the server variables in the response header of App1. What should you configure on AppGW1?
a) rules
b) HTTP settings
c) rewrites
d) listeners
03. You fail to establish a Site-to-Site VPN connection between your company's main office and an Azure virtual network. You need to troubleshoot what prevents you from establishing the IPsec tunnel.
Which diagnostic log should you review?
a) IKEDiagnosticLog
b) RouteDiagnosticLog
c) GatewayDiagnosticLog
d) TunnelDiagnosticLog
You need to configure the default route in Vnet2 and Vnet3. The solution must meet the virtual networking requirements. What should you use to configure the default route?
a) a user-defined route assigned to GatewaySubnet in Vnet2 and Vnet3
b) a user-defined route assigned to GatewaySubnet in Vnet1
c) BGP route exchange
d) route filters
05. You have an Azure application gateway for a web app named App1. The application gateway allows end-to-end encryption. You configure the listener for HTTPS by uploading an enterprise-signed certificate.
You need to ensure that the application gateway can provide end-to-end encryption for App1. What should you do?
a) Increase the Unhealthy threshold setting in the custom probe.
b) Enable the SSL profile to the listener.
c) Set Listener type to Multi site.
d) Upload the public key certificate to the HTTP settings.
What should you implement to meet the virtual network requirements for the virtual machines that connect to Vnet4 and Vnet5?
a) a private endpoint
b) a virtual network peering
c) a private link service
d) a routing table
e) a service endpoint
07. You have 10 Azure App Service instances. Each instance hosts the same web app. Each instance is in a different Azure region. You need to configure Azure Traffic Manager to direct users to the instance that has the lowest latency.
Which routing method should you use?
a) performance
b) geographic
c) weighted
d) priority
08. You are planning an Azure Point-to-Site (P2S) VPN that will use OpenVPN. Users will authenticate by an on-premises Active Directory domain.
Which additional service should you deploy to support the VPN authentication?
a) an Azure key vault
b) a RADIUS server
c) a certification authority
d) Azure Active Directory (Azure AD) Application Proxy
09. You need to provide connectivity to storage1. The solution must meet the PaaS networking requirements and the business requirements. What should you include in the solution?
a) a service endpoint
b) Azure Front Door
c) a private endpoint
d) Azure Traffic Manager
10. You have five virtual machines that run Windows Server. Each virtual machine hosts a different web app. You plan to use an Azure application gateway to provide access to each web app by using a hostname of www.contoso.com and a different URL path for each web app, for example: https://www.contoso.com/app1.
You need to control the flow of traffic based on the URL path. What should you configure?
a) HTTP settings
b) listeners
c) rules
d) rewrites
The purpose of this Sample Question Set is to provide you with information about the Designing and Implementing Microsoft Azure Networking Solutions exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the AZ-700 certification test. To get familiar with real exam environment, we suggest you try our Sample Designing and Implementing Microsoft Azure Networking Solutions Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual Microsoft Certified - Azure Network Engineer Associate certification exam.