General

You plan to deploy several Azure virtual machines that will run Windows Server 2019 in a virtual machine scale set by using an Azure Resource Manager template. You need to ensure that NGINX is available on all the virtual machines after they are deployed. What should you use? Options are :

• A. Deployment Center in Azure App Service
• B. The Desired State Configuration (DSC) extension
• C. the New-Az Configuration Assignment cmdlet
• D. a Microsoft Intune device configuration profile

You plan to back up an Azure virtual machine named VM1. You discover that the Backup Pre-Check status displays a status of Warning. What is a possible cause of the Warning status? Options are :

• A. VM1 is stopped.
• B. VM1 does not have the latest version of the Azure VM Agent (WaAppAgent.exe) installed.
• C. VM1 has an unmanaged disk.
• D. A Recovery Services vault is unavailable.

You have five Azure virtual machines that run Windows Server 2016. The virtual machines are configured as web servers. You have an Azure load balancer named LB1 that provides load balancing services for virtual machines. You need to ensure that visitors are serviced by the same web server for each request. What should you configure? Options are :

• A. Floating IP (direct server return) to Enabled
• B. Floating IP (direct server return) to Disabled
• C. a health probes
• D. Session persistence to Client IP and Protocol

Your on-premises network contains an SMB share named Share1. You have an Azure subscription that contains the following resources: A web app named webapp1? A virtual network named VNET1? You need to ensure that webapp1 can connect to Share1. What should you deploy? Options are :

• A. an Azure Application Gateway
• B. an Azure Active Directory (Azure AD) Application Proxy
• C. an Azure Virtual Network Gateway

You plan to deploy several Azure virtual machines that will run Windows Server 2019 in a virtual machine scale set by using an Azure Resource Manager template. You need to ensure that NGINX is available on all the virtual machines after they are deployed. What should you use? Options are :

• A. the Publish-Az VM DSc Configuration cmdlet
• B. Azure Application Insights
• C. Azure Custom Script Extension
• D. the New-Az Configuration Assignment cmdlet

Your company has three offices. The offices are located in Miami, Los Angeles, and New York. Each office contains a data Centre. You have an Azure subscription that contains resources in the East US and West US Azure regions. Each region contains a virtual network. The virtual networks have peered. You need to connect the datacenters to the subscription. The the solution must minimize network latency between the datacenters. What should you create? Options are :

• A. three Azure Application Gateways and one On-premises data gateway
• B. three virtual hubs and one virtual WAN
• C. three virtual WANs and one virtual hub
• D. three On-premises data gateways and one Azure Application Gateway

You have an Azure subscription named Subscription1 that contains two Azure virtual networks named VNet1 and VNet2. VNet1 contains a VPN gateway named VPNGW1 that uses static routing. There is a site-to-site VPN connection between your on-premises network and VNet1. On a computer named Client1 that runs Windows 10, you configure a point-to-site VPN connection to VNet1. You configure virtual network peering between VNet1 and VNet2. You verify that you can connect to VNet2 from the on-premises network. Client1 is unable to connect to VNet2. You need to ensure that you can connect Client1 to VNet2. What should you do? Options are :

• A. Download and re-install the VPN client configuration package on Client1.
• B. Select Allow gateway transit on VNet1.
• C. Select Allow gateway transit on VNet2.
• D. Enable BGP on VPNGW1

You have an Azure web app named webapp1. You have a virtual network named VNET1 and an Azure virtual machine named VM1 that hosts a MySQL database. VM1 connects to VNET1. You need to ensure that webapp1 can access the data hosted on VM1. What should you do? Options are :

• A. Deploy an internal load balancer
• B. Peer VNET1 to another virtual network
• C. Connect webapp1 to VNET1
• D. Deploy an Azure Application Gateway

You have five Azure virtual machines that run Windows Server 2016. The virtual machines are configured as web servers. You have an Azure load balancer named LB1 that provides load balancing services for virtual machines. You need to ensure that visitors are serviced by the same web server for each request. What should you configure? Options are :

• A. Floating IP (direct server return) to Disabled
• B. Session persistence to None
• C. Floating IP (direct server return) to Enabled
• D. Session persistence to Client IP

You have two subscriptions named Subscription1 and Subscription2. Each subscription is associated with a different Azure AD tenant. Subscription1 contains a virtual network named VNet1. VNet1 contains an Azure virtual machine named VM1 and has an IP address space of 10.0.0.0/16. Subscription2 contains a virtual network named VNet2. VNet2 contains an Azure virtual machine named VM2 and has an IP address space of 10.10.0.0/24. You need to connect VNet1 to VNet2. What should you do first? Options are :

• A. Move VM1 to Subscription2.
• B. Move VNet1 to Subscription2.
• C. Modify the IP address space of VNet2.
• D. Provision virtual network gateways.

You have the Azure virtual network named VNet1 that contains a subnet named Subnet1. Subnet1 contains three Azure virtual machines. Each virtual machine has a public IP address. The virtual machines host several applications that are accessible over port 443 to users on the Internet. Your on-premises network has a site-to-site VPN connection to VNet1. You discover that the virtual machines can be accessed by using the Remote Desktop Protocol (RDP) from the Internet and from the on-premises network. You need to prevent RDP access to the virtual machines from the Internet unless the RDP connection is established from the on-premises network. The solution must ensure that Internet users can still access all the applications. What should you do? Options are :

• A. Modify the address space of the local network gateway
• B. Create a deny rule in a network security group (NSG) that is linked to Subnet1
• C. Remove the public IP addresses from the virtual machines
• D. Modify the address space of Subnet1

You have two Azure virtual networks named VNet1 and VNet2. VNet1 contains an Azure virtual machine named VM1. VNet2 contains an Azure virtual machine named VM2. VM1 hosts a frontend application that connects to VM2 to retrieve data. Users report that the frontend application is slower than usual. You need to view the average round-trip time (RTT) of the packets from VM1 to VM2. Which Azure Network Watcher feature should you use? Options are :

• A. IP flow verify
• B. Connection troubleshoots
• C. Connection monitor
• D. NSG flow logs

You have an Azure subscription that contains a policy-based virtual network gateway named GW1 and a virtual network named VNet1. You need to ensure that you can configure a point-to-site connection from an on-premises computer to VNet1. Which two actions should you perform? Options are :

• A. Add a service endpoint to VNet1
• B. Reset GW1
• C. Create a route-based virtual network gateway
• D. Add a connection to GW1
• E. Delete GW1 (Correct)
• F. Add a public IP address space to VNet1

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear on the review screen. You manage a virtual network named VNet1 that is hosted in the West US Azure region. VNet1 hosts two virtual machines named VM1 and VM2 that run Windows Server. You need to inspect all the network traffic from VM1 to VM2 for a period of three hours. Solution: From Azure Monitor, you create a metric ton Network in and Network Out. Does this meet the goal? Options are :

• A. Yes
• B. No

You have an existing Azure subscription that contains 10 virtual machines. You need to monitor the latency between your on-premises network and the virtual machines. What should you use? Options are :

• A. Service Map
• B. Connection troubleshoots
• C. Network Performance Monitor
• D. Effective routes