Exam Details

  • Exam Code
    :AZ-700
  • Exam Name
    :Designing and Implementing Microsoft Azure Networking Solutions
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :390 Q&As
  • Last Updated
    :Mar 31, 2025

Microsoft Microsoft Certifications AZ-700 Questions & Answers

  • Question 101:

    You have the on-premises networks shown in the following table.

    You have an Azure subscription that contains an Azure virtual WAN named VWAN1 and a virtual network named VNet1. VWAN is connected to the on-premises networks and VNet1 in a full mesh topology. The virtual hub routing preference

    for VWAN1 is AS Path.

    You need to route traffic from VNet1 to 10.61.1.5.

    Which path will be used?

    A. the VPN connection to Branch1

    B. the VPN connection to Branch2

    C. the ExpressRoute connection to Branch2

    D. the ExpressRoute connection to Branch3

  • Question 102:

    You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains the following subnets:

    1.

    AzureFirewallSubnet

    2.

    GatewaySubnet

    3.

    Subnet1

    4.

    Subnet2

    5.

    Subnet3

    Subnet2 has a delegation to the Microsoft.Web/serverfarms service.

    The subscription contains the resources shown in the following table.

    You need to implement an Azure application gateway named AG1 that will be integrated with an Azure Web Application Firewall (WAF). AG1 will be used to publish VMSS1.

    To which subnet should you connect AG1?

    A. GatewaySubnet

    B. AzureFirewallSubnet

    C. Subnet2

    D. Subnet1

    E. Subnet3

  • Question 103:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.

    You configure the application gateway to direct traffic to the URL of the application gateway.

    You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.

    You need to ensure that the URL is accessible through the application gateway.

    Solution: You disable the WAF rule that has a ruleld of 920300.

    Does this meet the goal?

    A. Yes

    B. No

  • Question 104:

    You are planning the IP addressing for the subnets in Azure virtual networks.

    Which type of resource requires IP addresses in the subnets?

    A. storage account

    B. internal load balancers

    C. service endpoints

    D. virtual network peering

  • Question 105:

    You have an Azure subscription that contains a virtual network named VNet1 and the virtual machines shown in the following table.

    All the virtual machines are connected to Vnet1.

    You need to ensure that the applications hosted on the virtual machines can be accessed from the internet. The solution must ensure that the virtual machines share a single public IP address.

    What should you use?

    A. an internal load balancer

    B. Azure Application Gateway

    C. a NAT gateway

    D. a public load balancer

  • Question 106:

    You have an Azure subscription that contains a virtual network named Vnet1. Vnet1 contains a virtual machine named VM1 and an Azure firewall named FW1.

    You have an Azure Firewall Policy named FP1 that is associated to FW1.

    You need to ensure that RDP requests to the public IP address of FW1 route to VM1.

    What should you configure on FP1?

    A. a network rule

    B. URL filtering

    C. a DNAT rule

    D. an application rule

  • Question 107:

    You have an Azure subscription mat contains tour virtual networks named VNet1, VNet2, VNet3, and VNet4.

    You plan to deploy a hub and spoke topology by using virtual network peering.

    You need to configure VNet1 as the hub network. The solution must meet the following requirements:

    1.

    Support transitive routing between spokes.

    2.

    Maximize network throughput.

    What should you include in the solution?

    A. Azure VPN Gateway

    B. Azure Route Server

    C. Azure Private Link

    D. Azure Firewall

  • Question 108:

    You are planning the IP addressing for the subnets in Azure virtual networks.

    Which type of resource requires IP addresses in the subnets?

    A. Azure DDoS Protection for virtual networks

    B. virtual network peering

    C. internal load balancers

    D. service endpoints

  • Question 109:

    You have an Azure subscription that contains a virtual network named Vnet1. Vnet1 contains 20 subnets and 500 virtual machines. Each subnet contains a virtual machine that runs network monitoring software.

    You have a network security group (NSG) named NSG1 associated to each subnet.

    When a new subnet is created in Vnet1 an automated process creates an additional network monitoring virtual machine in the subnet and links the subnet to NSG1.

    You need to create an inbound security rule in NSG1 that will allow connections to the network monitoring virtual machines from an IP address of 131.107.1.15. The solution must meet the following requirements:

    1.

    Ensure that only the monitoring virtual machines receive a connection from 131.1071.15.

    2.

    Minimize changes to NSG1 when a new subnet is created. What should you use as the destination in the inbound security rule?

    A. an application security group

    B. a service tag

    C. a virtual network

    D. an IP address

  • Question 110:

    You have an Azure subscription that contains the resources shown in the following table.

    Subnet1 contains three virtual machines that host an app named App1. App1 is accessed by using the SFTP protocol.

    From NSG1, you configure an inbound security rule named Rule2 that allows inbound SFTP connections to ASG1.

    You need to ensure that the inbound SFTP connections are managed by using ASG1. The solution must minimize administrative effort.

    What should you do?

    A. From NSG1, modify the priority of Rule2.

    B. From each virtual machine, associate the network interface to ASG1.

    C. From Subnet1, create a subnet delegation.

    D. From ASG1, modify the role assignments.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your AZ-700 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.