AZ-700 Exam Dumps - Designing and Implementing Microsoft Azure Networking Solutions

Go to page:

Question # 25

Task 4

You need to ensure that connections to the storage34280945 storage account can be made by using an IP address in the 10.1.1.0/24 range and the name storage34280945.pnvatelinlcblob.core.windows.net.

Full Access

Answer:

Explanation:

Here are the steps and explanations for ensuring that connections to the storage34280945 storage account can be made by using an IP address in the 10.1.1.0/24 range and the name stor-age34280945.pnvatelinlcblob.core.windows.net:

To allow access from a specific IP address range, you need to configure the Azure Storage firewall and virtual network settings for your storage account.Â You can do this in the Azure portal by selecting your storage account and then selecting Networking under Settings1.

On the Networking page, select Firewalls and virtual networks, and then select Selected networks under Allow access from1. This will block all access to your storage account except from the networks or resources that you specify.

Under Firewall, select Add rule, and then enter 10.1.1.0/24 as the IP address or range.Â You can also enter an optional rule name and description1. This will allow access from any IP address in the 10.1.1.0/24 range.

Select Save to apply your changes1.

To map a custom domain name to your storage account, you need to create a CNAME record with your domain provider that points to your storage account endpoint2. A CNAME record is a type of DNS record that maps a source domain name to a destination domain name.

Create a CNAME record with the following information2:

Source domain name: stor-age34280945.pnvatelinlcblob.core.windows.net

Destination domain name: stor-age34280945.pnvatelinlcblob.core.windows.net

Save your changes and wait for the DNS propagation to take effect2.

To register the custom domain name with Azure, you need to go back to the Azure portal and select your storage account.Â Then select Custom domain under Blob service2.

On the Custom domain page, enter stor-age34280945.pnvatelinlcblob.core.windows.net as the custom domain name and select Save2.

Question # 26

You have an Azure subscription that contains the resources shown in the following table.

You need to ensure that VM1 and VM2 can connect only to storage1. The solution must meet the following requirements:

â€¢ Prevent VM1 and VM2 from accessing any other storage accounts.

â€¢ Ensure that storage1 is accessible from the internet.

What should you use?

a network security group (NSG)

a private endpoint

a private link

a service endpoint policy

Full Access

Question # 27

You have five virtual machines that run Windows Server. Each virtual machine hosts a different web app.

You plan to use an Azure application gateway to provide access to each web app by using a hostname of www.contoso.corn and a different URL path for each web app, for example: https://www.contoso.com/app1.

You need to control the flow of traffic based on the URL path.

What should you configure?

rules

rewrites

HTTP settings

listeners

Full Access

Question # 28

You have an Azure subscription that contains a virtual network named VNet1.

You need to deploy an instance of Azure Application Gateway v2 named AppGw1 to VNet1. AppGw1 will include one basic listener and two multi-site listeners. The listeners will be accessible only from VNet1.

What is the minimum number of IP addresses required for AppGw1? To answer, select the appropriate options in the answer area

NOTE: Each correct selection is worth one point.

Full Access

Question # 29

You have an Azure Web Application Firewall (WAF) v2 tier named AG1 on an Azure application gateway. AG1 has a policy named Policy 1.

You need to add a custom rule to Policy 1. The rule must block all requests from IP addresses in a specific IP address range.

Which four PowerShell cmdlets should you run in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order.

Full Access

Question # 30

You have an Azure subscription that contains the resources shown in the following table.

You discover that users connect directly to App1.

You need to meet The following requirements:

â€¢ Administrators must only access App1 by using a private endpoint.

â€¢ All user connections to App1 must be routed through FD1.

â€¢ The downtime of connections to App1 must be minimized.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select.