Question 56
You have an Azure subscription that contains an Azure key vault named Vaultl and an app registration for an Azure AD app named App1.
You have a DNS domain named contoso.com that is hosted by a third-party DNS provider.
You plan to deploy App1 by using Azure App Service. App1 will have the following configurations:
* App1 will be hosted across five App Service apps.
* Users will access App1 by using a URL of https://app1.contoso.com.
* The user traffic of App1 will be managed by using Azure Front Door.
* The traffic between Front Door and the App Service apps will be sent by using HTTP.
* App1 will be secured by using an SSL certificate from a third-party certificate authority (CA).
You need to support the Front Door deployment.
Which two DNS records should you create, and to where should you import the SSL certificate for App1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a DNS domain named contoso.com that is hosted by a third-party DNS provider.
You plan to deploy App1 by using Azure App Service. App1 will have the following configurations:
* App1 will be hosted across five App Service apps.
* Users will access App1 by using a URL of https://app1.contoso.com.
* The user traffic of App1 will be managed by using Azure Front Door.
* The traffic between Front Door and the App Service apps will be sent by using HTTP.
* App1 will be secured by using an SSL certificate from a third-party certificate authority (CA).
You need to support the Front Door deployment.
Which two DNS records should you create, and to where should you import the SSL certificate for App1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 57
You plan to deploy Azure Virtual WAN.
You need to deploy a virtual WAN hub that meets the following requirements:
Supports 10 sites that will connect to the virtual WAN hub by using a Site-to-Site VPN connection Supports 8 Gbps of ExpressRoute traffic Minimizes costs What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to deploy a virtual WAN hub that meets the following requirements:
Supports 10 sites that will connect to the virtual WAN hub by using a Site-to-Site VPN connection Supports 8 Gbps of ExpressRoute traffic Minimizes costs What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 58
You have two Azure virtual networks named Vnet1 and Vnet2 in an Azure region that has three availability zones.
You deploy 12 virtual machines to each virtual network, deploying four virtual machines per zone. The virtual machines in Vnet1 host an app named App1. The virtual machines in Vnet2 host an app named App2.
You plan to use Azure Virtual Network NAT to implement outbound connectivity for App1 and App2.
You need to identify the minimum number of subnets and Virtual Network NAT instances required to meet the following requirements:
* A failure of two zones must NOT affect the availability of either App1 or App2.
* A failure of two zones must NOT affect the outbound connectivity of either Appl1or App2.
What should you identify? To answer, select the appropriate options in the answer are a.
NOTE: Each correct selection is worth one point.
You deploy 12 virtual machines to each virtual network, deploying four virtual machines per zone. The virtual machines in Vnet1 host an app named App1. The virtual machines in Vnet2 host an app named App2.
You plan to use Azure Virtual Network NAT to implement outbound connectivity for App1 and App2.
You need to identify the minimum number of subnets and Virtual Network NAT instances required to meet the following requirements:
* A failure of two zones must NOT affect the availability of either App1 or App2.
* A failure of two zones must NOT affect the outbound connectivity of either Appl1or App2.
What should you identify? To answer, select the appropriate options in the answer are a.
NOTE: Each correct selection is worth one point.
Question 59
You need to implement name resolution for the cloud.liwareinc.com. The solution must meet the networking requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Question 60
You have the network security groups (NSGs) shown in the following table.
In NSG1, you create inbound rules as shown in the following table.
You have the Azure virtual machines shown in the following table.
NSG2 has only the default rules configured.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
In NSG1, you create inbound rules as shown in the following table.
You have the Azure virtual machines shown in the following table.
NSG2 has only the default rules configured.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
