Here you have the best Microsoft AZ-700 practice exam questions
Your company has a single on-premises datacenter in Washington DC. The East US Azure region has a peering location in Washington DC.
The company only has Azure resources in the East US region.
You need to implement ExpressRoute to support up to 1 Gbps. You must use only ExpressRoute Unlimited data plans. The solution must minimize costs.
Which type of ExpressRoute circuits should you create?
The ExpressRoute Local circuit is most suitable because it specifically caters to scenarios where the on-premises datacenter is located in the same metro area as the Azure region, in this case, Washington DC and East US. ExpressRoute Local offers a more economical solution since it only provides access to the local Azure region without the need for global connectivity, which helps in minimizing costs. Furthermore, ExpressRoute Local supports unlimited data plans and can handle the required bandwidth of up to 1 Gbps.
You are planning an Azure Point-to-Site (P2S) VPN that will use OpenVPN.
Users will authenticate by an on-premises Active Directory domain.
Which additional service should you deploy to support the VPN authentication?
To support the VPN authentication for an Azure Point-to-Site (P2S) VPN using OpenVPN and authenticating users by an on-premises Active Directory domain, you need to deploy a RADIUS server. The RADIUS server will communicate with the Active Directory to validate user credentials, ensuring secure management of user access to the VPN.
You plan to configure BGP for a Site-to-Site VPN connection between a datacenter and Azure.
Which two Azure resources should you configure? Each correct answer presents a part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.
You fail to establish a Site-to-Site VPN connection between your company's main office and an Azure virtual network.
You need to troubleshoot what prevents you from establishing the IPsec tunnel.
Which diagnostic log should you review?
When troubleshooting a failure to establish a Site-to-Site VPN connection, it is important to review logs that provide detailed information on the IKE (Internet Key Exchange) and IPsec (Internet Protocol Security) processes, as these are fundamental to setting up a VPN tunnel. The IKEDiagnosticLog is specialized in offering verbose debug logging for IKE/IPsec, making it the most relevant log for diagnosing issues with establishing the IPsec tunnel.
You have an Azure virtual network and an on-premises datacenter.
You are planning a Site-to-Site VPN connection between the datacenter and the virtual network.
Which two resources should you include in your plan? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
To establish a Site-to-Site VPN connection between an on-premises datacenter and an Azure virtual network, you need to include a virtual network gateway and a local network gateway. The virtual network gateway acts as the VPN endpoint in Azure and enables the VPN connection to the datacenter. The local network gateway represents the on-premises VPN device and its IP address, allowing Azure to establish a VPN connection with the datacenter over the public Internet. Together, these gateways facilitate secure communication between the datacenter and the virtual network.