Exam AZ-104 All QuestionsBrowse all questions from this exam
Go to Exam
Question 369

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a computer named Computer1 that has a point-to-site VPN connection to an Azure virtual network named VNet1. The point-to-site connection uses a self-signed certificate.

From Azure, you download and install the VPN client configuration package on a computer named Computer2.

You need to ensure that you can establish a point-to-site VPN connection to VNet1 from Computer2.

Solution: You modify the Azure Active Directory (Azure AD) authentication policies.

Does this meet the goal?

    Correct Answer: B

    To establish a point-to-site VPN connection to an Azure virtual network (VNet1) from Computer2, you need the client certificate that was used on Computer1. This certificate is essential because it is used for client authentication. Modifying Azure Active Directory (Azure AD) authentication policies will not address the requirement of having the client certificate installed on Computer2. The correct solution involves exporting the client certificate from Computer1 and installing it on Computer2. Without the client certificate, Computer2 will not be able to authenticate and establish the VPN connection to VNet1.

Discussion
mlantonisOption: B

Correct Answer: B Instead export the client certificate from Computer1 and install the certificate on Computer2. A Point-to-Site (P2S) VPN gateway connection lets you create a secure connection to your virtual network from an individual client computer. A P2S connection is established by starting it from the client computer. This solution is useful for telecommuters who want to connect to Azure VNets from a remote location, such as from home or a conference. P2S VPN is also a useful solution to use instead of S2S VPN when you have only a few clients that need to connect to a VNet. This article applies to the Resource Manager deployment model.

mlantonis

Reference: https://docs.microsoft.com/en-us/azure/vpn-gateway/point-to-site-about https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site

Asymptote

Mlantonis, pls make a cloud training platform, you are really good at passing knowledge.

SumanSaurabh

I second, I took course from Cloud academy but was useless.

Slawekyo

Sounds about right huh

SumanSaurabh

Mlantonis if you are alive, God Bless You !!

op22233

God Bless Mlantonis

adilkhan

hahahahaaa

ZUMYOption: B

B is correct: Each client computer that connects to a VNet using Point-to-Site must have a client certificate installed. You generate a client certificate from the self-signed root certificate, and then export and install the client certificate. If the client certificate is not installed, authentication fails.

DA0410Option: B

B is correct

fedztedzOption: B

Answer is correct. B

waterzhongOption: B

Create a self-signed root certificate Use the New-SelfSignedCertificate cmdlet to create a self-signed root certificate. For additional parameter information, see New-SelfSignedCertificate.

InvisibleShadow

This question came in the exam today 8/Mar/2022. I passed the exam, 95% questions came from here.

toniivOption: B

Answer B. is correct as well as the explanation.

margotfrppOption: B

Solution: You export the client certificate from Computer1 and install the certificate on Computer2.

EmnCoursOption: B

Correct Answer: B

AubinBakana

The solution was so dull I got confused for a moment. Who would think of that? haha...

JayBee65Option: B

"A client certificate that is generated from the root certificate. The client certificate installed on each client computer that will connect to the VNet. This certificate is used for client authentication." - see https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal

NickyDeeOption: B

Copy the cert from the first computer and install it on the 2nd

tashakoriOption: B

No is right

LazylinuxOption: B

I Luv Honey Because it is B Given answer is correct and explanation correct as Certificate is needed