CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-104

Free AZ-104 Exam Braindumps (page: 38)

Page 37 of 132
PDF with 521 Questions

You have an Azure subscription that contains a storage account named storage1.

You need to allow access to storage1 from selected networks and your home office. The solution must minimize administrative effort.

What should you do first for storage1?

  1. Add a private endpoint.
  2. Modify the Public network access settings.
  3. Select Internet routing.
  4. Modify the Access Control (IAM) settings.

Answer(s): B



You have an Azure subscription that contains the resources shown in the following table.



You create a public IP address named IP1.

Which two resources can you associate to IP1? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

  1. VM1
  2. LB1
  3. NIC1
  4. VPN1
  5. VNet1

Answer(s): B,C

Explanation:

B: An Azure Load Balancer must have an IP address associated with a frontend. A separate public IP address can be utilized as a frontend for ingress and egress traffic.

To change the IP, you associate a new public IP address previously created with the load balancer frontend.

1. Sign in to the Azure portal.

2. In the search box at the top of the portal, enter Load balancer.

3. In the search results, select Load balancers.

4. In Load Balancers, select myLoadBalancer or the load balancer you wish to change.

5. In settings of myLoadBalancer, select Frontend IP configuration.

6. In Frontend IP configuration, select myFrontend or your load balancer frontend.

7. In the load balancer frontend configuration, select myStandardPublicIP-2 in Public IP address.

Select Save.


C: You can associate a public IP address to a virtual machine.
To do so, you associate the public IP address to an IP configuration of a network interface attached to a VM.

Steps:
1. Sign in to the Azure portal.

2. In the portal, search for and select the VM that you want to add the public IP address to.

3. Under Settings in the left pane, select Networking, and then select the network interface you want to add the public IP address to.




Note
Public IP addresses are associated to the network interfaces that are attached to a VM. In this screenshot, the VM has only one network interface. If the VM had multiple network interfaces, they would all appear, and you'd select the network interface you want to associate the public IP address to.

4. From the Network interface window, under Settings, select IP configurations*, and then select an IP configuration from the list.




5. Etc.


Reference:

https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/configure-public-ip-load-balancer
https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/associate-public-ip-address-vm



HOTSPOT (Drag and Drop is not supported)
You have an Azure subscription that contains the virtual machines shown in the following table.



The subscription contains a storage account named contoso2024 as shown in the following exhibit.



For each of the following statements, select Yes if the statement is true. Otherwise, select No.

  1. See Explanation section for answer.

Answer(s): A

Explanation:



Box 1: Yes
Yes - VM1 can connect contoso2024 by using 131.107.10.10.

VM1 has public IP address 131.107.10.10.
VM1 is connected to VNet1/Subnet1.
Networking is allowed for VNet1 on subnet for IP addresses 131.107.10.10, and 150.120.10.10, and for 170.20.10.10.

Box 2: No
No - VM2 can connect contoso2024 by using 150.120.10.10.

VM2 is on VNet1/Subnet2.
Networking only allowed on Subnet1.

Box 3: No
No - VM3 must use its private IP address to connect to contoso2024.

VM3 has public IP address 170.20.10.10.
VM3 is connected to VNet1/Subnet1.
Networking is allowed for VNet1 on subnet for IP addresses 131.107.10.10, and 150.120.10.10, and for 170.20.10.10.
VM3 can use its public address 170.20.10.10.



You have an Azure subscription that contains two peered virtual networks named VNet1 and VNet2. VNet1 has a VPN gateway that uses static routing,

The on-premises network has a VPN connection that uses the VPN gateway of VNet1.

You need to configure access for users on the on-premises network to connect to a virtual machine on VNet2. The solution must minimize costs.

Which type of connectivity should you use?

  1. Azure Firewall with a private IP address
  2. service chaining and user-defined routes (UDRs)
  3. Azure Application Gateway
  4. ExpressRoute circuits to VNet2

Answer(s): B

Explanation:

Service chaining
Service chaining enables you to direct traffic from one virtual network to a virtual appliance or gateway in a peered network through user-defined routes.

To enable service chaining, configure user-defined routes that point to virtual machines in peered virtual networks as the next hop IP address. User-defined routes could also point to virtual network gateways to enable service chaining.

You can deploy hub-and-spoke networks, where the hub virtual network hosts infrastructure components such as a network virtual appliance or VPN gateway. All the spoke virtual networks can then peer with the hub virtual network. Traffic flows through network virtual appliances or VPN gateways in the hub virtual network.


Reference:

https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview#service-chaining






Post your Comments and Discuss Microsoft AZ-104 exam with other Community members:

AZ-104 Exam Discussions & Posts