Test Online Free Microsoft AZ-720 Exam Questions and Answers

The questions for AZ-720 were last updated On Oct.11 2023

Get AZ-720 Full Access
 / 2

Question No : 1
A customer has an Azure Virtual Network named VNet1 that contains an internal standard SKU load balancer named LB1. The backend pool for LB1 includes the following virtual machines: VM1, VM2.
The customer configures a rule named Rul1 to load balance incoming HTTPS requests for VM1 and VM2. Rule1 is associated with an HTTPS health probe. The path for the probe is set to /.
The network adapters of VM1 and VM2 are associated with a network security named NSG1 that contains the following rules:



You connect to https://VM1 and https://VM2 from VNet1. Attempts to connect using the front-end IP address of LB1 are failing.
You need to resolve the issue.
What should you do?

Answer:

Question No : 2
A company has an ExpressRoute gateway between their on-premises site and Azure. The ExpressRoute gateway is on a virtual network named VNet1. The company enables FastPath on the gateway. You associate a network security group (NSG) with all of the subnets.
Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network named VNet2. Virtual network peering is enabled between VNet1 and VNet2.
You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet.
You discover that FlowLog1 is not reporting outbound flow traffic.
You need to resolve the issue with FlowLog1.
What should you do?

Answer:

Question No : 3
HOTSPOT
A company has an Azure Active Directory (Azure AD) tenant. You are assigned the Owner role-based access control (RBAC) role of an Azure resource group named RG1.
An administrator grants a user named User1 the Contributor RBAC role for RG1. User1 receives an authorization error when attempting to create a Cosmos DB account in RG1.
The administrator verifies that they can create a Cosmos DB account in RG1.
You need to troubleshoot the issue.
What should you do?



Answer:

Question No : 4
A company deploys ExpressRoute.
The company reports that there is an autonomous system (AS) number mismatch.
You need to identify the AS number of the circuit.
Which PowerShell cmdlet should you run?

Answer:

Question No : 5
A company has an Azure tenant. The company deploys an Azure Firewall named FW1 using the Standard SKU. You configure FW1 using classic firewall rules.
The company creates an application rule collection with the following settings:
Priority: 100
Action: Deny
Rule type: FQDN
Source type: IP address
Source: *
Protocol: http:80, https:443
Target FQDN: *.cloud.contoso.com
An engineer observes that traffic to console.cloud.conotoso.com is still allowed by FW1.
You need to determine why the traffic is allowed.
What should you review?

Answer:

Question No : 6
HOTSPOT
A company uses Azure Site Recovery for their on-premises Hyper-V servers. The company manages servers by using System Center Virtual Machine Manager (SCVMM).
An administrator reports that replication to the secondary site has failed.
You need to inspect the SCVMM logs and configuration files.
Which PowerShell cmdlets should you use?


Answer:

Question No : 7
1.A company connects their on-premises network by using Azure VPN Gateway. The on-premises environment includes three VPN devices that separately tunnel to the gateway by using Border Gateway Protocol (BGP).
A new subnet should be unreachable from the on-premises network.
You need to implement a solution.
Solution: Configure a route table with route propagation disabled.
Does the solution meet the goal?

Answer:

Question No : 8
A company has virtual machines (VMs) in the following Azure regions:
- West Central US
- Australia East
The company uses ExpressRoute private peering to provide connectivity to VMs hosted on each region and on-premises services.
The company implements global VNet peering between a VNet in each region. After configuring VNet peering, VM traffic attempts to use ExpressRoute private peering.
You need to ensure that traffic uses global VNet peering instead of ExpressRoute private peering. The solution must preserve existing on-premises connectivity to Azure VNets.
What should you do?

Answer:

Question No : 9
DRAG DROP
A customer has an Azure subscription. Microsoft Defender for servers is enabled for the subscription. The customer has not configured network security groups.
The customer configures a resource group named RG1 that contains the following resources:
• A virtual machine named VM1.
• A network interface named NIC1 that is attached to VM1.
The customer grants a user named Admin1 the following permission for RG1: Microsoft.Security/locations/jitNetworkAccessPolicies/write.
Admin1 reports that the JIT VM access pane in the Azure portal does not show any entries. When you view the same pane, VM1 appears on the Unsupported tab.
You need to ensure that Admin1 can enable just-in-time (JIT) VM access for VM1. The solution must adhere to the principle of least privilege.
Which three actions should you recommend be performed in sequence?
To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.



Answer:

Question No : 10
HOTSPOT
A company uses an Azure Backup agent to back up specific files and folder from an Azure virtual machine (VM) and an on-premises VM.
An administrator reports that the backup job fails on both VMs. Errors are returned in Microsoft Azure Recovery Services (MARS).
You need to troubleshoot the backup issues.
Which troubleshooting solution should you use?



Answer:

 / 2
  TOP 50 Exam Questions
Exam