dumpstool logo
What should you implement to meet the virtual network requirements for the virtual machines that connect to Vnet4 and Vnet5?
In which NSGs can you use ASG1 and to which virtual machine network interfaces can you associate ASG1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Which virtual machines can VM1 and VM4 ping successfully? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to meet the network security requirements for the NSG flow logs.
Which type of resource do you need, and how many instances should you create? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that is linked to a Microsoft Entra tenant.
The subscription contains a virtual network named VNet1, a storage account named storage1, an Azure App Service web app named Appl. and an Azure SQL database named DB1. VNet1 contains two subnets named Subnet1 and Subnet2. Subnet 1 and Subnet2 each has a subnet mask of 255.255.255.224.
You plan to perform the following actions:
• On Subnet1. configure a service endpoint to connect to storage1 and a service endpoint to connect to the Microsoft Entra tenant.
• On Subnet2. configure a private endpoint to connect to App1 and a private endpoint to connect to DB1
How many IP addresses will be available on each subnet once the planned actions are complete? To answer, select the appropriate options in the answer area.
NOTE: Each correct answer is worth one point.
Your company has an Azure subscription that contains a virtual network named VNet1 and an Azure VPN gateway named vGW1. The company has 50 users that have Windows 11 devices.
You need to ensure that the users can access the resources on VNet1. The solution must meet the following requirements:
• Ensure that the users can establish Point-to-Site (P2S) VPN connections to vGW1.
• Ensure that the users can authenticate by using only their Microsoft Entra credentials
Which type of tunnel should you configure, and which VPN client should you configure on the users ' devices? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Task 6
You need to ensure that all hosts deployed to subnet3-2 connect to the internet by using the same static public IP address. The solution must minimize administrative effort when adding hosts to the subnet.
Task 10
You need to configure VNET1 to log all events and met rics. The solution must ensure that you can query the events and metrics directly from the Azure portal by using KQL.
You have an Azure subscription that contains the resources shown in the following table.
You need to control access to storage1 by using NSG1 What should you configure first?
You have an Azure subscription that contains a virtual network named VNet1.
Your on-premises network connects to VNet1 by using a Site-to-Site (S2S) VPN connection.
You need to ensure that Azure Network Watcher generates an alert if the VPN connection fails.
Which Network Watcher feature should you use to generate the alert, and which data source should the feature query? To answer. select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Task 7
You plan to deploy 100 virtual machines to subnet4-1. The virtual machines will NOT be assigned a public IP address. The virtual machines will call the same API. which is hosted by a third party. The virtual machines will make more than 10,000 calls per minute to the API.
You need to minimize the risk of SNAT port exhaustion. The solution must minimize administrative effort.
You have an on-premises datacenter named DC1 that contains two routers
You have an Azure subscription. The subscription contains a virtual network named VNet1 and a zone-redundant ExpressRoute virtual network gateway named GW1 that uses the ErGw3Az SKU. GW1 is attached to VNet1.
DO is connected to VNet1 by using an ExpressRoute Standard circuit named Circuits The DC1 routers are configured as endpoints for Circuit1. Circuit1 traffic traverses two physical links.
During a link outage, the connection takes three minutes to fail over
You need to ensure that failovers between the links take less than one second
What should you do?
You need to implement a P2S VPN for the users in the branch office. The solution must meet the hybrid networking requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to connect Vnet2 and Vnet3. The solution must meet the virtual networking requirements and the business requirements.
Which two actions should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You need to i mplement name resolution for the cloud.liwareinc.com. The solution must meet the networking requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to restrict traffic from VMScaleSet1 to VMScaleSet2. The solution mus t meet the virtual networking requirements.
What is the minimum number of custom NSG rules and NSG assignments required? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Ite rule for the 
You need to configure the default route on Vnet2 and Vnet3. The solution must meet the virtual networking requirements.
What should you use to configure the default route?
You need to recommend a configuration for the ExpressRoute connection from the Boston datacenter. The solution must meet the hybrid networking requirements and business requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to implement outbound connectivity for VMScaleSet1. The solution must meet the virtual networking requirements and the business requirements.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to provide access to storage2. The solution must meet the PaaS networking requirements and the business requirements.
Which connectivity method should you use?
You need to prepare Vnet1 for the deployment of an ExpressRoute gateway. The solution must meet the hybrid connectivity requirements and the business requirements.
Which three actions should you perform in sequence for Vnet1? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to configure the default route in Vnet2 and Vnet3. The solution must meet the virtual networking requirements.
What should you use to configure the default route?
You need to provide connectivity to storage1. The solution must meet the PaaS networking requirements and the business requirements.
What should you include in the solution?
Your on-premises network contains two subnets named Subnet1 and Subnet2. Subnet2 contains a Hyper-V host that contains two virtual machines named VM1 and VM2. VM1 and VM2 are connected to Subnet2.
You have an Azure virtual network named VNet1 that contains GatewaySubnet a nd a subnet named VSubnet1. VNet1 is connected to the on-premises network by using a Site-to-Site (S2S) VPN connection.
You plan to migrate VM1 to VNet1 and maintain the existing IP address of VM1. VM2 will remain on Subnet2.
You need to prepare the enviro nment to ensure that VM1 can communicate with VM2 once the migration is complete.
Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.’
You have an Azure subscription that contains the virtual networks shown in the following table.
You plan to deploy an Azure firewall named AF1 to RG1 in the West US Azure region.
To which virtual networks can you deploy AF1?
You have an Azure subscription that contains the resources shown in the following table.
Subshell contains Three virtual machines that host an app named App1. App1 is accessed by using the SFTP protocol.
From NSG1. you configure an inbound security rule named Rule2 that allows inbound SFTP connections to ASG1.
You need to ensure that the inbound SFTP connections are managed by using ASG1. The solution must minimize administrative effort.
What should you do?
You have an Azure firewall shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct sele ction is worth one point.
You have an on-premises network that includes the sites shown in the following table.
Each site is connected to the Internet by a firewall. All sites are connected to an SD-WAN. Each site is configured to propagate routes by using BGP.
You have an Azure subscription that includes a virtual network named Vnet1 that contains a Virtual Network Gateway named Gateway 1.
You create a local network gateway with the configuration shown in the gateway exhibit (Click the Gateway tab.)
You create a Site-to-Site (S2S) connection with the configuration shown in connection exhibit. (Click the Connection tab)
For each of the following statements, select Yes if the statement is true Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains the resources shown in the following table.
You need to ensure that VM1 and VM2 can connect only to storage1. The solution must meet the fo llowing requirements:
• Prevent VM1 and VM2 from accessing any other storage accounts.
• Ensure that storage1 is accessible from the internet.
What should you use?
You have an Azure application gateway for a web app named App1. The application gateway allows end-to-end encryption.
You configure the listener for HTTPS by uploading an enterprise signed certificate.
You need to ensure that the application gateway can provide end-to-end encryption for App1. What should you do?
Your company has 10 instances of a web service. Each instance is hosted in a different Azure region and is accessible through a public endpoint.
The development department at the company is creating an application named App1. Every 10 minutes. App1 will use a list of end points and connect to the first available endpoint.
You plan to use Azure Traffic Manager to maintain the list of endpoints.
You need to configure a Traffic Manager profile that will minimize the impact of DNS caching.
What should you configure? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your on-premises network uses an IP address range of 10.1.0.0 to 10.1.255.255.
You plan to deploy a new Azure virtual network solution that will include the following elements:
• A virtual network named VNet1
• A Site-to-Site (S2S) VPN connection between VNet1 and the on-premises network
• GatewaySubnet in VNet1, which will be used as a route-based virtual network gateway
You need to recommend which subnet masks to assign to VNet1 and GatewaySubnet. The solution must meet the following requirements:
• Maximize the number of available IP addresses on VNet1.
• Minimize the number of available IP addresses on GatewaySubnet
Which address spaces should you assign to VNet1 and GatewaySubnet? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You ate configuring the DNS forwarding luleset for DNSR1
You need to configure the destination IP address for azure.proseware.com and for corp.proseware.com. The solution must meet the general requirements.
Which IP addiesses should you configure for each namespace? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to manage connectivity from NYCNet to the Azure services that use private endpoints. The solution must meet the security requirements. What should you do first?
You need to identify which IP address space to allocate for the planned deployment of PRDNS1 to HubVNet and SpokeVNet. The solution must meet the general requirements
What should you identify for each virtual network? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need to configure FD1 to provide user access to app2.proseware.com. The solution must meet the security requirements and the general requirements.
What should you do first?
You need to deploy Azure Virtual Network Manager. The solution must support the planned changes and meet the connectivity requirements.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to configure the P2S VPN to meet the connectivity requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to configure a security rule for APPGW1-NSG1. The solution must support the planned changes. Which service tag should you use?
You need to configure a custom rule for APPGWI-WAFPolicy to allow only connections that originate from FD1. The solution must support the planned changes.
Which Match type and Match variable should you select?
You need to configure connectivity between NYCNet and SFONet. The solution must meet the connectivity requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need to plan the deployment of LBGW1. The solution must support the planned changes.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to configure APPGW1 to support end-to-end encryption. The solution must meet the security requirements. What should you do?
TESTED 02 May 2026
