- (Exam Topic 3)
You need to use Traffic Analytics to monitor the usage of applications deployed to Azure virtual machines. Which Azure Network Watcher feature should you implement first?
Correct Answer:
A
- (Exam Topic 3)
You have an Azure Front Door instance that has a single frontend named Frontend1 and an Azure Web Application Firewall (WAF) policy named Policy1. Policy1 redirects requests that have a header containing "string1" to https://www.contoso.com/redirect1. Policy1 is associated to Frontend1.
You need to configure additional redirection settings. Requests to Frontend1 that have a header containing "string2" must be redirected to https://www.contoso.com/redirect2.
Which three actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Correct Answer:
ABE
- (Exam Topic 3)
You have an Azure subscription that contains the following resources:
A virtual network named Vnet1
Two subnets named subnet1 and AzureFirewallSubnet
A public Azure Firewall named FW1
A route table named RT1 that is associated to Subnet1
A rule routing of 0.0.0.0/0 to FW1 in RT1
After deploying 10 servers that run Windows Server to Subnet1, you discover that none of the virtual machines were activated.
You need to ensure that the virtual machines can be activated. What should you do?
Correct Answer:
B
Reference:
https://ryanmangansitblog.com/2020/05/11/firewall-considerations-windows-virtual-desktop-wvd/
- (Exam Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled. You configure the application gateway to direct traffic to the URL of the application gateway.
You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.
You need to ensure that the URL is accessible through the application gateway. Solution: You add a rewrite rule for the host header.
Does this meet the goal?
Correct Answer:
B
https://docs.microsoft.com/en-us/azure/application-gateway/rewrite-http-headers-url#limitations
- (Exam Topic 3)
Your company has an Azure virtual network named Vnet1 that uses an IP address space of 192.168.0.0/20. Vnet1 contains a subnet named Subnet1 that uses an IP address space of 192.168.0.0/24.
You create an IPv6 address range to Vnet1 by using a CIDR suffix of /48.
You need to enable the virtual machines on Subnet1 to communicate with each other by using IPv6 addresses assigned by the company. The solution must minimize the number of additional IPv4 addresses.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Solution:
:
Add IPv6 configuration to NIC. "Configure all of the VM NICs with an IPv6 address using Add-AzNetworkInterfaceIpConfig"
Source: https://docs.microsoft.com/en-us/azure/load-balancer/ipv6-add-to-existing-vnet-powershell
Does this meet the goal?
Correct Answer:
A