You have an Azure virtual network that contains a subnet named Subnet1. Subnet1 is associated to a network security group (NSG) named NSG1. NSG1 blocks all outbound traffic that is not allowed explicitly.
Subnet1 contains virtual machines that must communicate with the Azure Cosmos DB service.
You need to create an outbound security rule in NSG1 to enable the virtual machines to connect to Azure Cosmos DB.
What should you include in the solution?

A.

a service tag

B.

a private endpoint

C.

a subnet delegation

D.

an application security group

You have an Azure subscription that contains an Azure App Service app. The app uses a URL of https://www.contoso.com.
You need to use a custom domain on Azure Front Door for www.contoso.com. The custom domain must use a certificate from an allowed certification authority (CA).
What should you include in the solution?

A.

an enterprise application in Azure Active Directory (Azure AD)

B.

Active Directory Certificate Services (AD CS)

C.

Azure Key Vault

D.

Azure Application Gateway

You have an Azure virtual network and an on-premises datacenter.
You need to implement a Site-to-Site VPN connection between the datacenter and the virtual network.
Which two resources should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

A.

a virtual network gateway

B.

Azure Firewall

C.

a local network gateway

D.

Azure Web Application Firewall (WAF)

E.

an on-premises data gateway

F.

an Azure application gateway

G.

a user-defined route

You have an Azure subscription that contains a virtual network name Vnet1. Vnet1 contains a virtual machine named VM1 and an Azure firewall named FW1.
You have an Azure Firewall Policy named FP1 that is associated to FW1.
You need to ensure that RDP requests to the public IP address of FW1 route to VM1. What should you configure on FP1?

A.

an application rule

B.

a network rule

C.

URL filtering

D.

a DNAT rule

You have three on-premises networks.
You have an Azure subscription that contains a Basic Azure virtual WAN. The virtual WAN contains a single virtual hub and a virtual network gateway that is limited to a throughput of 1 Gbps.
The on-premises networks connect to the virtual WAN by using Site-to-Site (S2S) VPN connections.
You need to increase the throughput of the virtual WAN to 3 Gbps. The solution must minimize administrative effort.
What should you do?

A.

Upgrade the virtual WAN lo the Standard SKU.

B.

Add an additional VPN gateway to the Azure subscription,

C.

Create an additional virtual hub.

D.

Increase the number of gateway scale units.

You plan to configure BGP for a Site-to-Site VPN connection between a datacenter and Azure.
Which two Azure resources should you configure? Each correct answer presents a part of the solution. (Choose two.)
NOTE: Each correct selection is worth one point.

A.

a virtual network gateway

B.

Azure Application Gateway

C.

Azure Firewall

D.

a local network gateway

E.

Azure Front Door

You have an Azure Front Door instance named FrontDoor1.
You deploy two instances of an Azure web app to different Azure regions.
You plan to provide access to the web app through FrontDoor1 by using the name app1.contoso.com.
You need to ensure that FrontDoor1 is the entry point for requests that use app1.contoso.com.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Your company has an on-premises network and three Azure subscriptions named Subscription1, Subscription2, and Subscription3.
The departments at the company use the Azure subscriptions as shown in the following table.

All the resources in the subscriptions are in either the West US Azure region or the West US 2 Azure region.
You plan to connect all the subscriptions to the on-premises network by using ExpressRoute.
What is the minimum number of ExpressRoute circuits required?

A.

1

B.

2

C.

3

D.

4

E.

5

You have the hybrid network shown in the Network Diagram exhibit.

 

You have the Azure firewall shown in the following exhibit.