Certs Club
Home
Oracle Microsoft Cisco CompTIA Salesforce Amazon AACE International Acams Anthropic Apple View All Vendors →
Login Register

Microsoft AZ-500 - Microsoft Azure Security Technologies Certification Exam

Download Exam View Entire Exam
Page: 2 / 2
Question #6 (Topic: demo questions)

You need to provide connectivity to storage1. The solution must meet the PaaS networking
requirements and the business requirements.
What should you include in the solution?
HOTSPOT
You need to recommend a configuration for the ExpressRoute connection from the Boston
datacenter. The solution must meet the hybrid networking requirements and business requirements.
What should you recommend? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

A.
a service endpoint
B.
Azure Front Door
C.
a private endpoint
D.
Azure Traffic Manager
Correct Answer: A
Explanation:

The correct answer is A. a service endpoint. A service endpoint extends the private address space of an Azure virtual network to an Azure PaaS service such as Azure Storage. This allows resources in the virtual network to access storage1 directly over the Microsoft backbone network while maintaining secure connectivity and meeting PaaS networking requirements. Service endpoints are commonly used when access to a storage account must be restricted to specific virtual networks without requiring a private IP address for the storage service. The other options do not fit the requirement: Azure Front Door and Azure Traffic Manager are used for application delivery and traffic routing, while a private endpoint would be chosen only if the requirement specifically called for private IP-based access to the storage account. Therefore, a service endpoint is the correct solution.
Question #7 (Topic: demo questions)

You need to connect Vnet2 and Vnet3. The solution must meet the virtual networking requirements
and the business requirements.
Which two actions should you include in the solution? Each correct answer presents part of the
solution.
NOTE: Each correct selection is worth one point

A.
An the peerings from Vnet2 and Vnet3, select Use remote
gateways.
B.
On the peering from Vnet1, select Allow forwarded
traffic.
C.
On the peering from Vnet1, select Use remote
gateways.
D.
On the peering from Vnet1, select Allow gateway
transit.
E.
On the peerings from Vnet2 and Vnet3, select Allow
gateway transit.
Correct Answer: B, D
Explanation:

To connect Vnet2 and Vnet3 through Vnet1 in a hub-and-spoke topology, Vnet1 acts as the hub network that contains the gateway. Enabling Allow gateway transit on the peering from Vnet1 allows the gateway in Vnet1 to be shared with the peered virtual networks. Enabling Allow forwarded traffic on the peering from Vnet1 permits traffic that is forwarded through the hub network to reach other connected networks, which is necessary for communication between Vnet2 and Vnet3 through Vnet1.
The other options are incorrect because Use remote gateways is configured on the spoke virtual networks (Vnet2 and Vnet3) only when they need to use the gateway in the hub network, while Allow gateway transit should be enabled on the hub network, not on the spokes. Therefore, the required actions are B and D.
Download Exam
« Prev Page: 2 / 2
Next Page