[Jan 18, 2023] AZ-720 Test Prep Training Practice Exam Questions Practice Tests Exam Questions Answers Braindumps AZ-720 Exam Dumps PDF Questions Microsoft AZ-720 Exam Syllabus Topics: TopicDetailsTopic 1Troubleshoot Azure Active Directory (Azure AD) authentication issues Review and interpret network logs and captured network traffic from a VPN gatewayTopic 2Determine which resources are authorized [...]

All Products Contact now

[Jan 18, 2023] AZ-720 Test Prep Training Practice Exam Questions Practice Tests [Q26-Q48]

Share

[Jan 18, 2023] AZ-720 Test Prep Training Practice Exam Questions Practice Tests

Exam Questions Answers Braindumps AZ-720 Exam Dumps PDF Questions


Microsoft AZ-720 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Troubleshoot Azure Active Directory (Azure AD) authentication issues
  • Review and interpret network logs and captured network traffic from a VPN gateway
Topic 2
  • Determine which resources are authorized to use JIT VM access
  • Troubleshoot issues deploying Azure Bastion
Topic 3
  • Troubleshoot network address translation (NAT) and distributed network address translation (DNAT) rules
  • Determine why Azure Web Application Firewall is blocking traffic
Topic 4
  • Troubleshoot issues integrating PaaS services with virtual networks
  • Determine the root cause for service-level throttling
Topic 5
  • Troubleshoot issues with pass-through authentication and password hash synchronization
  • Determine why on-premises systems cannot connect to Azure resources
Topic 6
  • Troubleshoot encryption and certificate issues for point-to-site and site-to-site scenarios
  • Determine whether a VM or a group of VMs is associated with an application security group (ASG)
Topic 7
  • Troubleshoot point-to-site virtual private network (VPN) connectivity
  • Troubleshoot name resolution for scenarios that use Azure-provided name resolution
Topic 8
  • Troubleshoot issues with private endpoints and service endpoints
  • Determine the root cause for latency issues related to ExpressRoute
Topic 9
  • Troubleshoot restore issues when using Azure Backup Agent, Azure backup, or Azure Backup Server
  • Troubleshoot Azure virtual machines backup issues including restarting a failed backup job
Topic 10
  • Troubleshoot issues recovering files from an Azure virtual machine backup
  • Troubleshoot issues with Azure Backup agents
Topic 11
  • Troubleshoot issues with DNS records at public DNS providers
  • Troubleshoot virtual private network (VPN) gateway transit issues
Topic 12
  • Troubleshoot Border Gateway Protocol (BGP) issues
  • Determine whether resource response times meet service-level agreements (SLAs)


Schedule exam

Languages: English

Retirement date: none

This exam measures your ability to accomplish the following technical tasks: troubleshoot business continuity issues; troubleshoot hybrid and cloud connectivity issues; troubleshoot Platform as a Service issues; troubleshoot authentication and access control issues; troubleshoot networks; and troubleshoot VM connectivity issues.

 

NEW QUESTION 26
A company uses an Azure VPN gateway with an IP address of 203.0.113.20.
Users report that the VPN connection frequently drops.
You need to determine when each connection failure occurred.
How should you complete the Azure Monitor query?

Answer:

Explanation:

 

NEW QUESTION 27
A company migrates an on-premises Windows virtual machine (VM) to Azure. An administrator enables
backups for the VM by using the Azure portal.
The company reports that the Azure VM backup job is failing.
You need to troubleshoot the issue.
Solution: Enable replication and create a recovery plan for the backup vault.
Does the solution meet the goal?

  • A. Yes
  • B. No

Answer: A

 

NEW QUESTION 28
A company deploys Azure Bastion to connect to their virtual machine (VM) infrastructure.
An engineer attempts to connect to a Windows VM by using Remote Desktop Protocol (RDP). The connection
fails.
You need to troubleshoot the issue.
Which two actions should you perform?

  • A. Run the Network Watcher Connection troubleshoot service.
  • B. Configure Azure Bastion with static assignment.
  • C. Apply a network security group on the same subnet as Azure Bastion.
  • D. Monitor traffic with the following PowerShell cmdlet Test-AzNetworkWatcherConnectivity.
  • E. Monitor traffic with the following PowerShell cmdlet New-AzNetworkWatcherFlowLog.

Answer: B,E

 

NEW QUESTION 29
A company uses an Azure Virtual Network (VNet) gateway named VNetGW1. VNetGW1 connects to a partner site by using a site-to-site VPN connection with dynamic routing.
The company observes that the VPN disconnects from time to time.
You need to troubleshoot the cause for the disconnections.
What should you verify?

  • A. VNetGW1 has exceeded the subnet Security Association pairs.
  • B. The public IP address of the partner's VPN device is configured in the local network gateway address space on VNetGW1.
  • C. The partner's VPN device and VNetGW1 are configured with the same virtual network address space.
  • D. The partner's VPN device and VNetGW1 are configured using the same shared key.

Answer: D

 

NEW QUESTION 30
A company uses public Azure DNS zones.
The company reports DNS record creation and name resolution issues.
You need to troubleshoot the issues.
What are the causes of the issues?

Answer:

Explanation:

 

NEW QUESTION 31
A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR).
An administrator receives an error that password writeback cloud not be enabled during the Azure AD
Connect configuration. The administrator observes the following event log error:
Error getting auth token
You need to resolve the issue.
Solution: Use a global administrator account with a password that is less than 256 characters to configure
Azure AD Connect.
Does the solution meet the goal?

  • A. Yes
  • B. No

Answer: A

 

NEW QUESTION 32
A company plans to implement ExpressRoute by using the provider connectivity model.
The company creates an ExpressRoute circuit. You are unable to connect to resources through the circuit.
You need to determine the provisioning state of the service provider.
Which PowerShell cmdlet should you run?

  • A. Get-AzExpressRouteCircuitPeeringConfig
  • B. Get-AzExpressRouteCircuitRouteTable
  • C. Get-AzExpressRouteCircuitConnectionConfig
  • D. Get-AzExpressRouteCircuit
  • E. Get-AzExpressRouteCircuitARPTable

Answer: C

 

NEW QUESTION 33
A company implements Windows and Linux VMs in an Azure Virtual Network. The company plans to apply routing changes to the virtual network.
You need to determine the impact of these changes on network latency affecting applications that use TCP and UDP traffic. The solution must provide the highest level of accuracy.
Which tools should you use?

Answer:

Explanation:

 

NEW QUESTION 34
A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR).
An administrator receives an error that password writeback cloud not be enabled during the Azure AD Connect configuration. The administrator observes the following event log error:
Error getting auth token
You need to resolve the issue.
Solution: Restart the Azure AD Connect service.
Does the solution meet the goal?

  • A. No
  • B. Yes

Answer: A

 

NEW QUESTION 35
A company deploys the Azure Application Gateway Web Application Firewall (WAF) to protect their web
applications.
Users in a remote office location report the following issues:
* Unable to access part of a web application.
* Part of the web application is failing to load.
* Parts of the web application has activities that are not performing as expected.
You need to troubleshoot the issue.
Which diagnostic log should you review?

  • A. Azure Activity
  • B. Performance
  • C. Firewall
  • D. Access

Answer: A

 

NEW QUESTION 36
A company uses Azure Site Recovery (ASR) for a VMware environment that includes the following virtual
machines (VMs):

The company reports that they are unable to configure all of the servers for replication.
You need to evaluate the servers and server roles to determine which servers can be protected.
Which server can you protect by using ASR?

  • A. VM2
  • B. VM4
  • C. VM3
  • D. VM1

Answer: C

 

NEW QUESTION 37
A company connects their on-premises network by using Azure VPN Gateway. The on-premises environment
includes three VPN devices that separately tunnel to the gateway by using Border Gateway Protocol (BGP).
A new subnet should be unreachable from the on-premises network.
You need to implement a solution.
Solution: Configure subnet delegation.
Does the solution meet the goal?

  • A. No
  • B. Yes

Answer: A

 

NEW QUESTION 38
A company migrates an on-premises Windows virtual machine (VM) to Azure. An administrator enables backups for the VM by using the Azure portal.
The company reports that the Azure VM backup job is failing.
You need to troubleshoot the issue.
What should you do?

  • A. Create a new manual backup in Backup center.
  • B. Run chkdsk on the VM.
  • C. Enable replication and create a recovery plan for the backup vault.
  • D. Install the VM guest agent with administrative permissions.
  • E. Configure the retention range of the current backup policy for the VM.

Answer: D

 

NEW QUESTION 39
A company has an Azure Active Directory (Azure AD) tenant. The company deploys Azure AD Connect to synchronize users from an Active Directory Domain Services (AD DS).
The synchronization of a user object is failing.
You need to troubleshoot the failing synchronization by using a built-in Azure AD Connect troubleshooting task.
Which two pieces of information should you collect before you start troubleshooting?

  • A. Object globally unique identifier
  • B. Object distinguished name
  • C. Object common name
  • D. Azure AD connector name
  • E. AD connector name

Answer: A,D

 

NEW QUESTION 40
A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR).
An administrator receives an error that password writeback could not be enabled during the Azure AD Connect configuration. The administrator observes the following event log error:
Error getting auth token
You need to resolve the issue.
What should you do?

  • A. Disable password writeback and then enable password writeback using the Azure AD Connect configuration.
  • B. Restart the Azure AD Connect service.
  • C. Configure Azure AD Connect using a global administrator account that is not federated.
  • D. Configure Azure AD Connect using a global administrator account with a password that is less than 256 characters.

Answer: D

 

NEW QUESTION 41
A company uses Azure Active Directory (Azure AD) for authentication. The company synchronizes Azure AD with an on-premises Active Directory domain.
The company reports that an Azure AD object fails to sync.
You need to determine which objects are not syncing.
Which troubleshooting steps should you use to diagnose the failure?

Answer:

Explanation:

 

NEW QUESTION 42
A company has an ExpressRoute gateway between their on-premises site and Azure. The ExpressRoute
gateway is on a virtual network named VNet1. The company enables FastPath on the gateway. You associate a
network security group (NSG) with all of the subnets.
Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network named
VNet2. Virtual network peering is enabled between VNet1 and VNet2.
You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet.
You discover that FlowLog1 is not reporting outbound flow traffic.
You need to resolve the issue with FlowLog1.
What should you do?

  • A. Create the storage account for FlowLog1 as a premium block blob.
  • B. Configure FlowLog1 for version 2.
  • C. Configure the FlowTimeoutInMinutes property on VNet2 to a non-null value.
  • D. Enable FlowLog1 in a network security group associated with the network interface of VM1.

Answer: B

 

NEW QUESTION 43
A company uses an Azure VPN gateway to connect to their on-premises environment.
The company's on-premises VPN gateway is used by several services. One service is experiencing
connectivity issues.
You need to minimize downtime for all services and resolve the connectivity issue.
Which three actions should you perform?

  • A. Configure the pre-shared key to be the same on the Azure VPN gateway and the on-premises VPN
    gateways.
  • B. Configure the hashing algorithm to be different on both gateways.
  • C. Configure the hashing algorithm to be the same on both gateways.
  • D. Rest the VPN gateway.
  • E. Rest the VPN connection.
  • F. Configure the pre-shared key to be different on the Azure VPN gateway and the on-premises VPN gateways.

Answer: A,C,F

 

NEW QUESTION 44
A company has an Azure Virtual Network gateway named VNetGW1. The company enables point-to-site
connectivity on VNetGW1. An administrator configures VNetGW1 for the following:
* OpenVPN for the tunnel type.
* Azure certificate for the authentication type.
Users receive a certificate mismatch error when connecting by using a VPN client.
You need to resolve the certificate mismatch error.
What should you do?

  • A. Reissue the client certificate with server authentication enabled.
  • B. Install an IKEv2 VPN client on the user's computers.
  • C. Create a profile manually, add the server FQDN and reissue the client certificate.
  • D. Reissue the client certificate with client authentication enabled.

Answer: C

 

NEW QUESTION 45
A company has an Azure Virtual Network gateway named VNetGW1. The company enables point-to-site
connectivity on VNetGW1. An administrator configures VNetGW1 for the following:
* OpenVPN for the tunnel type.
* Azure certificate for the authentication type.
Users receive a certificate mismatch error when connecting by using a VPN client.
You need to resolve the certificate mismatch error.
What should you do?

  • A. Configure preshared key for authentication on the VPN profile.
  • B. Create a profile manually, add the server FQDN and reissue the client certificate.
  • C. Install a Secure Socket Tunneling Protocol (SSTP) VPN client on the user's computers.
  • D. Configure the tunnel type for IKEv2 and OpenVPN on VNetGW1.

Answer: B

 

NEW QUESTION 46
A company migrates an on-premises Windows virtual machine (VM) to Azure. An administrator enables
backups for the VM by using the Azure portal.
The company reports that the Azure VM backup job is failing.
You need to troubleshoot the issue.
Solution: Install the VM guest agent by using administrative permissions.
Does the solution meet the goal?

  • A. No
  • B. Yes

Answer: A

 

NEW QUESTION 47
A customer has an Azure Virtual Network named VNet1 that contains an internal standard SKU load balancer named LB1. The backend pool for LB1 includes the following virtual machines: VM1, VM2.
The customer configures a rule named Rul1 to load balance incoming HTTPS requests for VM1 and VM2. Rule1 is associated with an HTTPS health probe. The path for the probe is set to /.
The network adapters of VM1 and VM2 are associated with a network security named NSG1 that contains the following rules:

You connect to https://VM1 and https://VM2 from VNet1. Attempts to connect using the front-end IP address of LB1 are failing.
You need to resolve the issue.
What should you do?

  • A. Add an NSG1 rule with the source set to AzureLoadBalancer.
  • B. Change the health probe associated with Rule1 to use HTTP.
  • C. Change the health probe associated with Rule1 to use TCP.
  • D. Add an NSG1 rule with the source set to VirtualNetwork.

Answer: B

 

NEW QUESTION 48
......


Skills measured

  • Troubleshoot networks (25–30%)
  • Troubleshoot VM connectivity issues (5–10%)
  • Troubleshoot Platform as a Service issues (5–10%)
  • Troubleshoot hybrid and cloud connectivity issues (20–25%)

 

Download Free Microsoft AZ-720 Real Exam Questions: https://pass4sure.guidetorrent.com/AZ-720-dumps-questions.html

Related Articles

more
Microsoft AZ-720 Certification Practice Exam