★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW AZ-720 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/AZ-720-dumps.html


Actualtests offers free demo for AZ-720 exam. "Troubleshooting Microsoft Azure Connectivity", also known as AZ-720 exam, is a Microsoft Certification. This set of posts, Passing the Microsoft AZ-720 exam, will help you answer those questions. The AZ-720 Questions & Answers covers all the knowledge points of the real exam. 100% real Microsoft AZ-720 exams and revised by experts!

Microsoft AZ-720 Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
A company has an ExpressRoute gateway between their on-premises site and Azure. The ExpressRoute gateway is on a virtual network named VNet1. The company enables FastPath on the gateway. You associate a network security group (NSG) with all of the subnets.
Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network named VNet2. Virtual network peering is enabled between VNet1 and VNet2.
You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet. You discover that FlowLog1 is not reporting outbound flow traffic.
You need to resolve the issue with FlowLog1. What should you do?

  • A. Configure FlowLog1 for version 2.
  • B. Create the storage account for FlowLog1 as a premium block blob.
  • C. Configure the FlowTimeoutInMinutes property on VNet2 to a non-null value.
  • D. Enable FlowLog1 in a network security group associated with the network interface of VM1.

Answer: A

NEW QUESTION 2
A company has an Azure virtual network (VNet). An administrator creates a subet in the VNet named AzureSastionSubnet. The administrator deploys Azure Bastion to AzureBastionSubnet.
The administrator creates a default network security group named nsg-Bastion. The following error message display when the administrator attempts to assign nsg-Bastion to AzureBastionSubnet:
Network security group nsg-Bastion does not have necessary rules for Azure Bastion Subnet AzureBastionSubnet
You need to resolve the issues with the inbound security rules. Which port or set of ports should you configure?
AZ-720 dumps exhibit


Solution:
AZ-720 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 3
A company hosts a network virtual appliance (VNA) and Azure Route Server in different virtual networks (VNets). Border Gateway Protocol (BGP) peering is enabled between the NVA loses internet connectivity after it advertises the default route to the route server.
You need to resolve the problem with the NVA. What should you do?

  • A. Configure a user-defined route on the NVA subnet.
  • B. Move the route server to the same VNet as the NVA.
  • C. Configure a unique autonomous system number (ASN) on the NVA.
  • D. Configure a public IP address on the route server.

Answer: C

NEW QUESTION 4
A company has an ExpressRoute gateway between their on-premises site and Azure. The ExpressRoute gateway is on a virtual network named VNet1. The company enables FastPath on the gateway. You associate a network security group (NSG) with all of the subnets.
Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network named VNet2. Virtual network peering is enabled between VNet1 and VNet2.
You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet. You discover that FlowLog1 is not reporting outbound flow traffic.
You need to resolve the issue with FlowLog1. What should you do?

  • A. Create the storage account for FlowLog1 as a premium block blob.
  • B. Create the storage account for FlowLog1 as a premium page blob.
  • C. Enable FlowLog1 in a network security group associated with the subnet of VM1.
  • D. Configure the FlowTimeoutInMinutes property on VNet1 to a non-null value.

Answer: B

NEW QUESTION 5
A company deploys an Azure Firewall. The company reports the following log entry:
AZ-720 dumps exhibit
For each of the following questions, select Yes or No.
AZ-720 dumps exhibit


Solution:
AZ-720 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 6
A company has on-premises application server that runs in System Center Virtual Machine Manager (SCVMM). The company configures Azure Site Recovery.
An administrator at the company reports that they receive an error message. The error message indicates that there are replication issues.
You need to troubleshoot the issue. Which log should you review?

  • A. Network Security Group flow log
  • B. Azure Monitor log
  • C. Network Watcher diagnostic log
  • D. SCVMM debug log

Answer: A

NEW QUESTION 7
A company enables just-in-time (JIT) virtual machine (VM) access in Azure.
An administrator observes a list of VMs on the Unsupported tab of the JIT VM access page in the Microsoft
Defender for Cloud portal.
You need to determine why some VMs are not supported for JIT VM access. What should you conclude?

  • A. The administrator is using the Microsoft Defender for Cloud free tier.
  • B. The VMs were provisioned by using a classic deployment.
  • C. The VMs were recently provisioned by using an Azure Resource Manager deployment.
  • D. The administrator does not have the SecurityReader role.

Answer: B

NEW QUESTION 8
A company enables just-in-time (JIT) virtual machine (VM) access in Azure.
An administrator observes a list of VMs on the Unsupported tab of the JIT VM access page in the Microsoft Defender for Cloud portal.
You need to determine why some VMs are not supported for JIT VM access. What should you conclude?

  • A. The administrator does not have the SecurityReader role.
  • B. The administrator is using the Microsoft Defender for Cloud free tier.
  • C. The client firewall does not allow port 22 on the VMs.
  • D. A network security group is not associated with the VMs.

Answer: C

NEW QUESTION 9
A company has an Azure Virtual Network gateway named VNetGW1. The company enables point-to-site connectivity on VNetGW1. An administrator configures VNetGW1 for the following:
AZ-720 dumps exhibit OpenVPN for the tunnel type.
AZ-720 dumps exhibit Azure certificate for the authentication type.
Users receive a certificate mismatch error when connecting by using a VPN client. You need to resolve the certificate mismatch error.
What should you do?

  • A. Reissue the client certificate with client authentication enabled.
  • B. Configure preshared key for authentication on the VPN profile.
  • C. Install an IKEv2 VPN client on the user's computers.
  • D. Reissue the client certificate with server authentication enabled.

Answer: D

NEW QUESTION 10
A company deploys ExpressRoute.
The company reports that there is an autonomous system (AS) number mismatch. You need to identify the AS number of the circuit.
Which PowerShell cmdlet should you run?

  • A. Get-AzExpressRouteCircuitPeeringConfig
  • B. Get-AzExpressRouteCircuitStats
  • C. Get-AzExpressRouteCircuitRouteTable
  • D. Get-AzExpressRouteCircuit

Answer: B

NEW QUESTION 11
A company enables just-in-time (JIT) virtual machine (VM) access in Azure.
An administrator observes a list of VMs on the Unsupported tab of the JIT VM access page in the Microsoft Defender for Cloud portal.
You need to determine why some VMs are not supported for JIT VM access. What should you conclude?

  • A. The administrator is using the Microsoft Defender for Cloud free tier.
  • B. The VMs were provisioned by using a classic deployment.
  • C. The administrator does not have the SecurityReader role.
  • D. The administrator does not have permissions to request JIT access to the VMs.

Answer: B

NEW QUESTION 12
A company deploys an ExpressRoute circuit.
You need to verify accepted peering routes from the ExpressRoute circuit. Which PowerShell cmdlet should you run?

  • A. Get-AzExpressRouteCrossConnectionPeering
  • B. Get-AzExpressRouteCircuit
  • C. Get-AzExpressRouteCircuitPeeringConfig
  • D. Get-AzExpressRouteCircuitRouteTable
  • E. Get-AzExpressRouteCircuitStats

Answer: A

NEW QUESTION 13
A company manages a solution that uses Azure Functions.
A function returns the following error: Azure Function Runtime is unreachable.
You need to troubleshoot the issue.
What are two possible causes of the issue?

  • A. The execution quota is full.
  • B. The company did not configure a timer trigger.
  • C. The storage account application settings were deleted.
  • D. The function key was deleted.
  • E. The storage account for the function was deleted.

Answer: BC

NEW QUESTION 14
A company connects their on-premises network by using Azure VPN Gateway. The on-premises environment includes three VPN devices that separately tunnel to the gateway by using Border Gateway Protocol (BGP).
A new subnet should be unreachable from the on-premises network. You need to implement a solution.
Solution: Configure subnet delegation. Does the solution meet the goal?

  • A. Yes
  • B. No

Answer: B

NEW QUESTION 15
A company uses an Azure Backup agent to back up specific files and folder from an Azure virtual machine (VM) and an on-premises VM.
An administrator reports that the backup job fails on both VMs. Errors are returned in Microsoft Azure Recovery Services (MARS).
You need to troubleshoot the backup issues. Which troubleshooting solution should you use?
AZ-720 dumps exhibit


Solution:
AZ-720 dumps exhibit

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 16
......

100% Valid and Newest Version AZ-720 Questions & Answers shared by Surepassexam, Get Full Dumps HERE: https://www.surepassexam.com/AZ-720-exam-dumps.html (New 81 Q&As)