AZ-720 Online Practice Questions and Answers

HOTSPOT

A company uses an Azure Backup agent to back up specific files and folder from an Azure virtual machine (VM) and an on-premises VM.

An administrator reports that the backup job fails on both VMs. Errors are returned in Microsoft Azure Recovery Services (MARS).

You need to troubleshoot the backup issues.

Which troubleshooting solution should you use?

Hot Area:

HOTSPOT

A company deploys an Azure Firewall. The company reports the following log entry:

For each of the following questions, select Yes or No.

Hot Area:

DRAG DROP

A customer has an Azure subscription. Microsoft Defender for servers is enabled for the subscription. The customer has not configured network security groups.

The customer configures a resource group named RG1 that contains the following resources:

1.

A virtual machine named VM1.

2.

A network interface named NIC1 that is attached to VM1.

The customer grants a user named Admin1 the following permission for RG1:

Microsoft.Security/locations/jitNetworkAccessPolicies/write.

Admin1 reports that the JIT VM access pane in the Azure portal does not show any entries. When you view the same pane, VM1 appears on the Unsupported tab.

You need to ensure that Admin1 can enable just-in-time (JIT) VM access for VM1. The solution must adhere to the principle of least privilege.

Which three actions should you recommend be performed in sequence?

To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Select and Place:

A company has an Azure tenant. The company deploys an Azure Firewall named FW1 using the Standard SKU. You configure FW1 using classic firewall rules.

The company creates an application rule collection with the following settings:

Priority: 100

Action: Deny

Rule type: FQDN

Source type: IP address

Source: *

Protocol: http:80,https:443

Target FQDN: *.cloud.contoso.com

An engineer observes that traffic to console.cloud.conotoso.com is still allowed by FW1.

You need to determine why the traffic is allowed.

What should you review?

A. Network rules

B. Web categories

C. Infrastructure rules

D. Application rules

A company uses Azure Site Recovery (ASR) to replicate and recover Azure virtual machines (VM) between Azure regions.

An administrator receives the following warning from ASR about a VM that uses P10 disks:

Data change rate beyond supported limits

You add OS Disk Write Bytes/Sec and Data Disk Write Bytes/Sec to the list of metrics for monitoring. You discover that the VM consistently has a data churn of greater than 8 MB/s but less than 10 MB/s.

You need to resolve the issue.

What should you do?

A. Uninstall the Volume Shadow Copy Service (VSS) Provider service.

B. Use AzCopy to upload data to a cache storage account.

C. Create a network service endpoint in a virtual network.

D. Upgrade the target storage disk.

A company plans to use an Azure PaaS service by using Azure Private Link service. The azure Private Link service and an endpoint have been configured.

The company reports that the endpoint is unable to connect to the service.

You need to resolve the connectivity issue.

What should you do?

A. Disable the endpoint network policies.

B. Validate the VPN device.

C. Approve the connection state.

D. Disable the service network policies.

A company migrates an on-premises Windows virtual machine (VM) to Azure. An administrator enables backups for the VM by using the Azure portal.

The company reports that the Azure VM backup job is failing.

You need to troubleshoot the issue.

Solution: Configure the retention range for the current VM backup policy.

Does the solution meet the goal?

A. Yes

B. No

You manage an Azure subscription that contains the following resources:

An on-premises environment is connected to VNet1 by using ERGW1.

An administrator measures network latency for on-premises traffic that targets VM1 and VM2 by using the front-end IP address of the load balancer. The administrator enables ExpressRoute FastPath on ERGW1 and observes that the

latency has not changed.

You need to resolve the issue that is preventing the network latency improvements offered by ExpressRoute FastPath from taking effect.

What should you do?

A. Redeploy the load balancer as a Standard SKU.

B. Change the SKU for the ExpressRoute gateway.

C. Resize VM1 and VM2.

D. Enable accelerated networking on VM1 and VM2

A company hosts a highly available application using Azure Load Balancer.

A virtual machine (VM) on the backend pool stops responding to health probes. The health probes are configured to use HTTP.

You are troubleshooting the incoming traffic issue. You run a Netsh trace on port 80. No incoming packets are detected on the VM. Outgoing packets are detected.

What is the cause of the issue?

A. A network security group is preventing incoming traffic to the port.

B. A proxy is configured.

C. Session persistence is configured.

D. An application on the VM is blocking the port.

You need to resolve the VM2 routing issue. What should you do?

A. Modify the IP configuration setting of the Azure network interface resource of VM1.

B. Add a network interface to VM1.

C. Add a network interface to VM2.

D. Modify the IP configuration setting of the Azure network interface resource of VM2.