A company uses an Azure VPN gateway to connect to their on-premises environment.
The company's on-premises VPN gateway is used by several services. One service is experiencing connectivity issues.
You need to minimize downtime for all services and resolve the connectivity issue.
Which three actions should you perform?
Answer : C, D, E
the three actions that should be performed to minimize downtime for all services and resolve the connectivity issue are: C. Configure the pre-shared key to be the same on the Azure VPN gateway and the on-premises VPN gateways. D. Reset the VPN connection. E. Configure the hashing algorithm to be the same on both gateways.
A company uses Azure virtual machines (VMs) in multiple regions. The VMs have the following configuration:
The backend pool of an internal Azure Load Balancer (ILB) named ILB1 contains VM1 and VM2. The ILB uses the Basic SKU and is in a resource group RG2.
Virtual network peering has been configured between VNet1 and VNet2.
Users report that they are unable to connect to resources on VM1 and VM2 by using ILB1 from VM3.
You need to resolve the connectivity issues.
What should you do?
A company has an ExpressRoute gateway between their on-premises site and Azure. The ExpressRoute gateway is on a virtual network named VNet1. The company enables FastPath on the gateway. You associate a network security group (NSG) with all of the subnets.
Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network named VNet2. Virtual network peering is enabled between VNet1 and VNet2.
You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet.
You discover that FlowLog1 is not reporting outbound flow traffic.
You need to resolve the issue with FlowLog1.
What should you do?
Answer : C
when FastPath is enabled on an ExpressRoute gateway, network traffic between your on-premises network and your virtual network bypasses the gateway and goes directly to virtual machines in the virtual network. Therefore, if you want to capture outbound flow traffic from VM1, you need to enable flow logging on an NSG associated with the subnet of VM1.
A company uses an Azure Virtual Network (VNet) gateway named VNetGW1. VNetGW1 connects to a partner site by using a site-to-site VPN connection with dynamic routing.
The company observes that the VPN disconnects from time to time.
You need to troubleshoot the cause for the disconnections.
What should you verify?
Answer : B
A company connects their on-premises network by using Azure VPN Gateway. The on-premises environment includes three VPN devices that separately tunnel to the gateway by using Border Gateway Protocol (BGP).
A new subnet should be unreachable from the on-premises network.
You need to implement a solution.
Solution: Configure subnet delegation.
Does the solution meet the goal?
Answer : B
The proposed solution, which is to configure subnet delegation, does not meet the goal of making the new subnet unreachable from the on-premises network. Subnet delegation is a mechanism to delegate management of a subnet to another resource such as a Network Virtual Appliance or a Service Endpoint. It does not provide any means to restrict or isolate a subnet from the rest of the network.
To meet the goal, you can use Network Security Groups (NSGs) to restrict traffic to and from the new subnet. NSGs allow you to define inbound and outbound security rules that specify the type of traffic that is allowed or denied based on different criteria such as source or destination IP address, protocol, port number, etc. By creating a custom NSG and defining rules that deny traffic to and from the new subnet, you can effectively make that subnet unreachable from the on-premises network.
Therefore, the correct answer is option B, 'No'.
https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview
A company has an ExpressRoute gateway between their on-premises site and Azure. The ExpressRoute gateway is on a virtual network named VNet1. The company enables FastPath on the gateway. You associate a network security group (NSG) with all of the subnets.
Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network named VNet2. Virtual network peering is enabled between VNet1 and VNet2.
You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet.
You discover that FlowLog1 is not reporting outbound flow traffic.
You need to resolve the issue with FlowLog1.
What should you do?
A company plans to implement ExpressRoute by using the provider connectivity model.
The company creates an ExpressRoute circuit. You are unable to connect to resources through the circuit.
You need to determine the provisioning state of the service provider.
Which PowerShell cmdlet should you run?