Page: 1
/ 14
Total 119 questions
Microsoft Troubleshooting Microsoft Azure Connectivity AZ-720 Exam Questions
Question 1
You need to troubleshoot the issue reported by Blue Yonder Airlines.
Which diagnostic log should you review?
Answer : D
To troubleshoot the issue reported by Blue Yonder Airlines, you need to review the IKEDiagnosticLog, which contains information about the Internet Key Exchange (IKE) protocol that is used to establish IPsec VPN connections. The IKEDiagnosticLog can help you identify the cause of the VPN disconnections and IPsec failure to connect errors, such as mismatched authentication parameters, incorrect pre-shared keys, or network connectivity issues. You can enable and download the IKEDiagnosticLog from the Azure portal or by using PowerShell commands
Question 2
You need to resolve the issue with VM10.
What should you do?
Answer : B
To resolve the issue with VM10, you need to remove the inbound security rule that has a priority of 100 in NSG10, which is blocking ICMP traffic from ASG1 to ASG10. The rule has a source of Any, a destination of VirtualNetwork, a protocol of ICMP, and an action of Deny. This means that any ICMP traffic from outside the VNet4 address space will be denied by NSG10, which is attached to subnet4. This prevents VM1 from pinging VM10 by using ICMP, as VM1 is in VNet1 and not in VNet4. By removing this rule, you can allow ICMP traffic from ASG1 to ASG10, as there is no other rule in NSG10 that explicitly denies it. Alternatively, you could also modify the rule to change the source to VirtualNetwork or the action to Allow, but removing the rule is simpler and more effective.
Question 3
A company uses Azure Site Recovery (ASR) for a VMware environment that includes the following virtual machines (VMs):
The company reports that they are unable to configure all of the servers for replication.
You need to evaluate the servers and server roles to determine which servers can be protected.
Which server can you protect by using ASR?
Answer : A
Azure Site Recovery supports replicating VMware VMs that meet certain requirements for operating system version, disk type and size, network adapter type and configuration, and so on. Based on the table of VMs and their properties, only VM1 meets all the requirements for replication
Question 4
A company migrates an on-premises Windows virtual machine (VM) to Azure. An administrator enables backups for the VM by using the Azure portal.
The company reports that the Azure VM backup job is failing.
You need to troubleshoot the issue.
Solution: Install the VM guest agent by using administrative permissions.
Does the solution meet the goal?
Answer : A
Yes, installing the VM guest agent by using administrative permissions could resolve the issue of the Azure VM backup job failing after enabling backups for the VM through the Azure portal. When backing up a virtual machine in Azure, it is necessary to install the VM guest agent to enable proper communication between the VM and the backup service. An administrative user account is required to install the agent.
Therefore, the solution mentioned in the question is correct and the answer is A. Yes.
Back up a virtual machine in Azure (Microsoft documentation)
Question 5
A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR).
An administrator receives an error that password writeback cloud not be enabled during the Azure AD Connect configuration. The administrator observes the following event log error:
Error getting auth token
You need to resolve the issue.
Solution: Use a global administrator account with a password that is less than 256 characters to configure Azure AD Connect.
Does the solution meet the goal?
Answer : B
No, restarting the Azure AD Connect service would not resolve the issue described in the scenario. The error message 'Error getting auth token' indicates there is a problem with authentication
, which is preventing password writeback from being enabled during the Azure AD Connect configuration.
To resolve this issue, you should first confirm that the Azure AD Connect server can authenticate to the Azure AD tenant by using a valid set of credentials. If authentication is successful, then you can investigate other possible causes such as network connectivity issues, misconfigured firewall rules, expired certificates, etc.
Therefore, the correct answer is option B, 'No'.
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/tshoot-connect-authentication
Question 6
A company uses an Azure Virtual Network (VNet) gateway named VNetGW1. VNetGW1 connects to a partner site by using a site-to-site VPN connection with dynamic routing.
The company observes that the VPN disconnects from time to time.
You need to troubleshoot the cause for the disconnections.
What should you verify?
Answer : A
To troubleshoot the cause for the VPN disconnections between VNetGW1 and the partner site, you should verify that the partner's VPN device and VNetGW1 are configured using the same shared key.
Question 7
A company deploys an Azure Virtual Network gateway. The company connects to the gateway by using a site-to-site VPN connection.
The company's on-premises VPN gateway is reporting an issue with the Phase 1 proposal from the Azure Virtual Network gateway.
You need to troubleshoot the issue by reviewing the logs.
Which log should you analyze?
Answer : C
To troubleshoot an issue with the Phase 1 proposal from an Azure Virtual Network gateway when connecting to a site-to-site VPN connection by reviewing logs, you should analyze the IKE Diagnostic log. Therefore, option C is correct. You should analyze the IKE Diagnostic log.
All Official Question Types