Microsoft AZ-720 Exam Practice Test Instant Access

Question 1

A company uses an Azure Virtual Network (VNet) gateway named VNetGW1. VNetGW1 connects to a partner site by using a site-to-site VPN connection with dynamic routing.

The company observes that the VPN disconnects from time to time.

You need to troubleshoot the cause for the disconnections.

What should you verify?

AThe partner's VPN device and VNetGW1 are configured using the same shared key.

BThe partner's VPN device is configured for one VPN tunnel per subnet pair.

CThe public IP address of the partner's VPN device is configured in the local network gateway address space on VNetGW1.

DThe partner's VPN device and VNetGW1 are configured with the same virtual network address space.

Answer : B

To troubleshoot the cause for the VPN disconnections between VNetGW1 and the partner site, you should verify that the partner's VPN device is configured for one VPN tunnel per subnet pair.

Question 2

A company uses an Azure Virtual Network (VNet) gateway named VNetGW1. VNetGW1 connects to a partner site by using a site-to-site VPN connection with dynamic routing.

The company observes that the VPN disconnects from time to time.

You need to troubleshoot the cause for the disconnections.

What should you verify?

AThe partner's VPN device and VNetGW1 are configured using the same shared key.

BVNetGW1 has exceeded the subnet Security Association pairs.

CThe partner's VPN device and VNetGW1 are configured with the same virtual network address space.

DThe public IP address of the partner's VPN device is configured in the local network gateway address space on VNetGW1.

Answer : A

To troubleshoot the cause for the VPN disconnections between VNetGW1 and the partner site, you should verify that the partner's VPN device and VNetGW1 are configured using the same shared key.

Question 3

A company uses an Azure Virtual Network (VNet) gateway named VNetGW1. VNetGW1 connects to a partner site by using a site-to-site VPN connection with dynamic routing.

The company observes that the VPN disconnects from time to time.

You need to troubleshoot the cause for the disconnections.

What should you verify?

AThe partner's VPN device and VNetGW1 are configured using the same shared key.

BThe IP address of the local network gateway matches the partner's VPN device.

CThe partner's VPN device is enabled for Perfect forward secrecy.

DThe partner's VPN device and VNetGW1 are configured with the same virtual network address space.

Answer : B

Question 4

A company enables just-in-time (JIT) virtual machine (VM) access in Azure.

An administrator observes a list of VMs on the Unsupported tab of the JIT VM access page in the Microsoft Defender for Cloud portal.

You need to determine why some VMs are not supported for JIT VM access.

What should you conclude?

AThe administrator does not have the SecurityReader role.

BThe administrator is using the Microsoft Defender for Cloud free tier.

CThe client firewall does not allow port 3389 on the VMs.

DA network security group is not associated with the VMs.

Answer : D

Question 5

A company enables just-in-time (JIT) virtual machine (VM) access in Azure.

An administrator observes a list of VMs on the Unsupported tab of the JIT VM access page in the Microsoft Defender for Cloud portal.

You need to determine why some VMs are not supported for JIT VM access.

What should you conclude?

AThe administrator is using the Microsoft Defender for Cloud free tier.

BThe VMs were provisioned by using a classic deployment.

CThe administrator does not have the SecurityReader role.

DThe administrator does not have permissions to request JIT access to the VMs.

Answer : B

JIT VM access is only supported for VMs that are deployed using the Azure Resource Manager (ARM) deployment model. VMs that are provisioned using the classic deployment model are not compatible with JIT VM access and will be displayed under the Unsupported tab of the JIT VM access page in the Microsoft Defender for Cloud portal.

Question 6

A company enables just-in-time (JIT) virtual machine (VM) access in Azure.

An administrator observes a list of VMs on the Unsupported tab of the JIT VM access page in the Microsoft Defender for Cloud portal.

You need to determine why some VMs are not supported for JIT VM access.

What should you conclude?

AThe administrator is using the Microsoft Defender for Cloud free tier.

BThe VMs were provisioned by using a classic deployment.

CThe VMs were recently provisioned by using an Azure Resource Manager deployment.

DThe administrator does not have the SecurityReader role.

Answer : B

The Unsupported tab on the Just-in-Time VM access page in the Microsoft Defender for Cloud portal indicates that the VMs were provisioned by using a classic deployment Classic deployments were used in Azure before the deployment model was updated to Azure Resource Manager, which is now the preferred model for deploying and managing resources in Azure.

Question 7

A company uses Azure Site Recovery (ASR) to replicate and recover Azure virtual machines (VM) between Azure regions.

An administrator receives the following warning from ASR about a VM that uses P10 disks: Data change rate beyond supported limits

You add OS Disk Write Bytes/Sec and Data Disk Write Bytes/Sec to the list of metrics for monitoring. You discover that the VM consistently has a data churn of greater than 8 MB/s but less than 10 MB/s.

You need to resolve the issue.

What should you do?

AUninstall the Volume Shadow Copy Service (VSS) Provider service.

BUse AzCopy to upload data to a cache storage account.

CCreate a network service endpoint in a virtual network.

DUpgrade the target storage disk.

Answer : D

Azure Site Recovery has limits on data change rates depending on the type of disk used for replication. If a VM has a data change rate higher than the supported limit for its disk type, it can cause replication issues or errors. To resolve this issue, you can upgrade the target storage disk to a higher tier that supports higher data change rates.

Microsoft AZ-720 Troubleshooting Microsoft Azure Connectivity Exam Practice Test