AZ-700 Microsoft Designing and Implementing Microsoft Azure Networking Solutions Free Practice Exam Questions (2025 Updated)
Prepare effectively for your Microsoft AZ-700 Designing and Implementing Microsoft Azure Networking Solutions certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.
You need to identify which IP address space to allocate for the planned deployment of PRDNS1 to HubVNet and SpokeVNet. The solution must meet the general requirements
What should you identify for each virtual network? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need to configure FD1 to provide user access to app2.proseware.com. The solution must meet the security requirements and the general requirements.
What should you do first?
You need to deploy Azure Virtual Network Manager. The solution must support the planned changes and meet the connectivity requirements.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to configure the P2S VPN to meet the connectivity requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to configure APPGW1 to support end-to-end encryption. The solution must meet the security requirements. What should you do?
You need to manage connectivity from NYCNet to the Azure services that use private endpoints. The solution must meet the security requirements. What should you do first?
You need to configure a custom rule for APPGWI-WAFPolicy to allow only connections that originate from FD1. The solution must support the planned changes.
Which Match type and Match variable should you select?
You need to plan the deployment of LBGW1. The solution must support the planned changes.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You ate configuring the DNS forwarding luleset for DNSR1
You need to configure the destination IP address for azure.proseware.com and for corp.proseware.com. The solution must meet the general requirements.
Which IP addiesses should you configure for each namespace? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to configure a security rule for APPGW1-NSG1. The solution must support the planned changes. Which service tag should you use?
You need to configure connectivity between NYCNet and SFONet. The solution must meet the connectivity requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains the resources shown in the following table.
Users on HP1 connect to App1 by using a URL of https://app1 .comoso.com.
You need to ensure that the IDPS on FW1 can identify security threats in the connections from HP1 to Server1.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You have an Azure subscription.
You plan to implement Azure Virtual WAN as shown in the following exhibit.
What is the minimum number of route tables that you should create?
You have an Azure application gateway named AppGW1 that balances requests to a web app named App1.
You need to modify the server variables in the response header of App1.
What should you configure on AppGW1?
You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains a subnet named Subnet1
You deploy an instance of Azure Application Gateway v2 named AppGw1 to Subnet1. You create a network security group (NSG) named NSG1 and link NSG1 to Subnet1.
You need to ensure that AppGw1 will only load balance traffic that originates from VNet1. The solution must minimize the impact on the functionality of AppGw1.
What should you add to NSG1?
You have an Azure subscription that contains an Azure key vault named Vaultl and an app registration for an Azure AD app named App1.
You have a DNS domain named contoso.com that is hosted by a third-party DNS provider.
You plan to deploy App1 by using Azure App Service. App1 will have the following configurations:
• App1 will be hosted across five App Service apps.
• Users will access App1 by using a URL of https://app1.contoso.com.
• The user traffic of App1 will be managed by using Azure Front Door.
• The traffic between Front Door and the App Service apps will be sent by using HTTP.
• App1 will be secured by using an SSL certificate from a third-party certificate authority (CA).
You need to support the Front Door deployment.
Which two DNS records should you create, and to where should you import the SSL certificate for App1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure virtual network that contains the subnets shown in the following table.
You deploy an Azure firewall to AzureFirewallSubnet. You route all traffic from Subnet2 through the firewall.
You need to ensure that all the hosts on Subnet2 can access an external site located at https://*.contoso.com.
What should you do?
O: 27 HOTSPOT
You have an Azure subscription that contains the resources shown in the following table.
You plan to deploy an app named App1 to meet the following requirements.
• External users must be able to access App1 from the internet.
• App1 will be load balanced across all the virtual machines.
• App1 will be hosted on VM1, VM2. VM3. and VM4.
• App1 must be available if an Azure region fails.
• Costs must be minimized.
You need to implement a global load balancer solution for App.
What should you configure? To answer, select the appropriate options in the answer area
NOTE: Bach correct answer is worth one point.
Task 1
You need to ensure that virtual machines on VNET1 and VNET2 are included automatically in a DNS zone named contoso.azure. The solution must ensure that the virtual machines on VNET1 and VNET2 can resolve the names of the virtual machines on either virtual network.
Task 3
You plan to implement an Azure application gateway in the East US Azure region. The application gateway will have Web Application Firewall (WAF) enabled.
You need to create a policy that can be linked to the planned application gateway. The policy must block connections from IP addresses in the 131.107.150.0/24 range. You do NOT need to provision the application gateway to complete this task.
