Pass4sure offers free demo for AZ-720 exam. "Troubleshooting Microsoft Azure Connectivity", also known as AZ-720 exam, is a Microsoft Certification. This set of posts, Passing the Microsoft AZ-720 exam, will help you answer those questions. The AZ-720 Questions & Answers covers all the knowledge points of the real exam. 100% real Microsoft AZ-720 exams and revised by experts!
Check AZ-720 free dumps before getting the full version:
NEW QUESTION 1
A company has an ExpressRoute gateway between their on-premises site and Azure. The ExpressRoute gateway is on a virtual network named VNet1. The company enables FastPath on the gateway. You associate a network security group (NSG) with all of the subnets.
Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network named VNet2. Virtual network peering is enabled between VNet1 and VNet2.
You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet. You discover that FlowLog1 is not reporting outbound flow traffic.
You need to resolve the issue with FlowLog1. What should you do?
- A. Configure FlowLog1 for version 2.
- B. Create the storage account for FlowLog1 as a premium block blob.
- C. Configure the FlowTimeoutInMinutes property on VNet2 to a non-null value.
- D. Enable FlowLog1 in a network security group associated with the network interface of VM1.
Answer: A
NEW QUESTION 2
A company deploys ExpressRoute.
The company reports that there is an autonomous system (AS) number mismatch. You need to identify the AS number of the circuit.
Which PowerShell cmdlet should you run?
- A. Get-AzExpressRouteCircuitPeeringConfig
- B. Get-AzExpressRouteCircuitStats
- C. Get-AzExpressRouteCircuitRouteTable
- D. Get-AzExpressRouteCircuit
Answer: B
NEW QUESTION 3
A company implements Windows and Linux VMs in an Azure Virtual Network. The company plans to apply routing changes to the virtual network.
You need to determine the impact of these changes on network latency affecting applications that use TCP and UDP traffic. The solution must provide the highest level of accuracy.
Which tools should you use?
Solution:

Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 4
A company has an Azure environment that uses one virtual network.
The company restructures the environment to use two different virtual networks. Virtual machines in one network cannot communicate with virtual machines in the other virtual network.
You need to re-establish a connection between virtual machines in the two networks. How should you configure the networks?
Solution:

Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 5
A company hosts a network virtual appliance (VNA) and Azure Route Server in different virtual networks (VNets). Border Gateway Protocol (BGP) peering is enabled between the NVA loses internet connectivity after it advertises the default route to the route server.
You need to resolve the problem with the NVA. What should you do?
- A. Configure a user-defined route on the NVA subnet.
- B. Move the route server to the same VNet as the NVA.
- C. Configure a unique autonomous system number (ASN) on the NVA.
- D. Configure a public IP address on the route server.
Answer: C
NEW QUESTION 6
A company migrates an on-premises Windows virtual machine (VM) to Azure. An administrator enables backups for the VM by using the Azure portal.
The company reports that the Azure VM backup job is failing. You need to troubleshoot the issue.
Solution: Create a new manual backup in Backup center. Does the solution meet the goal?
- A. Yes
- B. No
Answer: A
NEW QUESTION 7
A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR). An administrator receives an error that password writeback could not be enabled during the Azure AD Connect configuration. The administrator observes the following event log error:
Error getting auth token
You need to resolve the issue. What should you do?
- A. Restart the Azure AD Connect service.
- B. Configure Azure AD Connect using a global administrator account that is not federated.
- C. Configure Azure AD Connect using a global administrator account with a password that is less than 256 characters.
- D. Disable password writeback and then enable password writeback using the Azure AD Connect configuration.
Answer: C
NEW QUESTION 8
A company migrates an on-premises Windows virtual machine (VM) to Azure. An administrator enables backups for the VM by using the Azure portal.
The company reports that the Azure VM backup job is failing. You need to troubleshoot the issue.
What should you do?
- A. Create a new manual backup in Backup center.
- B. Run chkdsk on the VM.
- C. Configure the retention range of the current backup policy for the VM.
- D. Install the VM guest agent with administrative permissions.
- E. Enable replication and create a recovery plan for the backup vault.
Answer: D
NEW QUESTION 9
A company uses Azure AD Connect. The company plans to implement self-service password reset (SSPR). An administrator receives an error that password writeback cloud not be enabled during the Azure AD Connect configuration. The administrator observes the following event log error:
Error getting auth token
You need to resolve the issue.
Solution: Restart the Azure AD Connect service. Does the solution meet the goal?
- A. Yes
- B. No
Answer: B
NEW QUESTION 10
A customer has an Azure subscription. Microsoft Defender for servers is enabled for the subscription. The customer has not configured network security groups.
The customer configures a resource group named RG1 that contains the following resources:
• A virtual machine named VM1.
• A network interface named NIC1 that is attached to VM1.
The customer grants a user named Admin1 the following permission for RG1: Microsoft.Security/locations/jitNetworkAccessPolicies/write.
Admin1 reports that the JIT VM access pane in the Azure portal does not show any entries. When you view the same pane, VM1 appears on the Unsupported tab.
You need to ensure that Admin1 can enable just-in-time (JIT) VM access for VM1. The solution must adhere to the principle of least privilege.
Which three actions should you recommend be performed in sequence?
To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Solution:

Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 11
A company connects their on-premises network by using Azure VPN Gateway. The on-premises environment includes three VPN devices that separately tunnel to the gateway by using Border Gateway Protocol (BGP).
A new subnet should be unreachable from the on-premises network. You need to implement a solution.
Solution: Disable peering on the virtual network. Does the solution meet the goal?
- A. Yes
- B. No
Answer: B
NEW QUESTION 12
A company deploys Azure Bastion to connect to their virtual machine (VM) infrastructure.
An engineer attempts to connect to a Windows VM by using Remote Desktop Protocol (RDP). The connection fails.
You need to troubleshoot the issue. Which two actions should you perform?
- A. Monitor traffic with the following PowerShell cmdlet Test-AzNetworkWatcherConnectivity.
- B. Configure Azure Bastion with static assignment.
- C. Apply a network security group on the same subnet as Azure Bastion.
- D. Run the Network Watcher Connection troubleshoot service.
- E. Monitor traffic with the following PowerShell cmdlet New-AzNetworkWatcherFlowLog.
Answer: BE
NEW QUESTION 13
A company deploys Azure Traffic Manager load balancing for an Azure App Service solution.
Load balancing performance is showing a degraded status after deployment, and new HTTPS probes are failing to reach the Traffic Manager endpoints.
You need to troubleshoot the probe failure.
How should you complete the PowerShell script?
Solution:

Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 14
A company has an Azure Virtual Network gateway named VNetGW1. The company enables point-to-site connectivity on VNetGW1. An administrator configures VNetGW1 for the following:
OpenVPN for the tunnel type.
Azure certificate for the authentication type.
Users receive a certificate mismatch error when connecting by using a VPN client. You need to resolve the certificate mismatch error.
What should you do?
- A. Configure the tunnel type for IKEv2 and OpenVPN on VNetGW1.
- B. Create a profile manually, add the server FQDN and reissue the client certificate.
- C. Install a Secure Socket Tunneling Protocol (SSTP) VPN client on the user's computers.
- D. Configure preshared key for authentication on the VPN profile.
Answer: B
NEW QUESTION 15
A company connects an on-premises network to an Azure virtual network by using ExpressRoute. The ExpressRoute connection is experiencing higher than normal latency.
You need to confirm the traffic flow.
How should you complete the PowerShell command?
Solution:

Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 16
A company uses Azure Site Recovery for their on-premises Hyper-V servers. The company manages servers by using System Center Virtual Machine Manager (SCVMM).
An administrator reports that replication to the secondary site has failed. You need to inspect the SCVMM logs and configuration files.
Which PowerShell cmdlets should you use?
Solution:

Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 17
A company uses Azure Site Recovery (ASR) for a VMware environment that includes the following virtual machines (VMs):
The company reports that they are unable to configure all of the servers for replication.
You need to evaluate the servers and server roles to determine which servers can be protected. Which server can you protect by using ASR?
- A. VM1
- B. VM2
- C. VM3
- D. VM4
Answer: C
NEW QUESTION 18
A company connects their on-premises network by using Azure VPN Gateway. The on-premises environment includes three VPN devices that separately tunnel to the gateway by using Border Gateway Protocol (BGP).
A new subnet should be unreachable from the on-premises network. You need to implement a solution.
Solution: Scale the gateway to Generation2. Does the solution meet the goal?
- A. Yes
- B. No
Answer: A
NEW QUESTION 19
A company has virtual machines (VMs) in the following Azure regions:
West Central US
Australia East
The company uses ExpressRoute private peering to provide connectivity to VMs hosted on each region and on-premises services.
The company implements global VNet peering between a VNet in each region. After configuring VNet peering, VM traffic attempts to use ExpressRoute private peering.
You need to ensure that traffic uses global VNet peering instead of ExpressRoute private peering. The solution must preserve existing on-premises connectivity to Azure VNets.
What should you do?
- A. Add a user-defined route to the subnets route table.
- B. Add a filter to the on-premises routers.
- C. Add a second VNet to the virtual machines and configure VNet peering between the VNets.
- D. Disable the ExpressRoute peering connections for one of the regions.
Answer: B
NEW QUESTION 20
......
Recommend!! Get the Full AZ-720 dumps in VCE and PDF From Surepassexam, Welcome to Download: https://www.surepassexam.com/AZ-720-exam-dumps.html (New 81 Q&As Version)