You have an Azure Front Door instance that has a single frontend named Frontend1 and an Azure Web Application Firewall (WAF) policy named Policy1. Policy1 redirects requests that have a header containing "string1" to https://www.contoso.com/redirect1. Policy1 is associated to Frontend1.
You need to configure additional redirection settings. Requests to Frontend1 that have a header containing "string2" must be redirected to https://www.contoso.com/redirect2.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have two Azure virtual networks named Vnet1 and Vnet2.
You have a Windows 10 device named Client1 that connects to Vnet1 by using a Point-to-Site (P2S) IKEv2 VPN.
You implement virtual network peering between Vnet1 and Vnet2. Vnet1 allows gateway transit. Vnet2 can use the remote gateway.
You discover that Client1 cannot communicate with Vnet2.
You need to ensure that Client1 can communicate with Vnet2.
Solution: You download and reinstall the VPN client configuration.
Does this meet the goal?
The VPN client must be downloaded again if any changes are made to VNet peering or the network topology.
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site-routing
You have an Azure application gateway for a web app named App1. The application gateway allows end-to-end encryption.
You configure the listener for HTTPS by uploading an enterprise signed certificate.
You need to ensure that the application gateway can provide end-to-end encryption for App1. What should you do?
SIMULATION
Task 2
You need to ensure that you can deploy Azure virtual machines to the France Central Azure region. The solution must ensure that virtual machines in the France Central region are in a network segment that has an IP address range of 10.5.1.0/24.
To deploy Azure virtual machines to the France Central region and ensure they are in a network segment with an IP address range of 10.5.1.0/24, follow these steps:
Step-by-Step Solution
Step 1: Create a Virtual Network in France Central
Navigate to the Azure Portal.
Search for ''Virtual networks''in the search bar and select it.
Click on ''Create''.
Enter the following details:
Subscription: Select your subscription.
Resource Group: Select an existing resource group or create a new one.
Name: Enter a name for the virtual network (e.g.,VNet-FranceCentral).
Region: SelectFrance Central.
Click on ''Next: IP Addresses''.
Step 2: Configure the Address Space and Subnet
In the IP Addresses tab, enter the address space as10.5.1.0/24.
Click on ''Add subnet''.
Enter the following details:
Subnet name: Enter a name for the subnet (e.g.,Subnet-1).
Subnet address range: Enter10.5.1.0/24.
Click on ''Add''.
Click on ''Review + create''and then''Create''.
Step 3: Deploy Virtual Machines to the Virtual Network
Navigate to the Azure Portal.
Search for ''Virtual machines''in the search bar and select it.
Click on ''Create''and then''Azure virtual machine''.
Enter the following details:
Subscription: Select your subscription.
Resource Group: Select the same resource group used for the virtual network.
Virtual machine name: Enter a name for the VM.
Region: SelectFrance Central.
Image: Select the desired OS image.
Size: Select the appropriate VM size.
Click on ''Next: Disks'', configure the disks as needed, and then click on''Next: Networking''.
In the Networking tab, select the virtual network (VNet-FranceCentral) and subnet (Subnet-1) created earlier.
Complete the remaining configuration stepsand click on''Review + create''and then''Create''.
Explanation
Virtual Network: A virtual network in Azure allows you to create a logically isolated network that can host your Azure resources.
Address Space: The address space10.5.1.0/24ensures that the VMs are in a specific network segment.
Subnet: Subnets allow you to segment the virtual network into smaller, manageable sections.
Region: Deploying the virtual network and VMs in the France Central region ensures that the resources are physically located in that region.
By following these steps, you can ensure that your Azure virtual machines in the France Central region are deployed within the specified IP address range of 10.5.1.0/24.
SIMULATION
Task 4
You need to ensure that connections to the storage34280945 storage account can be made by using an IP address in the 10.1.1.0/24 range and the name storage34280945.pnvatelinlcblob.core.windows.net.
Here are the steps and explanations for ensuring that connections to the storage34280945 storage account can be made by using an IP address in the 10.1.1.0/24 range and the name stor-age34280945.pnvatelinlcblob.core.windows.net:
Select Save to apply your changes1.
Sign in to your domain registrar's website, and then go to the page for managing DNS settings2.
Create a CNAME record with the following information2:
Source domain name: stor-age34280945.pnvatelinlcblob.core.windows.net
Destination domain name: stor-age34280945.pnvatelinlcblob.core.windows.net
Save your changes and wait for the DNS propagation to take effect2.
