ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-700 All Questions

View all questions & answers for the AZ-700 exam
Go to Exam

Exam AZ-700 topic 1 question 42 discussion

Actual exam question from Microsoft's AZ-700
Question #: 42
Topic #: 1
[All AZ-700 Questions]

HOTSPOT
-

You have an on-premises server named Server1 that runs Windows Server and has the DNS Server role installed.

You have an Azure subscription that contains two virtual networks named VNet1 and VNet2. VNet1 contains an Azure Firewall instance named FW1. VNet1 peers with VNet2.

The on-premises network is connected to VNet1 by using ExpressRoute. The on-premises network is inaccessible from VNet2.

You need to ensure that virtual machines connected to VNet2 use Server1 to perform name resolution. The solution must minimize administrative effort.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct answer is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer: D
by NK203 at Dec. 16, 2024, 3:19 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
NK203
Highly Voted 4 months ago
Selected Answer: D
a custom dns server & pirvate IP
upvoted 7 times
lakinduchandula
3 months, 2 weeks ago
in the question also saying that "VNet2 use Server1 to perform name resolution", couldn't we use the fw dnat rule to pass dns queries to ip address of server1. then we can set the private addr of fw1 as the vnet2 vm dns. could you please comment on this?
upvoted 2 times
manhattan
3 months, 1 week ago
I believe that DNAT proxy is an typo, to me "DNAT proxy" doesn't make sense. I think that the answer would rather be "DNS proxy" You can configure Azure Firewall to act as a DNS proxy. A DNS proxy is an intermediary for DNS requests from client virtual machines to a DNS server https://learn.microsoft.com/en-us/azure/firewall/dns-details
upvoted 3 times
bobothewiseman
3 months, 1 week ago
I think the amswer is DNAT rule for FW1 and the Private IP adress of FW1. • Setting a custom DNS server on VNet1 would require all resources within VNet1 to use that DNS server (Server1 in this case).
upvoted 1 times
bobothewiseman
2 months, 1 week ago
I was wrong! Should be custom DNS server and the Private IP address of FW1 DNAT is uses for public-facing inbound traffic
upvoted 1 times
...
...
...
...
...
PentaIT2
Most Recent 6 days, 17 hours ago
"When you use Azure Firewall as a DNS proxy, you can configure your clients to point to the private IP address of the firewall, and configure the firewall to forward requests to a DNS server, such as an on-premises server reachable via ExpressRoute." A
upvoted 2 times
...
bobothewiseman
2 months, 1 week ago
DNAT for FW1 a Private IP adress of FW1. • Setting a custom DNS server on VNet1 would require all resources within VNet1 to use that DNS server (Server1 in this case).
upvoted 2 times
bobothewiseman
2 months, 1 week ago
I was wrong! Should be custom DNS server and the Private IP address of FW1 DNAT is uses for public-facing inbound traffic
upvoted 1 times
doshen
2 months ago
DNAT support translate FW private IP to private IP. "Each rule in the NAT rule collection can then be used to translate your firewall public or private IP address and port to a private IP address and port." https://learn.microsoft.com/en-us/azure/firewall/tutorial-firewall-dnat
upvoted 1 times
...
...
...
a250fb0
2 months, 1 week ago
On VNet1: Set custom DNS server to the IP address of Server1, On VNet2: Set custom DNS server to the private IP address of FW1
upvoted 1 times
...
nhr2
3 months ago
Configure on Azure Firewall (FW1): Create a DNS proxy. Azure Firewall DNS proxy allows you to forward DNS requests to the desired DNS server (Server1, in this case). This ensures that all DNS traffic from VNet2 can reach Server1 through FW1. Configure on VNet2: Configure virtual network settings to use FW1 as the DNS server. You configure VNet2 to use FW1’s private IP address as the DNS server. This directs all DNS queries from VNet2 virtual machines to Azure Firewall, which then forwards the queries to Server1.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago