ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-700 All Questions

View all questions & answers for the AZ-700 exam
Go to Exam

Exam AZ-700 topic 4 question 52 discussion

Actual exam question from Microsoft's AZ-700
Question #: 52
Topic #: 4
[All AZ-700 Questions]

DRAG DROP
-

Your on-premises network uses an IP address space of 10.0.0.0/20.

You have an Azure subscription that contains the resources shown in the following table.



The on-premises network is connected to HubVnet by using a Site-to-Site (S2S) VPN.

You deploy an Azure firewall named AZFW1 to HubVNet.

You need to ensure that AZFW/1 can inspect all the traffic between the on-premises network and SpokeVNet.

What should you do in RT1? To answer, drag the appropriate destination to the correct route. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by bobothewiseman at Jan. 22, 2025, 3:32 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Sergovladi
3 weeks, 6 days ago
Correct. You need to override default routing of the traffic going through the hub vnet. So you need to create 2 UDRs and associate RT both to Spoke VNET's subnets and Gateway Subnet
upvoted 2 times
...
bobothewiseman
1 month ago
Add a route for 10.0.0.0/20 and specify AZFW1 as the next hop for: • Gateway Subnet on HubVNet Add a route for 192.168.0.0/20 and specify AZFW1 as the next hop for: • AzureFirewallSubnet on HubVNet
upvoted 1 times
bobothewiseman
1 month ago
I take it back! corrected answer is: 1. 10.0.0.0/20 → AzureFirewallSubnet on HubVNet 2. 192.168.0.0/20 → All the subnets on SpokeVNet
upvoted 1 times
bobothewiseman
1 month ago
1. Add a route for 10.0.0.0/20 and specify AZFW1 as the next hop for: • AzureFirewallSubnet on HubVNet This is because traffic from the on-premises network (10.0.0.0/20) needs to be routed through the firewall to reach SpokeVNet, and AZFW1 is placed in the AzureFirewallSubnet. 2. Add a route for 192.168.0.0/20 and specify AZFW1 as the next hop for: • All the subnets on SpokeVNet This is because you need to route traffic to all the subnets in SpokeVNet through AZFW1 to ensure that it inspects traffic between SpokeVNet and the on-premises network.
upvoted 1 times
Saba53
1 week ago
bobthewiseman more like notsowiseman
upvoted 1 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago