ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-700 All Questions

View all questions & answers for the AZ-700 exam
Go to Exam

Exam AZ-700 topic 2 question 28 discussion

Actual exam question from Microsoft's AZ-700
Question #: 28
Topic #: 2
[All AZ-700 Questions]

DRAG DROP -

You have an Azure subscription that contains a virtual network named Vnet1 and an Azure SQL database named SQL1. SQL1 has a private endpoint on Vnet1.

You have a partner company named Fabrikam, Inc. Fabrikam has an Azure subscription that contains a virtual network named Vnet2 and a virtual machine named VM1. VM1 is connected to Vnet2.

You need to provide VM1 with access to SQL1 by using an Azure Private Link service.

What should you implement on each virtual network? To answer, drag the appropriate resources to the correct virtual networks. Each resource may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by chatlisi at Jan. 10, 2023, 3:01 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Wis10
Highly Voted 2 years, 3 months ago
Correct Answer: - Vnet1 = Standard Load Balancer - Vnet2 = Private Endpoint Justification: https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview#workflow
upvoted 55 times
TheBlob
9 months, 1 week ago
An Azure SQL database (PaaS) does not support Private Link Service. You need a private endpoint instead. This question is a bit tricky. You mainly use a private link service for resources that don't support private endpoints, like apps hosted on VMs (IaaS). That is why you would need a load balancer (IaaS) for such requirement.
upvoted 1 times
TheBlob
9 months, 1 week ago
But what I forgot to mention. The answers are incorrect. I asume you would use the load balancer to connect to the IP Address of the already existing private endpoint. I don't see that described at Microsoft, but I asume it can work.
upvoted 1 times
...
...
RabbitB
11 months, 1 week ago
But question said you need to use an Azure Private Link service.
upvoted 2 times
...
asdasd123123iu
1 year, 8 months ago
Agree, SQL already have private endpoint so we need load balancer in VNET1 and private link in VNET2.
upvoted 3 times
...
...
DavidSapery
Highly Voted 2 years, 3 months ago
https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview indicates that a Load Balancer is needed on the SQL side (vnet1) and a Private Endpoint on the VM side (vnet2).
upvoted 21 times
...
ninz44
Most Recent 2 months ago
Vnet1 - Private Link Vnet2 - Private Endpoint
upvoted 1 times
ninz44
2 months ago
Correction Vnet1 - Peering Link
upvoted 1 times
...
...
mjk666
1 year, 1 month ago
The question here is how should we put the Azure SQL Database behind the load balancer, we already have an endpoint in the Vnet1 which we don't need then. if it was SQL Server on VMs without endpoint the deploying SLB and PE would make sense
upvoted 2 times
...
Lazylinux
1 year, 5 months ago
Given answer is WRONG - For sure as others pointed out Vnet1 - STD LB used to allow access to backend pool that allows access to resources, also NAT GWY is deployed Vnet2 - PE - private end point
upvoted 5 times
...
Azused
1 year, 7 months ago
Correct Answer: - Vnet1 = Standard Load Balancer - Vnet2 = Private Endpoint https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview#workflow
upvoted 5 times
...
ronin201
1 year, 9 months ago
I have the same config (only posgreSQL) I have private endpoint and 2 peering links in 2 networks, the current description already has private endpoint.
upvoted 4 times
GBAU
1 year, 6 months ago
While I thought this was the answer as it would work, I think the question is testing knowledge of private link services, where only specific services are provided across the private link, not access to the full vNet.
upvoted 1 times
...
...
ronin201
1 year, 9 months ago
wrong answer: Vnet1 already has private enpoint. peering links in both vnets must be created
upvoted 6 times
...
AzureLearner01
2 years, 1 month ago
To establish the private link service you need a load balancer in VNet 1 and for sure the private link service resource. In the partner company tenant you need an private endpoint that connects to this private link service. To answer the question correctly we might answer to create standard load balancer and private link service in vnet1 an pe in vnet2.
upvoted 4 times
...
Ayokun
2 years, 1 month ago
Load balancer Private Link https://learn.microsoft.com/it-it/azure/private-link/private-link-overview
upvoted 2 times
Ayokun
2 years, 1 month ago
Sorry i correct "You need to provide VM1 with access to SQL1 by using an Azure Private Link service" hence it is required the last part of the config which is a private endpoint on VM1 LB Private Endpoint
upvoted 2 times
...
...
tester2023
2 years, 2 months ago
VNET1: Peering Link VNET2: Peering Link The question notes a Private Endpoint is already configured on the SQL Server (PaaS) resource. As such, vNet peering will allow the VM on vNet 2 to reach the database on vNet 1. A private endpoint is part of the Private Link Service (https://learn.microsoft.com/en-us/azure/private-link/private-link-faq#what-is-azure-private-endpoint-and-azure-private-link-service-) For those selecting Load Balancer, you are correct it requires a Private Link Service (PLS), but that isn't one of the available answers. Also, a PLS requires a VM or VM Scale Set Load Balancer backend pool (see https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview ). Testing revealed I couldn't use the private IP address of the SQL PaaS server private endpoint for the PLS.
upvoted 7 times
KeenOnTech
1 year, 7 months ago
As we have a Private Endpoint in VNet-1, the LB is already installed at SQL subnet. All is needed is to allow VM @Vnet2 access PE @Vnet1. Peering is all is needed: "The private endpoint can be reached from globally peered virtual networks and on premises using private VPN or ExpressRoute connections." https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview#details
upvoted 2 times
...
lingxian
2 years, 1 month ago
I would agree with this. How to use an LB with the Azure SQL database as a backend? We have already the private endpoint in VNet1, setting up peering should be enough for VMs in VNet2 talking to the SQL service.
upvoted 2 times
...
flurgen248
2 years, 2 months ago
The prompt says "You need to provide VM1 with access to SQL1 by using an Azure Private Link service." A private link service requires a load balancer. VNET1: Load Balancer VNET2: Private Endpoint https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview
upvoted 7 times
...
...
4729
2 years, 2 months ago
VNET1: Private Link VNET2: Private Endpoint
upvoted 7 times
...
amt2022
2 years, 3 months ago
Correct answer - VNET1 = Standard LB -VNET2 = Private EndPoint Check this sample from MS. https://learn.microsoft.com/en-us/azure/private-link/create-private-link-service-powershell
upvoted 8 times
...
DerekKey
2 years, 3 months ago
VNet 1: Load Balancer VNet 2: Private Endpoint Microsoft docs: https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview
upvoted 5 times
...
chatlisi
2 years, 3 months ago
VNET1 - Azure Load Balancer - your existing service must be behind a load balancer VNET2 - Private link
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago