Microsoft AZ-720 Exam Dumps [2024] Practice Valid Exam Dumps Question [Q26-Q42]

Microsoft AZ-720 Exam Dumps [2024] Practice Valid Exam Dumps Question

AZ-720 Dumps - Grab Out For [NEW-2024] Microsoft Exam

NEW QUESTION # 26
A company has an Azure Active Directory (Azure AD) tenant. The company deploys Azure AD Connect to synchronize objects from their Active Directory Domain Services (AD DS) domain.
You observe that AD DS objects are not synchronizing to Azure AD.
You need to verify that the staging mode is enabled.
What should you do?

• A. Run this PowerShell cmdlet: Get-ADSyncConnetorRunStatus
• B. Review the history for the Azure AD Connect sync scheduled task.
• C. Review the triggers for the Azure AD Connect sync scheduled task.
• D. Run this PowerShell cmdlet: Get-ADSyncScheduler

Answer: D

NEW QUESTION # 27
A company deploys Azure Traffic Manager load balancing for an Azure App Service solution.
Load balancing performance is showing a degraded status after deployment, and new HTTPS probes are
failing to reach the Traffic Manager endpoints.
You need to troubleshoot the probe failure.
How should you complete the PowerShell script?

Answer:

Explanation:

NEW QUESTION # 28
A company has virtual machines (VMs) in the following Azure regions:
* West Central US
* Australia East
The company uses ExpressRoute private peering to provide connectivity to VMs hosted on each region and
on-premises services.
The company implements global VNet peering between a VNet in each region. After configuring VNet
peering, VM traffic attempts to use ExpressRoute private peering.
You need to ensure that traffic uses global VNet peering instead of ExpressRoute private peering. The solution
must preserve existing on-premises connectivity to Azure VNets.
What should you do?

• A. Add a user-defined route to the subnets route table.
• B. Add a filter to the on-premises routers.
• C. Disable the ExpressRoute peering connections for one of the regions.
• D. Add a second VNet to the virtual machines and configure VNet peering between the VNets.

Answer: B

NEW QUESTION # 29
A customer has an Azure subscription. Microsoft Defender for servers is enabled for the subscription. The customer has not configured network security groups.
The customer configures a resource group named RG1 that contains the following resources:
* A virtual machine named VM1.
* A network interface named NIC1 that is attached to VM1.
The customer grants a user named Admin1 the following permission for RG1: Microsoft.Security/locations/jitNetworkAccessPolicies/write.
Admin1 reports that the JIT VM access pane in the Azure portal does not show any entries. When you view the same pane, VM1 appears on the Unsupported tab.
You need to ensure that Admin1 can enable just-in-time (JIT) VM access for VM1. The solution must adhere to the principle of least privilege.
Which three actions should you recommend be performed in sequence?
To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

1 - Assign Admin1 the Contributor role for RG1.
2 - Instruct Admin1 to create a network security security goup.
3 - Instruct Admin1 to assiciate a network security group with NIC1.

NEW QUESTION # 30
A company enables just-in-time (JIT) virtual machine (VM) access in Azure.
An administrator observes a list of VMs on the Unsupported tab of the JIT VM access page in the Microsoft Defender for Cloud portal.
You need to determine why some VMs are not supported for JIT VM access.
What should you conclude?

• A. The administrator does not have permissions to request JIT access to the VMs.
• B. The VMs were provisioned by using a classic deployment.
• C. The administrator is using the Microsoft Defender for Cloud free tier.
• D. The administrator does not have the SecurityReader role.

Answer: B

NEW QUESTION # 31
A company deploys an Azure Virtual Network gateway. The company connects to the gateway by using a
site-to-site VPN connection.
The company's on-premises VPN gateway is reporting an issue with the Phase 1 proposal from the Azure
Virtual Network gateway.
You need to troubleshoot the issue by reviewing the logs.
Which log should you analyze?

• A. GatewayDiagnosticLog
• B. RouteDiagnosticLog
• C. IKEDiagnosticLog
• D. P2SDiagnosticLog

Answer: C

NEW QUESTION # 32
A company uses Azure Site Recovery for an on-premises server.
The company reports that replication of the server to Azure has failed.
You need to inspect the logs on the server to troubleshoot the issue.
How should you complete the command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION # 33
A company migrates existing Ubuntu Linux servers from their on-premises vSphere infrastructure to Azure.
The virtual machines (VMs) are experiencing a low network throughput of 20 Mbps. The VMs are expected to
sustain 300 Mbps.
You need to ensure that the VMs are compatible with Azure.
Which change should you make?

• A. Install a kernel name that ends with -azure.
• B. Increase the TCP buffers and window size kernel parameters.
• C. Redeploy the VM with Accelerated Networking enabled.
• D. Configure the network interfaces to 1000 Mbps/full duplex.

Answer: D

NEW QUESTION # 34
A company uses Azure Site Recovery for their on-premises Hyper-V servers. The company manages servers
by using System Center Virtual Machine Manager (SCVMM).
An administrator reports that replication to the secondary site has failed.
You need to inspect the SCVMM logs and configuration files.
Which PowerShell cmdlets should you use?

Answer:

Explanation:

NEW QUESTION # 35
A company deploys Azure Bastion to connect to their virtual machine (VM) infrastructure.
An engineer attempts to connect to a Windows VM by using Remote Desktop Protocol (RDP). The connection fails.
You need to troubleshoot the issue.
Which two actions should you perform?

• A. Apply a network security group on the same subnet as Azure Bastion.
• B. Run the Network Watcher Connection troubleshoot service.
• C. Configure Azure Bastion with static assignment.
• D. Monitor traffic with the following PowerShell cmdlet New-AzNetworkWatcherFlowLog.
• E. Monitor traffic with the following PowerShell cmdlet Test-AzNetworkWatcherConnectivity.

Answer: C,D

NEW QUESTION # 36
A company has an Azure environment that uses one virtual network.
The company restructures the environment to use two different virtual networks. Virtual machines in one network cannot communicate with virtual machines in the other virtual network.
You need to re-establish a connection between virtual machines in the two networks.
How should you configure the networks?

Answer:

Explanation:

NEW QUESTION # 37
A company uses Azure Active Directory (Azure AD) with Azure role-based access control (RBAC) for access to resources.
Some users report that they are unable to grant RBAC roles to other users.
You need to troubleshoot the issue.
How should you complete the Azure Monitor query?

Answer:

Explanation:

NEW QUESTION # 38
You need to resolve the connectivity issue with the on-premises database named CosmosDB1.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION # 39
A company has an ExpressRoute gateway between their on-premises site and Azure. The ExpressRoute
gateway is on a virtual network named VNet1. The company enables FastPath on the gateway. You associate a
network security group (NSG) with all of the subnets.
Users report issues connecting to VM1 from the on-premises environment. VM1 is on a virtual network named
VNet2. Virtual network peering is enabled between VNet1 and VNet2.
You create a flow log named FlowLog1 and enable it on the NSG associated with the gateway subnet.
You discover that FlowLog1 is not reporting outbound flow traffic.
You need to resolve the issue with FlowLog1.
What should you do?

• A. Create the storage account for FlowLog1 as a premium block blob.
• B. Configure the FlowTimeoutInMinutes property on VNet2 to a non-null value.
• C. Configure FlowLog1 for version 2.
• D. Enable FlowLog1 in a network security group associated with the network interface of VM1.

Answer: C

NEW QUESTION # 40
You manage an Azure point-to-site (P2S) VPN deployment. All users connect regularly from their personal Windows computer through a P2S VPN by using certificate-based authentication.
A new user attempts to establish a P25S VPN connection. The user receives the following error message:
A certificate could not be found that can be used with this Extensible Authentication protocol. (Error 798) You need to assists the user with resolving the certificate issue.
What should you do? To answer, drag the appropriate locations to the correct task. Each location maybe used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

NEW QUESTION # 41
A company migrates an on-premises Windows virtual machine (VM) to Azure. An administrator enables
backups for the VM by using the Azure portal.
The company reports that the Azure VM backup job is failing.
You need to troubleshoot the issue.
Solution: Create a new manual backup in Backup center.
Does the solution meet the goal?

• A. Yes
• B. No

Answer: A

NEW QUESTION # 42
......

AZ-720 Exam Dumps PDF Guaranteed Success with Accurate & Updated Questions: https://exam-labs.prep4sureguide.com/AZ-720-prep4sure-exam-guide.html