Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions Practice Exam
Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions Practice Exam
Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions Exam
This exam measures your ability to design, implement, manage, secure, and monitor the following technical tasks: Hybrid Networking; Core Networking Infrastructure; Routing; Networks; and Private Access to Azure Services.
Who should take the exam?
Candidates for this exam should have subject matter expertise in planning, implementing, and maintaining Azure networking solutions, including hybrid networking, connectivity, routing, security, and private access to Azure services.
Skills and Knowledge
Candidates for this exam should also have expert Azure administration skills, in addition to extensive experience and knowledge of networking, hybrid connections, and network security.
Roles and Responsibilities
- Responsibilities for the Azure Network Engineer include recommending, planning, and implementing Azure networking solutions.
- Professionals in this role manage the solution for performance, resiliency, scale, and security.
- They deploy networking solutions by using the Azure Portal and other methods, including PowerShell, Azure Command-Line Interface (CLI), and Azure Resource Manager templates (ARM templates).
- The Azure Network Engineer works with solution architects, cloud administrators, security engineers, application developers, and DevOps engineers to deliver Azure solutions.
Course Outline
The AZ-700 exam covers the latest exam topics as per exam updates as on on May 2, 2023 -
Domain 1 - Understanding Design and implement core networking infrastructure (20–25%)
1.1 Explain to design and implement private IP addressing for Azure resources
- Learn to plan and implement network segmentation and address spaces
- Learn to create a virtual network (VNet)
- Learn to plan and configure subnetting for services, including VNet gateways, private endpoints, firewalls, application gateways, VNet-integrated platform services, and Azure Bastion
- Learn to plan and configure subnet delegation
- Learn to create a prefix for public IP addresses
- Learn to choose when to use a public IP address prefix
- Learn to plan and implement a custom public IP address prefix (bring your own IP)
- Learn to create a new public IP address
- Learn to associate public IP addresses to resources
1.2 Explain to design and implement name resolution
- Learn to design name resolution inside a VNet
- Learn to configure DNS settings for a VNet
- Learn to design public DNS zones
- Learn to design private DNS zones
- Learn to configure a public or private DNS zone
- Learn to link a private DNS zone to a VNet
1.3 Explain to design and implement VNet connectivity and routing
- Learn to design service chaining, including gateway transit
- Learn to design virtual private network (VPN) connectivity between VNets
- Learn to implement VNet peering
- Learn to design and implement user-defined routes (UDRs)
- Learn to associate a route table with a subnet
- Learn to configure forced tunneling
- Learn to diagnose and resolve routing issues
- Learn to design and implement Azure Route Server
- Learn to identify appropriate use cases for a Virtual Network NAT gateway
- Learn to implement a NAT gateway
1.4 Explain to monitor networks
- Learn to configure monitoring, network diagnostics, and logs in Azure Network Watcher
- Learn to monitor and repair network health by using Azure Network Watcher
- Learn to activate and monitor distributed denial-of-service (DDoS) protection
- Learn to activate and monitor Microsoft Defender for DNS
Domain 2 - Understand to design, implement, and manage connectivity services (20–25%)
2.1 Explain to Design, implement, and manage a site-to-site VPN connection
- Learn to design a site-to-site VPN connection, including for high availability
- Learn to select an appropriate VNet gateway SKU for site-to-site VPN requirements
- Learn to implement a site-to-site VPN connection
- Learn to identify when to use a policy-based VPN versus a route-based VPN connection
- Learn to create and configure an IPsec/IKE policy
- Learn to diagnose and resolve virtual network gateway connectivity issues
- Learn to implement Azure Extended Network
2.2 Explain to design, implement, and manage a point-to-site VPN connection
- Learn to select an appropriate virtual network gateway SKU for point-to-site VPN requirements
- Learn to select and configure a tunnel type
- Learn to select an appropriate authentication method
- Learn to configure RADIUS authentication
- Learn to configure certificate-based authentication
- Learn to configure authentication by using Azure Active Directory (Azure AD), part of Microsoft Entra
- Learn to implement a VPN client configuration file
- Learn to diagnose and resolve client-side and authentication issues
- Learn to specify Azure requirements for Always On authentication
- Learn to specify Azure requirements for Azure Network Adapter
2.3 Explain to design, implement, and manage Azure ExpressRoute
- Learn to select an ExpressRoute connectivity model
- Learn to select an appropriate ExpressRoute SKU and tier
- Learn to design and implement ExpressRoute to meet requirements, including cross-region connectivity, redundancy, and disaster recovery
- Learn to design and implement ExpressRoute options, including Global Reach, FastPath, and ExpressRoute Direct
- Learn to choose between private peering only, Microsoft peering only, or both
- Learn to configure private peering
- Learn to configure Microsoft peering
- Learn to create and configure an ExpressRoute gateway
- Learn to connect a virtual network to an ExpressRoute circuit
- Learn to recommend a route advertisement configuration
- Learn to configure encryption over ExpressRoute
- Learn to Implement Bidirectional Forwarding Detection
- Learn to Diagnose and resolve ExpressRoute connection issues
2.4 Explain to design and implement an Azure Virtual WAN architecture
- Learn to select a Virtual WAN SKU
- Learn to design a Virtual WAN architecture, including selecting types and services
- Learn to create a hub in Virtual WAN
- Learn to choose an appropriate scale unit for each gateway type
- Learn to deploy a gateway into a Virtual WAN hub
- Learn to configure virtual hub routing
- Learn to create a network virtual appliance (NVA) in a virtual hub
- Learn to integrate a Virtual WAN hub with a third-party NVA
Domain 3 - Understand to design and implement application delivery services (20–25%)
3.1 Explain to design and implement an Azure Load Balancer
- Learn to map requirements to features and capabilities of Azure Load Balancer
- Learn to identify appropriate use cases for Azure Load Balancer
- Learn to choose an Azure Load Balancer SKU and tier
- Learn to choose between public and internal
- Learn to create and configure an Azure Load Balancer
- Learn to implement a load balancing rule
- Learn to create and configure inbound NAT rules
- Learn to create and configure explicit outbound rules, including SNAT
3.2 Explain to design and implement Azure Application Gateway
- Learn to map requirements to features and capabilities of Azure Application Gateway
- Learn to identify appropriate use cases for Azure Application Gateway
- Learn to create a back-end pool
- Learn to configure health probes
- Learn to configure listeners
- Learn to configure routing rules
- Learn to configure HTTP settings
- Learn to configure Transport Layer Security (TLS)
- Learn to configure rewrite sets
3.3 Explain to design and implement Azure Front Door
- Learn to map requirements to features and capabilities of Azure Front Door
- Learn to identify appropriate use cases for Azure Front Door
- Learn to choose an appropriate tier
- Learn to configure an Azure Front Door, including routing, origins, and endpoints
- Learn to configure SSL termination and end-to-end SSL encryption
- Learn to configure caching
- Learn to configure traffic acceleration
- Learn to implement rules, URL rewrite, and URL redirect
- Learn to secure an origin by using Azure Private Link in Azure Front Door
3.4 Explain to design and implement Azure Traffic Manager
- Learn to identify appropriate use cases for Azure Traffic Manager
- Learn to configure a routing method
- Learn to configure endpoints
Domain 4 - Understand to design and implement private access to Azure services (5–10%)
4.1 Explain to design and implement Azure Private Link service and Azure private endpoints
- Learn to plan an Azure Private Link service
- Learn to create a Private Link service
- Learn to integrate a Private Link service with DNS
- Learn to plan private endpoints
- Learn to create private endpoints
- Learn to configure access to Azure resources by using private endpoints
- Learn to connect on-premises clients to a private endpoint
- Learn to integrate a private endpoint with DNS
4.2 Explain to design and implement service endpoints
- Learn to choose when to use a service endpoint
- Learn to create service endpoints
- Learn to configure service endpoint policies
- Learn to configure access to service endpoints
Domain 5 - Understand to Secure network connectivity to Azure resources (15–20%)
5.1 Explain to implement and manage network security groups
- Learn to create a network security group (NSG)
- Learn to associate an NSG to a resource
- Learn to create an application security group (ASG)
- Learn to associate an ASG to a network interface card (NIC)
- Learn to create and configure NSG rules
- Learn to interpret NSG flow logs
- Learn to validate NSG flow rules
- Learn to verify IP flow
- Learn to configure an NSG for remote server administration, including Azure Bastion
5.2 Explain to design and implement Azure Firewall and Azure Firewall Manager
- Learn to map requirements to features and capabilities of Azure Firewall
- Learn to select an appropriate Azure Firewall SKU
- Learn to design an Azure Firewall deployment
- Learn to create and implement an Azure Firewall deployment
- Learn to configure Azure Firewall rules
- Learn to create and implement Azure Firewall Manager policies
- Learn to create a secure hub by deploying Azure Firewall inside an Azure Virtual WAN hub
5.3 Explain to design and implement a Web Application Firewall (WAF) deployment
- Learn to map requirements to features and capabilities of WAF
- Learn to design a WAF deployment
- Learn to configure detection or prevention mode
- Learn to configure rule sets for WAF on Azure Front Door
- Learn to configure rule sets for WAF on Application Gateway
- Learn to implement a WAF policy
- Learn to associate a WAF policy
What do we offer?
- Full-Length Mock Test with unique questions in each test set
- Practice objective questions with section-wise scores
- In-depth and exhaustive explanation for every question
- Reliable exam reports evaluating strengths and weaknesses
- Latest Questions with an updated version
- Tips & Tricks to crack the test
- Unlimited access
What are our Practice Exams?
- Practice exams have been designed by professionals and domain experts that simulate real-time exam scenario.
- Practice exam questions have been created on the basis of content outlined in the official documentation.
- Each set in the practice exam contains unique questions built with the intent to provide real-time experience to the candidates as well as gain more confidence during exam preparation.
- Practice exams help to self-evaluate against the exam content and work towards building strength to clear the exam.
- You can also create your own practice exam based on your choice and preference