AZ-800 Question #321: Real Exam Question with Answer & Explanation

Question

You have on-premises Windows devices. You have an Azure subscription that contains a virtual network named VNet1. You need to create a Site-to-Site (S2S) VPN between the on-premises network and VNet1. Which three resources should you create? Each correct answer present part of the solution. NOTE: Each correct selection is worth one point.

Options

• Aa network security group (NSG)
• Ban Azure NAT gateway
• Can Azure Route Server
• Da VPN connection
• Ea virtual network gateway
• Fa local network gateway

Explanation

To connect an on-premises network to an Azure virtual network via a Site-to-Site (S2S) VPN, you need to create a VPN Gateway in Azure [E], a Gateway Subnet within your Azure Virtual Network (VNet), and a Local Network Gateway[F] that represents your on-premises network. Finally, you must create a VPN Connection [D] to link the Azure VPN Gateway and the Local Network Gateway together. Azure components Virtual Network (VNet): A virtual network is the fundamental building block for your private network in Azure. Gateway Subnet: A dedicated subnet within your VNet to host the VPN gateway. You cannot have any other resources in this subnet. [E] VPN Gateway: A virtual network gateway that enables the connection between your VNet and your on-premises network. This is an Azure-managed service that has a public IP address on the [F] Local Network Gateway: An Azure resource that represents the on-premises network. It contains the public IP address of your on-premises VPN device and the IP address ranges of your on-premises network. [D] VPN Connection: The object that links the VPN Gateway and the Local Network Gateway, establishing the actual tunnel. This is where you will define the shared key for authentication and specify IPsec/IKE policies. On-premises components [F] Validated VPN Device: A physical or virtual device on your on-premises network that is compatible with Azure VPN Gateways. This device must have a public IP address. Configuration: The on-premises VPN device must be configured to establish a tunnel with the Azure VPN Gateway's public IP address, using the shared key you create in the Azure portal. What need to be created for connect an on-premises network to an Azure virtual network through Site-to-Site (S2S) VPN? https://learn.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal Exam Questions, Study Guides, Practice Tests. Lead the way to help you pass any IT Certification exams, 100% Pass Guaranteed or Full Refund. Especially Cisco, Microsoft, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on. Our Slogan: First Test, First Pass. Help you to pass any IT Certification exams at the first try. You can reach us at any of the email addresses listed below. Any problems about IT certification or our products, you could rely upon us, we will give you satisfactory answers in 24 hours.

No community discussion yet for this question.