ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-720 All Questions

View all questions & answers for the AZ-720 exam
Go to Exam

Exam AZ-720 topic 6 question 52 discussion

Actual exam question from Microsoft's AZ-720
Question #: 2
Topic #: 6
[All AZ-720 Questions]

A company configures an Azure site-to-site VPN between an on-premises network and an Azure virtual network.
The company reports that after completing the configuration, the VPN connection cannot be established.
You need to troubleshoot the connection issue.
What should you do first?

  • A. Identify the shared key by running this PowerShell cmdlet: Get-AzVirtualNetworkGatewayConnectionSharedKey.
  • B. Identify the shared key by running the PowerShell cmdlet: Get -AzVirtualNetworkGatewayConnectionVpnDeviceConfigScript
  • C. Verify the AzureRoot.cer file exists.
  • D. Verify the AzureClient.pfx file exists.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by cris_exam at April 23, 2023, 11:34 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
terawatt
1 year, 11 months ago
The most common reason for a site-to-site VPN connection not being established is a mismatch in the pre-shared keys (shared secrets) on both ends of the connection. This is often the first thing that should be checked when a VPN connection fails to establish. Therefore, the correct answer should be: A. Identify the shared key by running this PowerShell cmdlet: Get-AzVirtualNetworkGatewayConnectionSharedKey. This cmdlet retrieves the pre-shared key for the specified Azure site-to-site VPN connection, which can then be compared with the pre-shared key configured on the on-premises VPN device to ensure they match. If the keys don't match, the VPN connection will fail to establish. The other options are not as relevant: - Option B, the cmdlet Get-AzVirtualNetworkGatewayConnectionVpnDeviceConfigScript, is used to generate a configuration script for the on-premises VPN device, which is useful, but not the first step in troubleshooting. - Options C and D refer to certificate files that are relevant in certificate-based authentication scenarios, not a pre-shared key (PSK) authentication scenario, which is typically used in site-to-site VPNs.
upvoted 1 times
...
cris_exam
2 years, 2 months ago
Selected Answer: A
A is correct. https://learn.microsoft.com/en-us/powershell/module/az.network/get-azvirtualnetworkgatewayconnectionsharedkey?view=azps-9.6.0
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel