ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-140 All Questions

View all questions & answers for the AZ-140 exam
Go to Exam

Exam AZ-140 topic 6 question 18 discussion

Actual exam question from Microsoft's AZ-140
Question #: 18
Topic #: 6
[All AZ-140 Questions]

HOTSPOT
-

You have an Azure subscription that contains an Azure Virtual Desktop deployment. The subscription contains the virtual networks shown in the following table.



You have virtual network peering configured as shown in the following table.



The deployment contains the session hosts shown in the following table.



Windows Defender Firewall is configured on each session host to allow all network traffic between the session hosts.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by jeff1988 at Nov. 6, 2024, 8:44 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
jeff1988
Highly Voted 9 months, 1 week ago
Host1 can successfully ping Host2: VNet1 to VNet2: Traffic to remote virtual network is allowed. VNet2 to VNet1: Traffic to remote virtual network is blocked. Conclusion: No, Host1 cannot successfully ping Host2 because traffic from VNet2 to VNet1 is blocked. Host1 can successfully ping Host3: VNet1 to VNet2: Traffic to remote virtual network is allowed. VNet2 to VNet3: Traffic to remote virtual network is allowed. Conclusion: Yes, Host1 can successfully ping Host3 because traffic is allowed from VNet1 to VNet2 and from VNet2 to VNet3. Host2 can successfully ping Host3: VNet2 to VNet3: Traffic to remote virtual network is allowed. VNet3 to VNet2: Traffic to remote virtual network is allowed. Conclusion: Yes, Host2 can successfully ping Host3 because traffic is allowed in both directions between VNet2 and VNet3. So, the answers are: Host1 can successfully ping Host2: No Host1 can successfully ping Host3: Yes Host2 can successfully ping Host3: Yes
upvoted 5 times
e072f83
6 months ago
Second should be no, because of the statement you used in question 1: "VNet2 to VNet1: Traffic to remote virtual network is blocked.". This means that the return from Host3 has to pass through vnet 2 to vnet 1, but that is blocked. So while the ping will reach host 3 it will not be able to reply due to the block from vnet 2 to vnet 1.
upvoted 1 times
e072f83
6 months ago
nvm, traffic forwarded from remote network is allowed, so vnet 3 can reach vnet 1. You are correct.
upvoted 1 times
DC095
5 months, 1 week ago
VNET peerings are never transitive. The "allow forwarded traffic" option only applies to what address space is encompassed in the service tag for "VirtualNetwork", but not to routing. A VNET gateway, route server, or NVA would be required to make the peerings transitive. This really is more a question for the Az-700 exam and not the 140.
upvoted 1 times
...
...
...
...
lolo13698
Most Recent 1 month ago
Provided answer are correct: host1 > host 2: NO, because the peering is not in both direction, then the traffic cannot come back. host1 > host 3: NO, because even if peering allows it, it miss a routing device NVA to route the traffic. host2 > host 3: YES: because of direct peering allowed in both direction.
upvoted 1 times
...
Harish63
9 months ago
Vnet 1 is not peered with vnet3 -- H1 to H3 -no ping
upvoted 1 times
zuzmo483
6 months, 1 week ago
But VNET2 is with VNET3. All peers have traffic forwarder configured.
upvoted 1 times
DC095
5 months, 1 week ago
Its not a forwarder in the sense of routing. This option is applicable to the Virtual Network service tag that you would find in NSGs. It adds the address spaces of virtual networks that are peered to the peer of a VNET to the service tag so that they are automatically allowed under the "Allow VNET inbound" NSG rule. If you want routing to be facilitated, you need a route server or NVA.
upvoted 1 times
DC095
5 months, 1 week ago
Its really kind of silly that Microsoft has never provided a better description for that option.
upvoted 1 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel