Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Microsoft Discussions

Exam AZ-103 topic 4 question 38 discussion

Actual exam question from Microsoft's AZ-103
Question #: 38
Topic #: 4
[All AZ-103 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a computer named Computer1 that has a point-to-site VPN connection to an Azure virtual network named VNet1. The point-to-site connection uses a self-signed certificate.
From Azure, you download and install the VPN client configuration package on a computer named Computer2.
You need to ensure that you can establish a point-to-site VPN connection to VNet1 from Computer2.
Solution: You export the client certificate from Computer1 and install the certificate on Computer2.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
Each client computer that connects to a VNet using Point-to-Site must have a client certificate installed. You generate a client certificate from the self-signed root certificate, and then export and install the client certificate. If the client certificate is not installed, authentication fails.
References:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site
by mjq at April 11, 2020, 7:52 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
tashakori
1 month, 1 week ago
Yes is right
upvoted 1 times
...
JayLearn2022
1 year, 2 months ago
There are several versions of this question. The following are the correct and incorrect answers that can be presented. Correct Answer: Meets the goal. -Solution: You export the client certificate from Computer1 and install the certificate on Computer2. Incorrect Answers: Does not meet the goal. -Solution: You join Computer2 to Azure Active Directory (Azure AD). -Solution: You modify the Azure Active Directory (Azure AD) authentication policies.
upvoted 2 times
...
Bogdan_85
1 year, 5 months ago
Selected Answer: A
"You may generate multiple client certificates from the same root certificate. When you generate client certificates using the steps below, the client certificate is automatically installed on the computer that you used to generate the certificate. If you want to install a client certificate on another client computer, you can export the certificate." From here: https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site#clientcert So, A-Yes is the correct answer.
upvoted 1 times
...
stillface
1 year, 7 months ago
"A. Yes" is correct.
upvoted 1 times
...
knc
3 years, 7 months ago
Documentation mentions clearly about reusing the client cert on another computer. https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site#clientcert
upvoted 1 times
...
bjoernhoefer
4 years ago
it might work - at leat until they both try to connect... From a security aspect - copying certificates is pure nonsense....
upvoted 4 times
Charl
4 years ago
This will work, I have implemented P2S with the same cert. as for security the replication of cert's are near to impossible so only if you have the configuration and the Specified Cert in your P2S configuration will it work, otherwise, you will have no connection.
upvoted 1 times
...
asdfgh1234567
3 years, 12 months ago
What difference does it make whether the certificate is a duplicate? Provided the certificate is referencing the same private key then it doesn't matter. Firewalls, load balancers, web proxies, web servers all do exactly this.
upvoted 5 times
...
...
mjq
4 years ago
is this correct? I assumed you'd need to generate a new self-signed certificate and not re-use Computer 1s?
upvoted 3 times
johndoee
4 years ago
it is correct: https://docs.microsoft.com/en-us/azure/vpn-gateway/point-to-site-how-to-vpn-client-install-azure-cert
upvoted 2 times
...
Charl
4 years ago
I have tested this,re-use computer1, you will always use the installed certificate on Computer1 as this is the certificate generated in your P2S connection to establish the first initial connection. No specific reason I have found that this is the quickest and easiest way not to have issues when installing the cert in the future on other/new Computers.
upvoted 2 times
...
Bogdan_85
1 year, 5 months ago
"You may generate multiple client certificates from the same root certificate. When you generate client certificates using the steps below, the client certificate is automatically installed on the computer that you used to generate the certificate. If you want to install a client certificate on another client computer, you can export the certificate." From here: https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site#clientcert So, A-Yes is the correct answer.
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel