ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-120 All Questions

View all questions & answers for the AZ-120 exam
Go to Exam

Exam AZ-120 topic 3 question 1 discussion

Actual exam question from Microsoft's AZ-120
Question #: 1
Topic #: 3
[All AZ-120 Questions]

You have an Azure subscription.
You deploy Active Directory domain controllers to Azure virtual machines.
You plan to deploy Azure for SAP workloads.
You plan to segregate the domain controllers from the SAP systems by using different virtual networks.
You need to recommend a solution to connect the virtual networks. The solution must minimize costs.
What should you recommend?

  • A. a site-to-site VPN
  • B. virtual network peering
  • C. user-defined routing
  • D. ExpressRoute
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
You can create custom, or user-defined, routes in Azure to override Azure's default system routes, or to add additional routes to a subnet's route table. In Azure, you create a route table, then associate the route table to zero or more virtual network subnets.
Incorrect Answers:
D: ExpressRoute is a costly solution.
by deepu_agrawal at June 23, 2020, 4:19 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
deepu_agrawal
Highly Voted 4 years, 6 months ago
Why not Virtual Network peering ? . Answer is Virtual Network peering
upvoted 17 times
schalke04
4 years, 6 months ago
ANS: Virtual Network peering
upvoted 8 times
...
...
GiuseppeF
Highly Voted 4 years, 5 months ago
The right answer should be B. https://azure.microsoft.com/en-us/blog/vnet-peering-and-vpn-gateways/ UDR required the use of a GW to connect the VNETs than the cost is GW cost + Egress cost while vnet peering has Ingress + Egress cost but this is less than the previous one.
upvoted 10 times
d0bermannn
3 years, 2 months ago
and udr is about routing, not for connectivity
upvoted 1 times
...
...
smudo1965
Most Recent 11 months, 3 weeks ago
Selected Answer: B
correct answer
upvoted 1 times
...
MadPanda
1 year, 7 months ago
Selected Answer: B
Correct answer is VNET Peering. UDR works within the same VNET if the traffic shaping is required. It does not support traffic routing between different VNET. Peering is the most cost effective option here as compared to VPN gateway.
upvoted 1 times
...
d0bermannn
3 years, 3 months ago
most cheap and technically elegant ans is vnet peering = B
upvoted 1 times
...
LizzyOlivan
3 years, 7 months ago
User-defined routes (UDRs) handle routing for on-premises traffic that passes to Azure. https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/identity/adds-extend-domain
upvoted 1 times
d0bermannn
3 years, 3 months ago
udr is about routing, not connectivity, cheapest of option provided is vnet peering
upvoted 1 times
...
...
Shub94
3 years, 11 months ago
B. virtual network peering
upvoted 2 times
...
jarihd1
3 years, 11 months ago
Answer B : - if No Peering - then what's the usages of UDR ??
upvoted 4 times
...
Bhagirathi
4 years ago
Finally the conclusive go here .... is Vnet Peering .
upvoted 3 times
...
imadedakir
4 years ago
The UDR is applicable only inside the Vnet, in the question we are talking about different Vnets, so the answer should be Vnet peering
upvoted 3 times
...
MukeshKhamparia
4 years, 4 months ago
There are 2 ways to connect VNs - (actually 3 but Route via the Internet is a least secured option) 1 - VPN 2 VPN 2 - Peering VPN 2 VPN is costly as GW comes in picture. PS - UDR comes in picture when you create Peering between VMs. Answer should be - Virtual Network peering
upvoted 7 times
ITDog99
1 year, 6 months ago
In question, "You need to recommend a solution to connect the virtual networks" (<==not asking about connect VMs) So I support you, it should be VN Peering
upvoted 1 times
...
...
praveenkumarh1912
4 years, 5 months ago
VNET peering offers better speed, cheaper and goes via azure backbone. Azure recommends vnet peering https://github.com/MicrosoftDocs/azure-docs/issues/32537 https://azure.microsoft.com/en-us/blog/vnet-peering-and-vpn-gateways/
upvoted 6 times
...
Kapsy
4 years, 5 months ago
VNet peering is the answer. Azure AD DS can be put in a subnet within a VNET and the application VMs into a different subnet within the same VNET, in this case the VMs are part of the same virtual network, they can automatically perform name resolution and communicate with the Azure AD DS domain controllers. Other option is to put Azure AD DS is a separate VNET and application VMs into a separate VNET and peer the VNETs.
upvoted 5 times
...
khadar
4 years, 5 months ago
Since the question is segregation of Azure domain controller and SAP system the answer should be UDR
upvoted 3 times
MukeshKhamparia
4 years, 4 months ago
You seems correct - If we need to use VN peering then what is the need of having 2 Virtual. Creating a peering means you are allowing the communication between 2 VM completely. While UDR, you can restrict the communication based on requirement ( Segregating)
upvoted 3 times
...
...
AmoghU
4 years, 6 months ago
it should be Vnet peering...cost effective only flip side , it is unencrypted
upvoted 5 times
...
rana85
4 years, 6 months ago
answer should be vnet peering
upvoted 6 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel