ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-300 All Questions

View all questions & answers for the AZ-300 exam
Go to Exam

Exam AZ-300 topic 1 question 17 discussion

Actual exam question from Microsoft's AZ-300
Question #: 17
Topic #: 1
[All AZ-300 Questions]

An app uses a virtual network with two subnets. One subnet is used for the application server. The other subnet is used for a database server. A network virtual appliance (NVA) is used as a firewall.
Traffic destined for one specific address prefix is routed to the NVA and then to an on-premises database server that stores sensitive data. A Border Gateway
Protocol (BGP) route is used for the traffic to the on-premises database server.
You need to recommend a method for creating the user-defined route.
Which two options should you recommend? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. For the virtual network configuration, use a VPN.
  • B. For the next hop type, use virtual network peering.
  • C. For the virtual network configuration, use Azure ExpressRoute.
  • D. For the next hop type, use a virtual network gateway.
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️
References:
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview
by ChinaBandit at Nov. 23, 2019, 10:49 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Ekramy_Elnaggar
Highly Voted 5 years, 6 months ago
Wrong Answer , Correct Answer is : A, D
upvoted 40 times
onlyfunmails
5 years, 6 months ago
As it uses BGP routing, so it should be ExpressRoute, so correct Answer: C & D
upvoted 10 times
Musk
5 years, 6 months ago
I don't think this is the reason. ExpressROute must use BGP, but BGP can be used by regular VPNs too. I think the reason of A and C is discarding the other 2. D is wrong because if you have an NVA you set the next hope address to an IP address of the NVA instead.
upvoted 19 times
onlyfunmails
5 years, 5 months ago
Agree, thanks for correcting. https://docs.microsoft.com/bs-latn-ba/azure/vpn-gateway/vpn-gateway-bgp-overview Can I use BGP with my VNet-to-VNet connections? Yes, you can use BGP for both cross-premises connections and VNet-to-VNet connections.
upvoted 3 times
gnoamchomsky
4 years, 10 months ago
Just to expand on why A and D are correct answers and certainly not C. From the link they have provided it CLEARLY says - "You cannot specify a virtual network gateway created as type ExpressRoute in a user-defined route because with ExpressRoute, you must use BGP for custom routes. ". In the question it clearly says "You need to create a method for creating the USER-DEFINED route.", hence, the answer can only be A and D.
upvoted 8 times
cloudcuckooland
4 years, 9 months ago
agreed, A and D. the wording " Each correct answer presents a complete solution." is really confusing the situation, I think this wording should be "both answers provide the complete solution" >> a and d are covered perfectly here: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview#user-defined
upvoted 2 times
...
Load full discussion...
...
...
...
...
...
SilentH
Highly Voted 5 years, 4 months ago
I think the answer is A, C because the question states that each answer presents a "complete solution." Therefore, I don't think the answer can be D because it does not represent a complete solution.
upvoted 35 times
SIDNEY1
5 years, 1 month ago
The "complete solution" bit is the key to the answer, can only be A and C.
upvoted 2 times
...
...
azurecert2021
Most Recent 4 years, 5 months ago
Correct Answer is : A, D
upvoted 2 times
...
Mallik78
4 years, 8 months ago
it is A & D
upvoted 2 times
...
A201sss201
4 years, 9 months ago
Answer is A &E. you create a configuration script for script for PowerShell DSC and then modify extensionProfile section ARM template to include PowerShell DSC https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/dsc-template https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-deploy-app
upvoted 1 times
tmurfet
4 years, 9 months ago
answer is for earlier question!
upvoted 1 times
...
...
prince_norman_maximus
4 years, 9 months ago
I believe it is A and D, "You cannot specify a virtual network gateway created as type ExpressRoute in a user-defined route..." I see that A and D are two steps to the same solution, but I cannot trust C based on the quote above.
upvoted 1 times
...
nick_name
4 years, 9 months ago
A D You must use BGP to advertise on-premises routes to the Microsoft Edge router. You cannot create user-defined routes to force traffic to the ExpressRoute virtual network gateway if you deploy a virtual network gateway deployed as type: ExpressRoute. You can use user-defined routes for forcing traffic from the Express Route to, for example, a Network Virtual Appliance.
upvoted 2 times
Freddo
4 years, 9 months ago
AD. "Sensitive Data" requires encryption (Express route is not encrypted)
upvoted 3 times
...
...
TonWin
4 years, 10 months ago
I think it's A and B because the app VNET needs to be peered to the NVA VNET first. Connection to onprem should be established by VPN.
upvoted 1 times
ct84
4 years, 9 months ago
lol :D
upvoted 1 times
...
...
David44
4 years, 10 months ago
question said : You need to recommend a method for creating the user-defined route. but microsoft said : You must use BGP to advertise on-premises routes to the Microsoft Edge router. You cannot create user-defined routes to force traffic to the ExpressRoute virtual network gateway if you deploy a virtual network gateway deployed as type: ExpressRoute. So for me C is wrong
upvoted 1 times
macco455
4 years, 10 months ago
Well B nor D present a complete solution, they would only be part of how you create a UDR. SO neither can be the answer since the question states each answer is a complete solution. Not sold that A&C are the right answers for the question, BUT they are the only 2 COMPELTE solutions
upvoted 2 times
...
...
Rittik
4 years, 11 months ago
"Connectivity with VPN connections is achieved using custom routes with a next hop type of Virtual network gateway." - https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview I think ans is A & D
upvoted 1 times
...
AKC11
4 years, 11 months ago
A and C are correct. As it gives complete solution
upvoted 2 times
...
exams0123456
4 years, 11 months ago
A,C are the correct answers. The link clearly explains the two options: ExpressRoute and VPN under the user-defined route mode, which is what is exactly asked in the question.
upvoted 1 times
...
gboyega
4 years, 11 months ago
Answer is A D
upvoted 6 times
gboyega
4 years, 11 months ago
Because Expressroute doesnt use UDR but BGP. so A and D are the answers
upvoted 7 times
...
...
DeveshSolanki
4 years, 11 months ago
A. For the virtual network configuration, use a VPN. D. For the next hop type, use a virtual network gateway.
upvoted 2 times
...
Tombarc
4 years, 11 months ago
"A & D" appears to be the correct answer. "ExpressRoute: You must use BGP to advertise on-premises routes to the Microsoft Edge router. You cannot create user-defined routes to force traffic to the ExpressRoute virtual network gateway if you deploy a virtual network gateway deployed as type: ExpressRoute. You can use user-defined routes for forcing traffic from the Express Route to, for example, a Network Virtual Appliance. VPN: You can, optionally use BGP. For details, see BGP with site-to-site VPN connections." reference: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview#border-gateway-protocol
upvoted 3 times
...
Ashu141294
4 years, 11 months ago
Correct answer is A and D . you can specify next hop as vpn gateway also . verfied with microsoft docs :-https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-udr-overview
upvoted 1 times
...
prabhu007
4 years, 11 months ago
Right Ans - A & D
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel