HOTSPOT -Case study -This is a case study. Case studies are not timed separately. You can use as much exam time as you w

Answers to popular Homework/Schoolwork assignments, tests, and more.
Post Reply
Site Admin
Posts: 346795
Joined: Mon May 16, 2022 9:31 am

HOTSPOT -Case study -This is a case study. Case studies are not timed separately. You can use as much exam time as you w

Post by homeworkanswerdumps »

HOTSPOT -Case study -This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.To start the case study -To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Question button to return to the question.Background -Contoso, Ltd. is a financial services company based in Boston, MA, United States. Contoso hires you to manage their Azure environment and resolve several operational issues.Current environment -General -Contoso's Azure environment contains the following resources. All resources are associated with the same subscription and are located in the East US region:VPN users use Windows 10 computers with the built-in SSTP VPN client software.Recent changes -• You extend the IP address space of VNet1 and create subnets in the new IP address space.• You allow users with computers that run the current version of MacOS to use the built-in VPN client for connecting to the point-to-site VPN.• You enable a service endpoint on contosostorage1 to provide direct access to the storage content from all subnets in VNet1.• You configure all business critical VM workloads to use encryption keys stored in all five key vaults.• You enable a private endpoint on CosmosDB1 to provide direct access to its content from VNet1.• The Contoso's data engineering team was recently tasked with using contosostorage1 blob storage to store database backups.• You develop an automated process to deploy Azure VMs by using Azure Bicep. The passwords for the local administrator accounts are stored in the key vaults. You grant the team that initiates the deployment the Reader RBAC role to all key vaults.• You deploy a multi-tier SharePoint Server environment into a subnet in VNet2. You implement network security groups (NSGs) to allow only specific ports between tiers in the subnet. You configure NSGs to use application security groups (ASGs) when designating the source and destination of cross-tier traffic.• You deploy a secondary multi-tier SharePoint Server environment into a subnet in VNet3.You create the following resources:Issues -DNS issues -Reverse DNS lookup -• Reverse DNS lookups from VNet1 return two records. One DNS record is in the format [vmname] and the other DNS record is in the format [vmname]• Reverse DNS lookups from VNet2 and VNet3 return DNS names in the format [vmname]• VMs on each virtual network can only resolve reverse DNS lookup names of VMs on the same virtual network.Public DNS lookup -You are notified that name resolution requests for are using the DNS zone hosted by the DNS registrar where the zone was originally created.Connectivity and routing issues -Windows VPN -Windows VPN clients cannot connect to Azure VMs on the subnets recently added to VNet1.Sales department VPN -The sales department users cannot connect by using the MacOS VPN client.Azure Storage connectivity -• Server Message Block (SMB)-mounts from VMs on VNet2 and VNet3 to file shares in contosostorage1 are failing.• Azure Storage Explorer connections using access keys from on-premises computers to contosostorage1 are failing.Cosmos DB connectivity -You observe that connections to CosmosDB1 from the on-premises environment are using the CosmosDB1 public endpoint. However, connections to CosmosDB1 from the on-premises environment should be using the private endpoint. You verify that connections to CosmosDB1 from VNet1 are using the private endpoint.VM1 routing -Internet traffic from VM1 is routed directly to the Internet.VM2 routing -After configuring RT12 to route internet traffic from VM1 through VM2, traffic reaches VM2 but then it is dropped. You verify that routing for VM2 is configured correctly.Azure and SharePoint issues -Azure Key Vault -Access attempts to Azure Key Vault by VM workloads intermittently fail with the HTTP response code 429.SharePoint in VNet2 -SharePoint traffic between tiers is blocked by NSGs which is causing application failures.SharePoint in VNet3 -ASGs used in the NSG rules associated with the VNet2 subnet are not visible when configuring NSG rules in VNet3.Permission issues -Data engineering team -The Contoso data engineering team is unable to view the contosostorage1 account in the Azure portal.Azure VM deployment -Azure VM deployments that use Azure Bicep are failing with an authorization error. The error indicates there are insufficient access permissions to retrieve the password of the local administrator account in the key vault.Requirements -DNS requirements -Reverse DNS lookup -You must identify the reason for the differences between reverse DNS lookup results in the hub and the spoke networks and recommend a solution that provides the reverse DNS lookup in the format [vmname] for all three virtual networks.Public DNS lookup -You must verify that the Azure public DNS zone is currently used to resolve DNS name requests for and recommend a solution that uses the Azure public DNS zone.Connectivity and routing requirementsWindows VPN -You must verify if VPN client connectivity issues are related to routing and recommend a solution.MacOS VPN -You must verify if Remote ID and Local ID VPN client settings on the MacOS devices are properly configured.Azure Storage connectivity -You must resolve the issues with the SMB-mounts from VNet2 and VNet3 as well as ensure that on-premises connections to contosostorage1 are successful. Your solution must ensure that, whenever possible, network traffic does not traverse public internet.Cosmos DB connectivity -You must verify if on-premises connections to CosmosDB1 are using the CosmosDB1 public endpoint. You need to recommend a solution if connections are not using private endpoints.VM1 routing -RT12 must be configured to route internet traffic from VM1 through VM2.VM2 routing -VM2 must be configured to route internet traffic from VM1.Azure and SharePoint requirementsAzure Key Vault -You must identify the reason for the failures and recommend a solution.SharePoint in VNet2 -You need to identify the NSG rules that are blocking traffic. You also need to collect the data that is blocked by the NSG rules. The solution must minimize administrative effort.SharePoint in VNet3 -You need to create NSG rules for VNet3 with the same name, source and destination settings that are configured for the NSG associated with VNet2. The solution must minimize administrative effort.Permission requirements -Azure Bicep -You must identify the minimum privileges required to provision Azure VMs using Azure Bicep.Data engineering team -You must identify the role-based access control (RBAC) roles required by the data engineering team to access the storage account by using Azure portal. They also require permission to backup and restore blobs in contosostorage1.You need to troubleshoot and resolve the reverse DNS lookup issues.What should you do? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point.
Hotspot Case St 1
Hotspot Case St 1 (416.9 KiB) Viewed 11 times
Hotspot Case St 2
Hotspot Case St 2 (233.21 KiB) Viewed 11 times
Hotspot Case St 3
Hotspot Case St 3 (205.17 KiB) Viewed 11 times
Register to view solutions, replies, and use search function. Request answer by replying! For more answers visit our other sites: AnswerAccurate HomeworkAnswerHelp AnswerHappy and QuestionAnswerDump

This question has been solved and has 1 reply.

You must be registered to view answers and replies in this topic. Registration is free.

Register Login
Post Reply