AZ-104 – Question 210

0
11
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a computer named Computer1 that has a point-to-site VPN connection to an Azure virtual network named VNet1. The point-to-site connection uses a self-signed certificate.
From Azure, you download and install the VPN client configuration package on a computer named Computer2.
You need to ensure that you can establish a point-to-site VPN connection to VNet1 from Computer2.

Q. 1: Solution: You modify the Azure Active Directory (Azure AD) authentication policies.
Does this meet the goal?

  • A. Yes
  • B. No

Correct Answer: B 
Instead export the client certificate from Computer1 and install the certificate on Computer2.
Note: Each client computer that connects to a VNet using Point-to-Site must have a client certificate installed. You generate a client certificate from the self-signed root certificate, and then export and install the client certificate. If the client certificate is not installed, authentication fails.

Reference: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site 

Q. 2: Solution: You export the client certificate from Computer1 and install the certificate on Computer2. Does this meet the goal?

  • A. Yes
  • B. No

Correct Answer: A
Each client computer that connects to a VNet using Point-to-Site must have a client certificate installed. You generate a client certificate from the self-signed root certificate, and then export and install the client certificate. If the client certificate is not installed, authentication fails.
Reference: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site 


Q. 3:
Solution: On Computer2, you set the Startup type for the IPSec Policy Agent service to Automatic. Does this meet the goal?

  • A. Yes
  • B. No

LEAVE A REPLY

Please enter your comment!
Please enter your name here