DRAG DROP
Your company has a main office and several branch offices.
You create an Azure subscription and you deploy several virtual machines. The virtual machines are located in
multiple subnets.
You need to provide remote access to the virtual machines to five users in each office by using a VPN
connection. The remote access connections will not require a VPN device nor a public-facing IP address in
order to work.
Which three actions should you perform in sequence before you download the VPN client on each computer?
To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the
correct order.
Select and Place:
Answer: 
2. Generate a client certificate
Each client computer that connects to a VNet using Point-to-Site must have a client certificate installed. The client certificate is generated from the root certificate and installed on each client computer.
I think?
1. Generate a self-signed root certificate and upload the certificate to Azure.
2. Generate a self-signed root certificate and install the certificate on each client computer.
3. Create a point-to-site VPN.
0
0
Both certificates options are correct, but I think the order of the answers aren’t:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-classic-azure-portal
” Each client computer that connects to a VNet using Point-to-Site must have a client certificate installed. The client certificate is generated from the root certificate and installed on each client computer. If a valid client certificate is not installed and the client tries to connect to the VNet, authentication fails.
You can either GENERATE a unique certificate for EACH CLIENT, or you can use the same certificate for multiple clients. The advantage to generating unique client certificates is the ability to revoke a single certificate. Otherwise, if multiple clients are using the same client certificate and you need to revoke it, you have to generate and install new certificates for all the clients that use that certificate to authenticate”
Following the steps of the webpage above:
You create the Point-To-Site VPN in step 1.2.3 and upload the certificates on the already created VPN on steps 3.1 and 3.3.
So I think the correct order is
1- Create a point-to-site VPN.
2- Generate a self-signed root certificate and upload the certificate to Azure.
3- Generate a self-signed computer certificate for each client computer…
2
0
I think this is the right order
1
0
Seconded.. You would build out the VPN first and then upload the Certificates.
0
0
1- Create a point-to-site VPN.
2- Generate a self-signed root certificate and upload the certificate to Azure.
3- Generate a self-signed computer certificate for each client computer…
1
0
Hello Dorris, Please share you PDF for 70-533 with me. My email is contosovm@gmail.com.
Thanks!
0
0
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal
9. Upload the root certificate public certificate data
10. Install an exported client certificate
11. Generate/download and install the VPN client configuration package.
Also, watch the tube steps- https://www.youtube.com/watch?v=-GEEv_7xrEo
1
0
The answer is correct.
1
1
3 Create a Point to Site VPN
2 Generate a Self-Signed root certificate and upload the certificate to Azure
6 Generate a Self-Signed root certificate and install the certificate on each client computer
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-point-to-site-resource-manager-portal
3
0