Exam
Answer confirmed
Question
You have an Azure subscription that contains two virtual networks named VNet1 and VNet2. VNet1 is in the US East Azure region. VNet2 is in the North Europe Azure region.
You create a private DNS zone named Contoso.local and link it to VNet1.
You need to ensure that devices connected to VNet2 can resolve records in Contoso.local. The solution must minimize administrative effort.
What should you do?
Proposed answer
- Configure a peering between VNet1 and VNet2.
- From Contoso.local, create a virtual network link to VNet2.
Correct answer
From Contoso.local, create a virtual network link to VNet2.
- Incorrect – A peering between the two virtual networks will not automatically enable name resolution.
- Incorrect – Creating a virtual network gateway on each virtual network and configuring S2S VPN is an excellent way to enable communication between virtual networks. Still, it is unnecessary to enable name resolution across virtual networks by using Azure Private DNS zones.
- Incorrect – This will not minimize administrative effort. Creating a DNS server on a virtual machine on each virtual network and configuring conditional forwarding is another good way to enable name resolution between virtual networks. Still, it is not specific to Azure Private DNS zones. Azure Private DNS zones provide a managed DNS service that can be used to configure name resolution for resources on an Azure virtual network.
- Correct - By linking the virtual network to the private DNS zone, you enable name resolution by using the private DNS zone.