AZ-500 · AZ-700 · SC-100 · SC-200 · SC-300 · SC-401 · SC-500 · SC-730 · AI-103 · AI-300
AZ-500· AZ-700· SC-100· SC-200· SC-300· SC-401· SC-500· SC-730· AI-103· AI-300
AZ-700

Azure Network Engineer Associate

Microsoft Certified: Azure Network Engineer Associate
PS academy:/courses> Get-Certification -Id AZ-700 | Select-Object -ExpandProperty Overview
40–60
Questions
~120 min
Duration
700
Passing score / 1000
5
Domains
Associate
Level
PSacademy:/courses/az-700> Get-DomainWeights | Format-Chart
Core Networking Infrastructure
25–30% of exam
Connectivity Services
20–25% of exam
Application Delivery Services
15–20% of exam
Private Access to Azure Services
10–15% of exam
Network Security Services
15–20% of exam
PSacademy:/courses/az-700> Get-LearningModules -Cert AZ-700
MOD 01

Core Networking Infrastructure

  • VNet design, address space planning, and CIDR subnetting
  • Azure DNS and Private DNS Zone configuration
  • User-defined routes (UDRs) and effective route evaluation
  • BGP route propagation and route table priority
  • Network Watcher: topology, IP flow verify, packet capture
  • Connection Monitor and NSG flow log diagnostics
MOD 02

Connectivity Services

  • VPN Gateway SKUs, S2S, P2S, and IKEv2/SSTP authentication
  • ExpressRoute circuits, peering types, and FastPath
  • ExpressRoute Global Reach and coexisting VPN configurations
  • Virtual WAN hub architecture and routing intent
  • VNet peering and hub-and-spoke topology design
  • Cross-region and cross-subscription connectivity patterns
MOD 03

Application Delivery Services

  • Azure Load Balancer SKUs, rules, health probes, and session persistence
  • Traffic Manager routing methods: performance, geographic, priority, weighted
  • Application Gateway routing rules, URL-based routing, and SSL offload
  • WAF policy modes, rule sets (OWASP), and custom rules
  • Azure Front Door profiles, origins, rules, and caching
  • Combining load balancing services for global resilience
MOD 04

Private Access to Azure Services

  • Private Endpoints: creation, DNS integration, and name resolution
  • Private Link services for custom internal service exposure
  • Service endpoints vs. Private Endpoints: scope and trade-offs
  • Private DNS zone linking and auto-registration
  • Hub DNS resolver and forwarding rule sets
  • Secure access patterns for PaaS services from on-premises
MOD 05

Network Security Services

  • NSG rules, service tags, application security groups (ASGs)
  • Azure Firewall Premium: IDPS, TLS inspection, and policy hierarchy
  • Firewall DNAT, SNAT, and threat intelligence feed configuration
  • WAF policies and integration with Application Gateway and Front Door
  • DDoS Protection Standard: adaptive tuning and telemetry
  • Network security posture monitoring with Defender for Cloud

Ready to test your AZ-700 knowledge?

Practice all domains, run an exam simulation, or drill into your weak areas.