An administrator needs two non-overlapping VNets in the same region to communicate directly over private IP addresses without deploying a gateway. What should be configured?
VNet peering provides private, low-latency communication between virtual networks when their address spaces do not overlap.
Why this answer
VNet peering enables direct connectivity between two Azure virtual networks using private IP addresses across the Microsoft backbone, without requiring a gateway or public internet. It supports non-overlapping address spaces in the same region and provides low-latency, high-bandwidth communication. This matches the requirement exactly.
Exam trap
The trap here is that candidates confuse VNet peering with VPN gateways or service endpoints, assuming a gateway is always required for cross-VNet communication or that service endpoints can connect VNets, when in fact peering is the direct, gateway-free solution for private IP connectivity.
How to eliminate wrong answers
Option B is wrong because a site-to-site VPN gateway connection requires a VPN gateway in each VNet, incurs additional cost and latency, and is not needed for direct private IP communication within the same region. Option C is wrong because service endpoints extend a VNet's private address space to Azure PaaS services (like Storage or SQL), not to another VNet; they do not enable VNet-to-VNet traffic. Option D is wrong because route tables with default routes (0.0.0.0/0) direct traffic to a network virtual appliance or internet, not to another VNet; custom routes can influence traffic but cannot establish direct VNet-to-VNet connectivity without peering or a gateway.