makeporngreatagain.pro
yeahporn.top
hd xxx
Uncategorized

Practice Test 3 | Microsoft Azure Security Technologies | AZ-500 | Dumps | Mock Test

3,562

Question 47

Your company has a single subscription and two resource groups configured, one named production-rg and the other development-rg. The network is configured as shown in the exhibit. The development team regularly creates resources in the development-rg group and connects them to Subnet2. During testing, all development resources communicate over TCP port 80 or 443 from Subnet1.

You need to ensure that traffic to the development resources is allowed but all other traffic for Subnet2 should be denied. What should you do?

A. Create a VNET peering between VNETI and VNET2
B. Create a new Network Security Group (NSG) and allow outbound traffic to TCP ports 80 and  443. Assign the new Network Security Group (NSG) to VNETI and Subnet 1
C. Create a new Network Security Group (NSG) and allow inbound traffic to TCP ports 80 and 443. Assign the new NSG to Subnet2
D. Create a new static route to the 10.2.1.0/24 subnet and set the next hop to VNET2. Assign the new static route to Subnet1

Answer

Correct Answer: C

  • Option A is Incorrect because You should not create a VNET peering between VNETI and VNET2. By default, all subnets in a VNET are
    able to communicate with each other, but VNET to VNET communication only occurs if both VNETs are
    peered. Peering does not allow or deny traffic.
  • Option B is Incorrect because You should not create a new NSG, allow outbound traffic to TCP ports 80 and 443, and then assign the NSG to VNETI and Subnet1. This will block all outbound traffic leaving Subnet1, other than TCP 80 and 443, and would be too restrictive.
  • Option C is Correct because You should create a new NSG and allow inbound traffic to TCP ports 80 and 443, and then assign the new NSG to Subnet2. When you create an NSG, the default system rules will block all traffic. Only traffic explicitly specified will be allowed. In this scenario, you create an inbound rule to allow TCP ports 80 and 443 from any source and then assign the NSG to Subnet2.
  • Option D is Incorrect because You should not create a new static route to the 10.2.1.0/24 subnet, set the next hop to VNET2, and then assign the new static route to Subnet1. Static routes are used to route traffic and do not allow or deny traffic.

Reference:

admin
You might also like More from author

Comments are closed, but trackbacks and pingbacks are open.

baseofporn.com https://www.opoptube.com
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.