Practice Test 4 | Microsoft Azure Security Technologies | AZ-500 | Dumps | Mock Test
A company has the following virtual machines defined as part of their subscription.
| Name | Private IP address | Public IP address | Connected to |
| whizlabvm1 | 10.0.0.10 | 100.98.76.8 | whizlab-network/default |
| whizlabvm2 | 10.1.0.10 | 210.3.44.55 | whizlab-network100/default |
The company also has a key vault named whizlab-vault1000. The access policy for the Key Vault has Azure Disk Encryption for volume encryption is enabled.
The key vault is configured, as shown below.
Would users be able to manage keys and secrets stored in the key vault from whizlabvm1?
A. Yes
B. No
We have to decide whether users will be able to manage keys and secrets stored in the key vault from whizlabvm1?
Answer –- A
User will be able to manage keys and security stored in whizlabvault1000 from whizlabvm1, due to following reason.
- A private endpoint has been created of whizlabvault1000.
- The access to whizlab-network, which include whizlavvm1 is also allowed.
- Trusted Microsoft services are allowed to by-pass any firewall on the whizlabvault1000 side.
- We can assume another service endpoint on the whizlab-network side. Both endpoints, will be connected via a private link.
Hence, it is clear that users will be able to manage keys and secrets stored in the key vault from whizlabvm1, due to above reasons.
For more information on configuring network security for the key vault, please refer to the below link-
Comments are closed, but trackbacks and pingbacks are open.