Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Your company plans to migrate all on-premises virtual machines to Azure. A network engineer has proposed the following Azure virtual network (VNet) design:
VNet Address Range Hub VNet 10.0.0.0/16 VNet1 10.1.0.0/16 VNet2 10.2.0.0/16 VNet3 10.3.0.0/16
You need to recommend an Azure Bastion deployment to provide secure remote access to all the virtual machines. Based on this virtual network design and the following requirements, determine how many Azure Bastion subnets are necessary:
- The peered networks Hub VNet, VNet1, and VNet2 require one Bastion collectively.
- VNet3 requires a separate Bastion host on its own.
Note:
- Azure Bastion requires a dedicated subnet named AzureBastionSubnet. This subnet must be created in the same virtual network where you want to deploy the Azure Bastion.
- VNet peering allows multiple Bastion hosts across peered virtual networks. By default, a user sees the Bastion host deployed in the same virtual network as the VM. However, users can select from multiple Bastion hosts across peered networks via the Connect menu.
- No other Azure resources can be deployed in the AzureBastionSubnet, as it is reserved exclusively for the Azure Bastion resource.
How many Azure Bastion subnets are required based on the information provided?
Your company plans to migrate all on-premises virtual machines to Azure. A network engineer has proposed the following Azure virtual network (VNet) design:
| VNet | Address Range |
|---|---|
| Hub VNet | 10.0.0.0/16 |
| VNet1 | 10.1.0.0/16 |
| VNet2 | 10.2.0.0/16 |
| VNet3 | 10.3.0.0/16 |
You need to recommend an Azure Bastion deployment to provide secure remote access to all the virtual machines. Based on this virtual network design and the following requirements, determine how many Azure Bastion subnets are necessary:
- The peered networks Hub VNet, VNet1, and VNet2 require one Bastion collectively.
- VNet3 requires a separate Bastion host on its own.
Note:
- Azure Bastion requires a dedicated subnet named AzureBastionSubnet. This subnet must be created in the same virtual network where you want to deploy the Azure Bastion.
- VNet peering allows multiple Bastion hosts across peered virtual networks. By default, a user sees the Bastion host deployed in the same virtual network as the VM. However, users can select from multiple Bastion hosts across peered networks via the Connect menu.
- No other Azure resources can be deployed in the AzureBastionSubnet, as it is reserved exclusively for the Azure Bastion resource.
How many Azure Bastion subnets are required based on the information provided?
Exam-Like
Comments
Loading comments...