Microsoft Azure Fundamentals AZ-900

Get started today

Ultimate access to all questions.

In a scenario where your organization requires strict control over access to a set of Azure virtual machines (VMs) to ensure they are only accessible from specific IP addresses, you need to select the most appropriate Azure networking feature. Additionally, the solution must be cost-effective and easily scalable to accommodate future growth. Considering these requirements, which Azure networking feature would you use to restrict access to these VMs, and why? Choose the best option from the following:

Simulated

Azure Network Security Groups (NSGs) for defining inbound and outbound traffic rules, which is a cost-effective solution that allows for granular control over traffic to and from VMs.

70.0%

Comments

Loading comments...

Azure Virtual Network Peering for connecting multiple virtual networks, which enables resources in different virtual networks to communicate with each other but does not directly restrict access based on IP addresses.

Azure VPN Gateway for secure site-to-site connectivity, which provides encrypted connections between your on-premises network and Azure but is not the most efficient method for restricting access based on specific IP addresses.

10.0%

Azure ExpressRoute for dedicated private network connectivity, which offers a private connection to Azure services but is more expensive and not specifically designed for IP-based access restriction to VMs.

10.0%

Both Azure Network Security Groups (NSGs) and Azure Firewall, which together provide comprehensive traffic filtering capabilities including IP-based access control and advanced threat protection.