Answer-first summary for fast verification
Answer: Azure Network Security Groups (NSGs) for defining inbound and outbound traffic rules based on source and destination IP addresses, ports, and protocols.
Azure Network Security Groups (NSGs) are the most appropriate solution for this scenario because they allow you to define inbound and outbound traffic rules based on source and destination IP addresses, ports, and protocols. This enables you to restrict access to the VMs hosting the critical application to only specific internal subnets, meeting the security team's requirements. Additionally, NSGs are cost-effective and easy to manage, aligning with the company's need for a solution that does not require additional hardware or complex configurations.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
In a scenario where a company is hosting a critical application on a set of virtual machines (VMs) within Azure, the security team has mandated that access to these VMs must be restricted to only specific internal subnets to minimize exposure to potential threats. The solution must also be cost-effective and easy to manage, without the need for additional hardware or complex configurations. Considering these requirements, which Azure networking feature would you use to restrict access to these VMs, and why? Choose the best option from the following. (Choose one correct option)
A
Azure Network Security Groups (NSGs) for defining inbound and outbound traffic rules based on source and destination IP addresses, ports, and protocols.
B
Azure Virtual Network Peering for connecting multiple virtual networks to enable communication between resources in different virtual networks.
C
Azure VPN Gateway for establishing secure, cross-premises connectivity between the company's on-premises network and Azure virtual networks.
D
Azure ExpressRoute for establishing a dedicated private network connection between the company's on-premises infrastructure and Azure, bypassing the public internet.
No comments yet.