Answer-first summary for fast verification
Answer: No
The correct answer is B (No) because modifying an Azure firewall alone does not ensure VM1 is accessible over HTTP from the Internet. Azure Firewall primarily provides inbound protection for non-HTTP/S protocols (e.g., RDP, SSH, FTP) and outbound protection, but for inbound HTTP/S traffic, Network Security Groups (NSGs) are typically required. NSGs control traffic at the subnet or network interface level, and by default, they block all inbound traffic unless explicitly allowed. Additionally, VM1 must have a public IP address or be behind a load balancer with a public IP to be reachable from the Internet. The community discussion supports this, with highly upvoted comments (e.g., 58 upvotes) emphasizing that NSGs are essential for granular control, and Azure Firewall complements but does not replace NSGs for this scenario. While some comments argue that Azure Firewall could be used (e.g., via NAT rules), the consensus and official documentation indicate that NSGs are the primary method for allowing inbound HTTP traffic to a specific VM.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your Azure environment contains multiple Azure virtual machines. You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify an Azure firewall.
Does this solution meet the goal?
A
Yes
B
No
No comments yet.