Does the solution meet the goal?

AZ-720 V2 0 Comments

A company connects their on-premises network by using Azure VPN Gateway. The on-premises environment includes three VPN devices that separately tunnel to the gateway by using Border Gateway Protocol (BGP).

A new subnet should be unreachable from the on-premises network.

You need to implement a solution.

Solution: Disable peering on the virtual network.

Does the solution meet the goal?
A . Yes
B . No

Answer: B

Explanation:

Disabling peering on the virtual network will not prevent the on-premises network from reaching the new subnet. Virtual network peering is a way to connect virtual networks and allows resources in both virtual networks to communicate with each other securely. It does not affect connectivity between on-premises and virtual network resources.

A better solution would be to create a network security group (NSG) and associate it with the new subnet. The NSG can be configured to deny traffic from the on-premises network to the new subnet. This way, the new subnet will be isolated from the on-premises network.

Reference:

Azure Virtual Network peering: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview

Azure Network Security Groups: https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview

Latest AZ-720 Dumps Valid Version with 81 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download AZ-720 PDF     AZ-720 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments