Exam4Training

What should you do?

You have an Azure virtual network named VNet1 that contains a subnet named Subnet1. Subnet1 contains three Azure virtual machines. Each virtual machine has a public IP address.

The virtual machines host several applications that are accessible over port 443 to user on the Internet.

Your on-premises network has a site-to-site VPN connection to VNet1.

You discover that the virtual machines can be accessed by using the Remote

Desktop Protocol (RDP) from the Internet and from the on-premises network.

You need to prevent RDP access to the virtual machines from the Internet, unless the RDP connection is established from the on-premises network. The solution must ensure that all the applications can still be accesses by the Internet users.

What should you do?
A . Modify the address space of the local network gateway.
B . Remove the public IP addresses from the virtual machines.
C . Modify the address space of Subnet1.
D . Create a deny rule in a network security group (NSG) that is linked to Subnet1.

Answer: D

Explanation:

You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.

References:

https://docs.microsoft.com/en-us/azure/virtual-network/security-overview

Latest AZ-103 Dumps Valid Version with 369 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Exit mobile version