ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-700 All Questions

View all questions & answers for the AZ-700 exam
Go to Exam

Exam AZ-700 topic 4 question 58 discussion

Actual exam question from Microsoft's AZ-700
Question #: 58
Topic #: 4
[All AZ-700 Questions]

HOTSPOT
-

You have an Azure subscription that contains the resources shown in the following table:



Each quarter, you deploy five new virtual machines to host App1.

You need to add a rule to NSG1 to ensure that the virtual machines that host App1 can connect to SQL1 and SQL2. The solution must follow the principle of least privilege and minimize administrative effort.

How should you configure the source property and the destination property for the rule? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by bobothewiseman at Jan. 22, 2025, 3:53 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tkasa
1 week, 6 days ago
Correct Configuration for NSG1 Rule: We need to allow traffic from the VMs hosting App1 (in Subnet2) to SQL1 and SQL2 (in Subnet1) while following the principle of least privilege and minimizing administrative effort. Source: 10.1.0.0/16 Why? Subnet2, which hosts App1, uses the IP address space 10.1.0.0/16. This ensures only App1’s subnet can initiate the connection. Using the subnet CIDR is better than using a broad range or Application Security Group (ASG2) because ASG2 is for SQL servers, not App1. Destination: ASG2 Why? ASG2 already groups SQL1 and SQL2 (the required SQL servers). This way, you don’t have to individually reference each server, and if new SQL servers are added to ASG2 in the future, they are automatically included. Final Answer: Source: 10.1.0.0/16 Destination: ASG2
upvoted 1 times
...
windowsmodulesinstallerworker
2 months, 3 weeks ago
answer is correct
upvoted 1 times
...
OhMyDandy
6 months ago
Source: 10.1.0.0/24 Reason: The virtual machines hosting App1 are in Subnet2, which is part of the 10.1.0.0/24 subnet. Using Subnet2’s IP range (10.1.0.0/24) as the source ensures only these VMs can connect to SQL1 and SQL2. Destination: ASG1 Reason: ASG1 contains SQL1 and SQL2. Using ASG1 as the destination ensures only these SQL servers receive traffic, avoiding unnecessary exposure.
upvoted 4 times
windowsmodulesinstallerworker
2 months, 3 weeks ago
subnet2 range is 10.1.0.0/16
upvoted 1 times
...
4d1c008
5 months ago
Did you mean 10.1.0.0/16? 10.1.0.0/24 is not an option.
upvoted 1 times
PL5423232909
4 months, 3 weeks ago
It must be a 10.1.0.0/16
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel