ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-103 All Questions

View all questions & answers for the AZ-103 exam
Go to Exam

Exam AZ-103 topic 2 question 11 discussion

Actual exam question from Microsoft's AZ-103
Question #: 11
Topic #: 2
[All AZ-103 Questions]

HOTSPOT -
You have several Azure virtual machines on a virtual network named VNet1.
You configure an Azure Storage account as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1: always -
Endpoint status is enabled.

Box 2: Never -
After you configure firewall and virtual network settings for your storage account, select Allow trusted Microsoft services to access this storage account as an exception to enable Azure Backup service to access the network restricted storage account.

Reference:
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-windows https://azure.microsoft.com/en-us/blog/azure-backup-now-supports-storage-accounts-secured-with-azure-storage-firewalls-and-virtual-networks/
by certificatores at March 22, 2020, 10:58 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
certificatores
Highly Voted 5 years, 3 months ago
10.2.9.0 network endpoint is not enabled according to given diagram. 10.2.9.0 is under 1st subnet 10.2.0.0/16 and its endpoint is not enabled. 10.2.0.0/24 production subnet's endpoint is enabled but it does not include 10.2.9.0
upvoted 51 times
GSH
5 years, 2 months ago
uh, I'm not sure what you are doing, but there are 24 bits in the host address, meaning you are flat wrong... 24 bits takes up all of the last 3 addresses. Therefore, the endpoint is ACTIVE, and the answer is Always and Never. The 16 bit address means 10.2.x.y are all on the same network too. You need serious subnetting help.
upvoted 6 times
Monkeybizzz
5 years, 2 months ago
Hey man ya you need to calm down just a little your calling this dude out saying he needs subnetting help but what you said is actually incorrect. 10.2.0.0/24 means that only the last octet is available for subnetting. The range would be 10.2.0.0-10.2.0.255
upvoted 3 times
...
GC2020
5 years, 1 month ago
10.2.0.0/24 and 10.2.9.0/24 are two subnets and endpoint is enabled for only one subnet hence it won't allow the communication, I tested with same setting. All are trying to learn here so you may check subnetting again.
upvoted 1 times
...
hstorm
4 years, 10 months ago
GSH - That is probably the most wrong answer I have ever seen, kind of funny that you tell somebody else that he seriously need subnetting help. Just to clarify... Certificatores does not need help, and his comment is completely correct.
upvoted 3 times
...
Load full discussion...
...
Sitender
5 years, 1 month ago
as per me 10.2.0.0/16 is not a subnet, it's vnet. and all vnet default range is /16.
upvoted 1 times
...
DA0410
4 years, 11 months ago
Vnet 1 - address range 10.2.0.0/16 means mask 255.255.0.0 node range from 10.2.0.0 - 10.2.255.255 usable ip 10.2.0.1 - 10.2.255.254 total hosts -65534 Under Vne1 subnet 10.2.0.0/24 has - Subnet address 10.2.0.0/24 Netmask Range of addresses - 255.255.255.0 Useable IPs - 10.2.0.0 - 10.2.0.255 Hosts-10.2.0.1 - 10.2.0.254 =254 virtua vm on 10.2.9.0 i.e node range from 10.2.0.0 - 10.2.255.255 Correct - 10.2.9.0 network endpoint is not enabled according to given diagram. Correct - 10.2.9.0 is under 1st subnet 10.2.0.0/16 and its endpoint is not enabled. 10.2.0.0/24 production subnet's endpoint is enabled but it does not include 10.2.9.0 Cetificatores - Correct/.
upvoted 4 times
...
...
kumiter
Highly Voted 5 years, 3 months ago
Answer must be Never-Never. Is it correct?
upvoted 23 times
certificatores
5 years, 3 months ago
some comments say, there is a typo in this question. original one has different IP address, so it may be always-never then
upvoted 2 times
...
...
mulan04
Most Recent 4 years, 4 months ago
Never - Never I tested the 1st scenario in my lab
upvoted 1 times
...
wendysgp
4 years, 6 months ago
By default, Azure allows communicate between subnets in a same VNet. So 1st one is always?
upvoted 1 times
...
oooMooo
4 years, 7 months ago
Correct answer is Never and Never. Endpoint Status must be enabled for the address range to have access. 10.2.9.0/24 is not part of 10.2.0.0/24. Thus does not have access. Google: Azure "Endpoint Status" and see all the permission issues people are facing when Endpoint Status is not enabled.
upvoted 2 times
...
arshadnazir
4 years, 8 months ago
Never , Never
upvoted 3 times
...
Thi
4 years, 8 months ago
Never,Never
upvoted 3 times
...
nrtn
4 years, 9 months ago
As per the question it says 10.2.0.0/16 which consist 10.2.9.0 so GSH is right. but if question would be 10.2.0.0/24 than gsh would be wrong . so in short for this question answer is correct and GSH is right. but guys, we all are learning new at some point. so we have to cooperate and polite with each others. link http://jodies.de/ipcalc?host=10.2.0.0&mask1=16&mask2= is any one has still doubt. thanks
upvoted 1 times
sjccde
4 years, 9 months ago
Yes: 10.2.0.0/16 contains 10.2.9.0... !BUT! 10.2.0.0/16 is NOT ENABLED. So answer to Q1 is "Never". Most people don't see that OR didn't read carefully enough "10.2.9.0/24" (..Nine.Zero) and "10.2.0.0/24" (...Zero.Zero).
upvoted 2 times
...
...
robert5874
4 years, 11 months ago
Just tried this myself and you get a big warning in the portal that you need to enable another endpoint. So its never, never.
upvoted 2 times
...
dreamweaver
4 years, 12 months ago
This is really easy. It is Never Never. The line above that is a VNET and when adding a network selection of the subnet is required. In the picture there is only one subnet selected. There may be a 10.2.9.0/24 subnet but it is NOT selected.
upvoted 1 times
...
JimD79
5 years ago
The answer is Never and Never, no doubt about it, anyone who thinks different, test it yourself, you'll see. No-one is arguing that 10.2.9.0/24 doesn't or can't exist, it can, it can exist in the address space on the vnet, however, it is NOT an enabled endpoint, meaning from the diagram, the only SUBNET that can access at the minute is 10.2.0.0/24 which is addresses from 10.2.0.1 - 10.2.0.254 (usable). People are not reading the question properly, the whole VNET is not enabled, otherwise that address could access, only
upvoted 7 times
praveen97
5 years ago
Agree with JimD79. Only 10.2.0.0/24 subnet has endpoint enabled. And this subnet has an IP range from 10.2.0.0 - 10.2.0.255 which will not cover the IP Address:10.2.9.0/24 (10.2.9.0 - 10.2.9.255) specified in the question. So the answer for the first question is 'Never' Second question answer is also 'Never' since the checkbox for 'Allow trusted Microsoft services to access this storage account' is not enabled.
upvoted 3 times
...
...
BiggusJiggus
5 years ago
TYPO alert - It should state 10.2.0.0/24 for the first question as there is no 10.2.9.0/24 subnet.
upvoted 2 times
...
it115
5 years ago
Address Range of VNET1: 10.2.0.0 /16 Usable Ip: 10.2.0.1 - 10.2.255.254 Total hosts: 65534 The address 10.2.9.0 falls within the usable ip range. Hence connection is maintained ALWAYS.
upvoted 1 times
anon1234
5 years ago
But theres no endpoint enabled on the 10.2.0.0/16 subnet only on the 10.2.0.0/24. Say anwser would be no... ??
upvoted 2 times
...
...
ak1234
5 years, 1 month ago
10.2.9.0/24 is just subset of 10.2.0.0/16. 10.2.9.0/24-32 all falls within 10.2.0.0/16. so answer is correct.
upvoted 1 times
...
Sitender
5 years, 1 month ago
Both answer should be 'never'
upvoted 3 times
...
Sitender
5 years, 1 month ago
firewall access/restriction is allowed at subnet level and not at vnet level. so 1st box answer should be 'never' because there is no subnet 10.2.9.0/24 allowed access. Only 254 IP from 10.2.0.1 to 10.2.0.254 can access.
upvoted 1 times
...
GC2020
5 years, 1 month ago
Looks it's typo 10.2.9.0 in place of 10.2.0.9/24 if not then answer is wrong as with 10.2.9.0 it won't allow storage account access hence correct answer is Never and Never
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel