ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-103 All Questions

View all questions & answers for the AZ-103 exam
Go to Exam

Exam AZ-103 topic 16 question 76 discussion

Actual exam question from Microsoft's AZ-103
Question #: 76
Topic #: 16
[All AZ-103 Questions]

You have an Azure virtual network named VNet1 that contains a subnet named Subnet1. Subnet1 contains three Azure virtual machines. Each virtual machine has a public IP address.
The virtual machines host several applications that are accessible over port 443 to user on the Internet.
Your on-premises network has a site-to-site VPN connection to VNet1.
You discover that virtual machines can be accessed by using the Remote Desktop Protocol (RDP) from the Internet and from the on-premises network.
You need to prevent RDP access to the virtual machines from the Internet, unless the RDP connection is established from the on-premises network. The solution must ensure that all the applications can still be accesses by the Internet users.
What should you do?

  • A. Create a deny rule in a network security group (NSG) that is linked to Subnet1.
  • B. Modify the address space of Subnet1.
  • C. Modify the address space of the local network gateway.
  • D. Remove the public IP addresses from the virtual machines.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
You can use a site-to-site VPN to connect your on-premises network to an Azure virtual network. Users on your on-premises network connect by using the RDP or
SSH protocol over the site-to-site VPN connection. You don't have to allow direct RDP or SSH access over the internet.
Reference:
https://docs.microsoft.com/en-us/azure/security/fundamentals/network-best-practices
by Hanuman at June 7, 2020, 8:29 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Hanuman
Highly Voted 5 years ago
correct
upvoted 11 times
...
Chinny
Highly Voted 4 years, 8 months ago
Goodluck in ur exams!
upvoted 8 times
jlmacho
4 years, 8 months ago
thanks my friend
upvoted 6 times
...
...
hiraz007
Most Recent 4 years, 6 months ago
The answer is D i presumed. Applications that are accessible over port 443 to user on the Internet, so you don't need public IP to connect to application. To prevent RDP access to the virtual machines from the Internet you can remove the public IP addresses from the virtual machines. This is a best practice as well. Dont need to expose RDP to internet.
upvoted 1 times
ChauPhan
4 years, 3 months ago
The solution must ensure that all the applications can still be accesses by the Internet users. What should you do?
upvoted 1 times
...
...
chand_
4 years, 11 months ago
A" is correct
upvoted 3 times
...
SumanCert
4 years, 12 months ago
Correct.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel