ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam DP-300 All Questions

View all questions & answers for the DP-300 exam
Go to Exam

Exam DP-300 topic 2 question 2 discussion

Actual exam question from Microsoft's DP-300
Question #: 2
Topic #: 2
[All DP-300 Questions]

You have an Azure virtual machine named VM1 on a virtual network named VNet1. Outbound traffic from VM1 to the internet is blocked.
You have an Azure SQL database named SqlDb1 on a logical server named SqlSrv1.
You need to implement connectivity between VM1 and SqlDb1 to meet the following requirements:
✑ Ensure that all traffic to the public endpoint of SqlSrv1 is blocked.
✑ Minimize the possibility of VM1 exfiltrating data stored in SqlDb1.
What should you create on VNet1?

  • A. a VPN gateway
  • B. a service endpoint
  • C. a private link
  • D. an ExpressRoute gateway
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Phund at Jan. 10, 2021, 7:20 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Phund
Highly Voted 4 years, 6 months ago
corrected "With Service Endpoints, traffic still left you vNet and hit the public endpoint of the PaaS resource, with Private Link the PaaS resource sits within your vNet and gets a private IP on your vNet. When you send traffic to the PaaS resource, it does not leave the virtual network." https://samcogan.com/service-endpoints-and-private-link-whats-the-difference/#:~:text=The%20key%20difference%20between%20Private,resource%20into%20your%20virtual%20network.&text=Unlike%20Service%20Endpoints%2C%20Private%20Link,ExpressRoute%2C%20and%20from%20peered%20networks.
upvoted 19 times
...
jddc
Highly Voted 3 years, 8 months ago
Selected Answer: C
It is private link or private endpoint. C is correct.
upvoted 7 times
...
bingomutant
Most Recent 10 months, 1 week ago
Private Link fulfils all the requirements - not service endpoint - Service endpoints allow private communication between resources in a VNet and Azure services over Azure’s backbone network. However, they still rely on public endpoints, which conflicts with the requirement to block traffic to the public endpoint of SqlSrv1. Moreover, service endpoints are not as secure as private links since the IP address could still potentially be exposed.
upvoted 1 times
...
testdumps2017
1 year, 12 months ago
https://samcogan.com/service-endpoints-and-private-link-whats-the-difference/ - "Another key difference with Private Link is that when enabled, you are granting access to a specific PaaS resource in your virtual network. That means you can control egress to PaaS resources. For example, if you wanted to, you could use NSG’s to block access to all Azure SQL databases and then use Private Link to grant access only to your specific Azure SQL Server." so it is private link.
upvoted 2 times
...
New_Azure_User
3 years ago
Answer is C: A Private Link is mapped to an instance of a PaaS resource instead of the entire service. Consumers can only connect to the specific resource. Access to any other resource in the service is blocked.
upvoted 2 times
...
matongax
3 years, 9 months ago
it is Service Endpoint , the key word is "exfiltrating data" , you avoid that with a service endpoint
upvoted 5 times
yster
3 years, 5 months ago
A private Link can get this done.
upvoted 3 times
...
jm2015
1 year, 9 months ago
In contrary, with service endpoint you need extra steps to exfiltrate data. A private link has this out of the box.
upvoted 1 times
...
...
maxi1000
3 years, 10 months ago
100% sure B SERIVCE
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel