ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 12 question 2 discussion

Actual exam question from Microsoft's AZ-500
Question #: 2
Topic #: 12
[All AZ-500 Questions]

You need to ensure that users can access VM0. The solution must meet the platform protection requirements.
What should you do?

  • A. Move VM0 to Subnet1.
  • B. On Firewall, configure a network traffic filtering rule.
  • C. Assign RT1 to AzureFirewallSubnet.
  • D. On Firewall, configure a DNAT rule.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by dadageer at March 13, 2021, 12:08 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
dadageer
Highly Voted 3 years, 7 months ago
Not sure if this question is still valid as it is no longer an issues with JIT/FW: https://azure.microsoft.com/en-us/updates/just-in-time-access-now-supports-azure-firewall/
upvoted 16 times
dadageer
3 years, 7 months ago
it use to be a manual creation of DNAT rule but now JIT will create it for you!
upvoted 5 times
kakakayayaya
3 years, 2 months ago
The main problem was asymmetric traffic, so DNAT would not had helped.
upvoted 5 times
...
...
...
Fitama
Highly Voted 3 years, 3 months ago
So what is the correct one? I think that it is the B. Why VM0 it has to be change to Subnet1? I don´t understand. Thanks
upvoted 10 times
rawrkadia
3 years, 2 months ago
For anyone who couldn't infer from the other answers: JIT and FW used to have an incompatibility. The provided info indicates subnet0 has a user defined route to the FW , meaning JIT wouldn't have worked out of the box. Subnet1 did not have a route to the FW, which would have allowed JIT to work.
upvoted 43 times
Paul_white
1 year, 6 months ago
Thanks for clarifying it @rawrkadia making given answer A the correct answer :)
upvoted 1 times
...
w00t
3 years, 2 months ago
Dude, thank you.
upvoted 9 times
...
...
...
Strive_for_greatness_kc
Most Recent 9 months, 2 weeks ago
This question seems to not be relevant, as JIT works now with FW. The answer was A because JIT use to not work with FW
upvoted 1 times
...
alfaAzure
1 year, 1 month ago
Selected Answer: A
Correct answer: A. Move VM0 to Subnet1. Explanations from examtopics are correct. -c12
upvoted 1 times
...
c12
1 year, 4 months ago
Correct answer: A. Move VM0 to Subnet1. Explanations from examtopics are correct.
upvoted 2 times
...
majstor86
1 year, 8 months ago
Selected Answer: A
A. Move VM0 to Subnet1.
upvoted 3 times
...
Jovon
1 year, 12 months ago
LOL so the answer is A?
upvoted 1 times
...
jayek
2 years, 3 months ago
https://docs.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage?tabs=jit-config-asc%2Cjit-request-asc https://docs.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-overview?tabs=defender-for-container-arch-aks
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago