ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam DP-300 All Questions

View all questions & answers for the DP-300 exam
Go to Exam

Exam DP-300 topic 2 question 18 discussion

Actual exam question from Microsoft's DP-300
Question #: 18
Topic #: 2
[All DP-300 Questions]

You have an Azure virtual machine named VM1 on a virtual network named VNet1. Outbound traffic from VM1 to the internet is blocked.
You have an Azure SQL database named SqlDb1 on a logical server named SqlSrv1.
You need to implement connectivity between VM1 and SqlDb1 to meet the following requirements:
✑ Ensure that VM1 cannot connect to any Azure SQL Server other than SqlSrv1.
✑ Restrict network connectivity to SqlSrv1.
What should you create on VNet1?

  • A. a VPN gateway
  • B. a service endpoint
  • C. a private endpoint
  • D. an ExpressRoute gateway
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
A private endpoint is a network interface that uses a private IP address from your virtual network. This network interface connects you privately and securely to a service powered by Azure Private Link. By enabling a private endpoint, you're bringing the service into your virtual network.
The service could be an Azure service such as:
✑ Azure Storage
✑ Azure Cosmos DB
✑ Azure SQL Database
✑ Your own service using a Private Link Service.
Reference:
https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-overview
by Jeembeem at March 28, 2021, 9:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Raffer
Highly Voted 3 years, 2 months ago
Service Endpoints are targeted at VNets/Subnets. Private Link is targeted at individual entities, in this scenario VM1 to SqlDb1. The question requires that VM1 only be able to connect to SqlDb1. There may be other SQL Databases on SqlSrv1. Answer must be Private Link.
upvoted 25 times
...
Jas_dandiwal
Highly Voted 3 years, 1 month ago
answer is correct. Azure Private Link allows you to access Azure PaaS service over Private IP address within the VNet. It gets a new private IP on your VNet. When you send traffic to PaaS resource, it will always ensure traffic stays within your VNet.
upvoted 7 times
...
igorclapa
Most Recent 9 months ago
Private Endpoints grant network access to specific resources behind a given service providing granular segmentation. Traffic can reach the service resource from on premises without using public endpoints. A Service Endpoint remains a publicly routable IP address. A Private Endpoint is a private IP in the address space of the virtual network where the private endpoint is configured.
upvoted 1 times
...
Jeembeem
3 years, 2 months ago
I think is "Service endpoint"
upvoted 1 times
jerkyflexoff
2 years, 7 months ago
I agree, The key difference between Private Link and Service Endpoints is that with Private Link you are injecting the multi-tenant PaaS resource into your virtual network. ... Unlike Service Endpoints, Private Link allows access from resources on your on-premises network through VPN or ExpressRoute, and from peered networks
upvoted 1 times
madab
2 years, 3 months ago
I think is the other way around: https://docs.microsoft.com/en-us/azure/private-link/private-link-faq#:~:text=Traffic%20can%20reach%20the%20service,the%20private%20endpoint%20is%20configured.
upvoted 2 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel