ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-741 All Questions

View all questions & answers for the 70-741 exam
Go to Exam

Exam 70-741 topic 2 question 21 discussion

Actual exam question from Microsoft's 70-741
Question #: 21
Topic #: 2
[All 70-741 Questions]

You implement Software Defined Networking (SDN) by using the Network Controller server role.
You have a virtual network named VNET1 that contains servers used by developers.
You need to ensure that only devices from the 192.168.0.0/24 subnet can access the virtual machine in VNET1.
What should you configure?

  • A. a network security group (NSG)
  • B. role-based access control
  • C. a universal security group
  • D. Dynamic Access Control
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
References:
https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-restrict-network-access-to-resources
by weng at Oct. 6, 2019, 10:04 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
weng
Highly Voted 5 years, 8 months ago
Answer is correct!
upvoted 7 times
...
panda
Most Recent 4 years, 5 months ago
I think A is correct. NPS is used for virtual network.
upvoted 1 times
...
CodeMonkey2
4 years, 6 months ago
From the reference given in the answer: "By default, all virtual machine instances in a subnet can communicate with all resources. You can limit communication to and from all resources in a subnet by creating a network security group, and associating it to the subnet"
upvoted 1 times
...
gonchi_87
4 years, 7 months ago
Answer is Correct.
upvoted 2 times
...
bigdraws
5 years, 2 months ago
network security groups seemed to be aimed at Azure based , i'm leaning towards D
upvoted 2 times
Robbie
4 years, 9 months ago
You are right, I'm going with D as well...
upvoted 1 times
Robbie
4 years, 9 months ago
correction, A is the correct answer. SDN uses a cloud-based type of architecture for its operation. It virtualises almost everything, which make Azure a resource.
upvoted 3 times
...
...
...
darkknight
5 years, 2 months ago
Answer is D Exact same question from Sybex book
upvoted 2 times
[Removed]
5 years, 1 month ago
When looking at the docs for Dynamic Access Control it appears to be form of data security which uses your Domain information to determine if you have access to data. This would invalidate answer D as this is subnet based access on a lower lever. Source: https://docs.microsoft.com/en-us/windows-server/identity/solution-guides/dynamic-access-control--scenario-overview
upvoted 3 times
Robbie
4 years, 9 months ago
Dynamic access control is used to manage and apply access and auditing to domain-based file servers...while Network security group contains rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources,...This basically invalidates answer A. I am going with D
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel