If you configure network rules and application rules, then network rules are applied in priority order before application rules.
NAT rules are applied in priority before network rules.
I would go with NAT.
https://docs.microsoft.com/en-us/azure/firewall/rule-processing
The following might be helpful:
"Azure Virtual Network NAT is a network address translation service running in Azure. With Azure Virtual Network NAT, you can provide secure outbound connectivity to virtual instances in a private subnet so they can connect outside your virtual network."
Inbound traffic refers to information coming-in to a network.
The question is about incoming traffic.
https://docs.microsoft.com/en-us/azure/firewall/tutorial-firewall-dnat-policy
Answer is NAT. NAT takes priority before network rules for inbound traffic: https://docs.microsoft.com/en-us/azure/firewall/rule-processing#dnat-rules-and-network-rules
there are two connectivity: inbound and outbound. DNAT is for filtering inbound traffic and not internet access(outbound). So I would go for Network rule.
Network Address Translation (NAT) rules that define destination IP addresses and ports to translate inbound requests. Question is access from Internet to a az resource(VM) sounds like an outbound request. I agree with Network rules
I agree. I think it is Network Rules. NAT is to keep connection internally or to have a private network connect to internet but does not allow internal connection from the internet. NAT makes no sense here. NAT is supposed to protect internal networks from outside connections (internet).
Inbound traffic refers to information coming-in to a network.
The question is about incoming traffic.
https://docs.microsoft.com/en-us/azure/firewall/tutorial-firewall-dnat-policy
I guess answer is correct. This is from website you have pasted link into"Inbound Internet connectivity can be enabled by configuring Destination Network Address Translation (DNAT) as described in Tutorial: Filter inbound traffic with Azure Firewall DNAT using the Azure portal. NAT rules are applied in priority before network rules"
It is answer from 194.
Perimeter
- Use distributed denial of service (DDoS) protection to filter large-scale attacks before they can cause a denial of service for end users.
- Use perimeter firewalls to identify and alert on malicious attacks against your network.
But it doesnt match with this. According to this answer, it should be Perimeter Layer
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.AZ-900 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Georgess
Highly Voted 3 years, 6 months agoJason71
Highly Voted 3 years, 6 months agoNoursBear
Most Recent 9 months, 2 weeks agovarinder82
11 months, 3 weeks agoazirila
2 years, 4 months agoTonyghostR05
2 years, 7 months agoEleftheriia
3 years, 4 months agomufflon
3 years, 4 months agoAjaykrish
3 years, 5 months agokruize99
3 years, 5 months agoMasoudK
3 years, 6 months agoMasoudK
3 years, 6 months ago[Removed]
3 years, 1 month agomufflon
3 years, 4 months agoTTAKU
3 years, 7 months agoGorilla5
3 years, 7 months agoMev4953
3 years, 7 months ago