ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-304 All Questions

View all questions & answers for the AZ-304 exam
Go to Exam

Exam AZ-304 topic 2 question 67 discussion

Actual exam question from Microsoft's AZ-304
Question #: 67
Topic #: 2
[All AZ-304 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has deployed several virtual machines (VMs) on-premises and to Azure. Azure ExpressRoute has been deployed and configured for on-premises to Azure connectivity.
Several VMs are exhibiting network connectivity issues.
You need to analyze the network traffic to determine whether packets are being allowed or denied to the VMs.
Solution: Use the Azure Traffic Analytics solution in Azure Log Analytics to analyze the network traffic.
Does the solution meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by syu31svc at Oct. 6, 2021, 12:57 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
scottishstvao
Highly Voted 3 years, 6 months ago
Hey Guys, Let's discuss this one! I think the answer should be yes. Traffic Analytics is a cloud-based solution that provides visibility into user and application activity in cloud networks. Traffic analytics analyzes Network Watcher network security group (NSG) flow logs to provide insights into traffic flow in your Azure cloud. With traffic analytics, you can: Visualize network activity across your Azure subscriptions and identify hot spots. Identify security threats to, and secure your network, with information such as open-ports, applications attempting internet access, and virtual machines (VM) connecting to rogue networks. Understand traffic flow patterns across Azure regions and the internet to optimize your network deployment for performance and capacity. Pinpoint network misconfigurations leading to failed connections in your network. https://docs.microsoft.com/en-us/azure/network-watcher/traffic-analytics
upvoted 15 times
rdemontis
3 years, 5 months ago
Exactly. Traffic Analytics has a superset of services of which one is a network watcher. So the answer is yes, in fact you can use this solution as well. This solution can provide much more in terms of analysis of network traffic, but if you just want a simple solution to understand blocked traffic, you can use the IP flow verify tool
upvoted 4 times
...
Gluckos
3 years, 3 months ago
Azure traffic Analytics is only for cloud resources... It's possible to have others vm's on-premise.
upvoted 7 times
catfood
2 years, 8 months ago
typical microsoft question that has ambiguity - is it the on prem or the azure VMs that are having the problem. Does anyone actually sanity check these questions at MS ?
upvoted 1 times
...
...
...
sharepoint_Azure_pp
Highly Voted 3 years, 6 months ago
It was a part of 2nd set of 3 Y/N question Azure network watcher is correct choose the same cleared with 900 on 17th October 2021
upvoted 11 times
...
DevIsLife
Most Recent 2 years, 8 months ago
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview "IP flow verify checks if a packet is allowed or denied to or from a virtual machine."
upvoted 2 times
...
AubinBakana
2 years, 8 months ago
Selected Answer: A
Traffic analytics do use NSG Flow Logs from Azure Traffic Manager. The answer should Yes. Here's a direct quote from Msft: "Traffic analytics is a cloud-based solution that provides visibility into user and application activity in your cloud networks. Specifically, traffic analytics analyzes Azure Network Watcher network security group (NSG) flow logs to provide insights into traffic flow in your Azure cloud." https://docs.microsoft.com/en-us/azure/network-watcher/traffic-analytics
upvoted 1 times
...
AubinBakana
2 years, 8 months ago
Selected Answer: B
Analyse pack, sound like packet capture, doesn't it? you can't do packet capture with Traffic Analytics.
upvoted 2 times
AubinBakana
2 years, 8 months ago
Please ignore this answer. Traffic Analytics should at least help answer some question, it dose analyse NSG Flow Logs from Network Watcher.
upvoted 2 times
...
...
Indigoproftrader
2 years, 10 months ago
FAQ for Traffic Analytics says it can check which ports are reachable between 2 IPs. So it can check if traffic gets through on the TCP layer 4 level. I would say it's "yes" https://docs.microsoft.com/en-us/azure/network-watcher/traffic-analytics-faq#how-do-i-check-which-ports-are-reachable--or-blocked--between-ip-pairs-with-nsg-rules-
upvoted 1 times
...
OCHT
2 years, 11 months ago
Selected Answer: A
Should be A. AZ Net Watcher undertakes the analysis of IP flow.
upvoted 1 times
...
mr_sandy
3 years, 1 month ago
Selected Answer: B
No. Traffic Analytics now supports collecting NSG Flow Logs data at a higher frequency of 10 mins. Traffic analytics uses point in time snapshots, it does not allow you to determine the success / failure of individual packets. For individual packet level analysis Network Watcher IP flow is required.
upvoted 2 times
...
jmay
3 years, 3 months ago
Selected Answer: A
"With traffic analytics, you can: ... • Understand traffic flow patterns across Azure regions and the internet to optimize your network deployment for performance and capacity. • Pinpoint network misconfigurations leading to failed connections in your network. " https://docs.microsoft.com/en-us/azure/network-watcher/traffic-analytics
upvoted 1 times
...
[Removed]
3 years, 3 months ago
Selected Answer: A
Answer should be Yes. Network Analytics can be useful here to inspect the data traffic
upvoted 2 times
...
tomatosis
3 years, 4 months ago
For series of questions as such, my trainer told me that there is only 1 correct answer for it. Let's say we confirm network watcher is the correct one, the rest must be wrong. I know my explanation is not from technical point of view, but our goal is to pass the exam.
upvoted 7 times
sapien45
2 years, 11 months ago
Wrong. I have no interest in passing the exam. I am only interested in getting proficient on Azure Security
upvoted 1 times
...
AubinBakana
2 years, 8 months ago
You trainer told you wrong. There may be no good answer or multiple good answers.
upvoted 2 times
...
...
examineezer
3 years, 4 months ago
These questions are completely independent of other questions. Read it like this - can you use the Azure Traffic Analytics solution in Azure Log Analytics to analyze the network traffic, including the determination of whether packets are being allowed or denied to the VMs? I think the answer is Yes. https://docs.microsoft.com/en-us/azure/network-watcher/traffic-analytics
upvoted 3 times
...
examineezer
3 years, 5 months ago
So many of these types have questions have people commenting "no its not this answer - because its XXXX". Read carefully the question: "Some question sets might have more than one correct solution, while others might not have a correct solution."
upvoted 7 times
...
student22
3 years, 6 months ago
No ---
upvoted 1 times
...
tteesstt
3 years, 6 months ago
Not 100% on this one but I'd go for a Yes.
upvoted 2 times
...
syu31svc
3 years, 6 months ago
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overview IP flow verify checks if a packet is allowed or denied to or from a virtual machine. Answer is No
upvoted 2 times
scottishstvao
3 years, 6 months ago
The question only mentions Traffic Analytics. Not the network watcher IP flow, so we should check what it can do. This kind of question can have more than one answer.
upvoted 4 times
mike933
3 years, 6 months ago
Phrasing is so specific that it rather refers to netowrk watcher, even though Traffic Analytics would be also fine, for example to verify if access isn't blocked by rules set in network security groups.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago