ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 4 question 2 discussion

Actual exam question from Microsoft's SC-100
Question #: 2
Topic #: 4
[All SC-100 Questions]

Your company plans to provision blob storage by using an Azure Storage account. The blob storage will be accessible from 20 application servers on the internet.
You need to recommend a solution to ensure that only the application servers can access the storage account.
What should you recommend using to secure the blob storage?

  • A. managed rule sets in Azure Web Application Firewall (WAF) policies
  • B. inbound rules in network security groups (NSGs)
  • C. firewall rules for the storage account
  • D. inbound rules in Azure Firewall
  • E. service tags in network security groups (NSGs)
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by PlumpyTumbler at Sept. 2, 2022, 4:12 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
sherifhamed
Highly Voted 8 months, 3 weeks ago
Selected Answer: C
To ensure that only the application servers can access the storage account, you should recommend: C. Firewall rules for the storage account Azure Blob Storage supports setting up firewall rules directly on the storage account. You can specify the IP addresses or ranges of your application servers to allow access while denying all other incoming traffic. This provides fine-grained control over who can access the storage account.
upvoted 5 times
...
smanzana
Most Recent 7 months, 3 weeks ago
C is ok
upvoted 1 times
...
WRITER00347
9 months, 4 weeks ago
C. firewall rules for the storage account You can configure the Azure Storage account firewall to allow traffic only from specific IP addresses or ranges, ensuring that only the designated application servers can access the blob storage.
upvoted 2 times
...
zellck
1 year ago
Selected Answer: C
C is the answer. https://learn.microsoft.com/en-us/azure/storage/common/storage-network-security?tabs=azure-portal Turning on firewall rules for your storage account blocks incoming requests for data by default, unless the requests originate from a service that operates within an Azure virtual network or from allowed public IP addresses. Requests that are blocked include those from other Azure services, from the Azure portal, and from logging and metrics services.
upvoted 1 times
...
SelloLed
1 year, 7 months ago
Selected Answer: C
answer is; C https://learn.microsoft.com/en-us/azure/storage/common/storage-network-security?tabs=azure-portal
upvoted 4 times
...
JakeCallham
1 year, 7 months ago
Selected Answer: C
I would go for C because the other options are eliminated. It doesnt mention seperate firewall
upvoted 3 times
...
PlumpyTumbler
1 year, 9 months ago
Selected Answer: C
https://docs.microsoft.com/en-us/azure/storage/common/configure-network-routing-preference?tabs=azure-portal#configure-the-routing-preference-for-the-default-public-endpoint
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel