Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
You need to identify which storage account to use for the flow logging of IP traffic from VM5. The solution must meet the retention requirements. Which storage account should you identify?
Suggested Answer:C🗳️
We use the BlobStorage account storage3 for retention. Storage lifecycle management offers a rule-based policy that you can use to transition blob data to the appropriate access tiers or to expire data at the end of the data lifecycle. Note: Enable flow logging for IP traffic from VM5 and retain the flow logs for a period of eight months. Reference: https://docs.microsoft.com/en-us/azure/storage/blobs/lifecycle-management-overview https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-overview
For at least two reasons, storage2 is the only candidate:
- Location: The storage account used must be in the same region as the NSG.
- Retention is available only if you use General Purpose v2 Storage accounts (GPv2).
Reference:
https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-overview
I agree that the answer is B. Documentation clearly states only General Purpose V2 Storage supports retention. It also states that the storage must be in the same location as the nsg. That much I get. But can someone explain to me how the NSG being in the same region as the storage applies to this question? I only see mention of 2 NSGs in the example and neither are applied to VNET 4 where VM 5 is. As far as I can tell, only the storage type is relevant to this question. I’m open to being wrong if someone can explain it. Thanks.
This scenario was my first set of questions yesterday 7th July 2023. Thanks to all the knowledgeable contributors and those to did lab tests to help confirm the right answers.
I successfully aced it with 896 score. Going for the 305 now.
I tried it in my lab. With storage account v2 retentiuon policy - no issues.
When tried with V2 then message comes up - "Retention is only available with v2 Storage accounts.Learn more about retention policy."
Answer B is correct
Blob Storage accounts in Azure do not support flow logging for 365 days. Flow logging for Blob Storage accounts has a retention period of 30 days. This means that the flow log data is retained for only 30 days before being automatically deleted.
If you need to retain flow log data for a longer period and that is what we need 8 months, you may consider using General Purpose v2 (GPv2) storage accounts instead, which support flow logging with a retention period of up to 365 days.
C is correct answer
Location: The storage account used must be in the same region as the network security group.
Performance tier: Currently, only standard-tier storage accounts are supported.
we dont need GPv2 account because it not supported yet
The correct answer is B. Storage2. Storage2 is a General Purpose v2 storage account, which supports the retention of logs for up to 365 days. Storage1 is a General Purpose v1 storage account, which supports the retention of logs for up to 30 days. Storage3 is a Blob storage account, which does not support flow logging. Storage4 is a File storage account, which does not support flow logging either.
Answer is B
Retention is available only if you use General purpose v2 Storage accounts (GPv2).
https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-overview#how-logging-works:~:text=Retention%20is%20available%20only%20if%20you%20use%20General%20purpose%20v2%20Storage%20accounts%20(GPv2).
Correct Answer is: B
"Retention is available only if you use General purpose v2 Storage accounts (GPv2)"
Reference: https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-overview#how-logging-works
"Retention is available only if you use General purpose v2 Storage accounts (GPv2)"
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-overview#how-logging-works
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
alirasouli
Highly Voted 1 year, 1 month agoPanapi
9 months, 2 weeks agoBobbyMc3030
6 months agomacinpune9
4 months, 2 weeks agoKoyegunle
Highly Voted 5 months agovroh
Most Recent 2 months, 2 weeks agooopspruu
3 months, 2 weeks agoprofesorklaus
3 months, 3 weeks agoJanal
4 months, 1 week agoPakawat
5 months, 1 week agoabdelmim
7 months, 1 week agokmsalman
7 months, 1 week agozzreflexzz
7 months, 2 weeks agoCyberKelev
9 months, 1 week agoSumanSaurabh
1 year agowolf13
1 year agoMev4953
1 year, 2 months agoEleChie
1 year, 2 months agolebowski
1 year, 3 months agonox2447
1 year, 3 months ago