What should you do?

by

You manage an application that has a front-end tier, a middle tier, and a back-end tier. Each tier is located on a different subnet.You need to apply access to and between the tiers as follows:• Only the front-end tier must be able to access the Internet.• You must permit network access between the front-end tier and the middle tier.• You must permit network access between the middle tier and the back-end tier.You must prevent all other network traffic.You need to apply this configuration to all virtual machines inside the subnets.What should you do?A network security group (NSG) contains a list of security rules that allow or deny network traffic to resources connected to Azure Virtual Networks (VNet). NSGs can be associated to subnets, individual VMs (classic), or individual network interfaces (NIC) attached to VMs (Resource Manager). When an NSG is associated to a subnet, the rules apply to all resources connected to the subnet. Traffic can further be restricted by also associating an NSG to a VM or NIC.Incorrect Answers:D: An Availability Set is a logical grouping capability that you can use in Azure to ensure that the VM resources you place within it are isolated from each other when they are deployed within an Azure datacenter. Azure ensures that the VMs you place within an Availability Set run across multiple physical servers, compute racks, storage units, and network switches. If a hardware or Azure software failure occurs, only a subset of your VMs are impacted, and your overall application stays up and continues to be available to your customers. Availability Sets are an essential capability when you want to build reliable cloud solutions.References:https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-nsghttps://docs.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-availability-sets

Question:

What should you do?

Options:

Use a Network Security Group (NSG).

Add a VPN gateway.

Add a regional VNET.

Add an Availability Set.

Correct Answer

The Correct Answer for this Question is

Use a Network Security Group (NSG).

Leave a Comment