Microsoft Exam AZ-104 Topic 2 Question 116 Discussion

Actual exam question for Microsoft's AZ-104 exam

Question #: 116
Topic #: 2

You have an Azure subscription that contains 10 virtual machines, a key vault named Vault 1, and a network security group (NSG) named NSG1. All the resources are deployed to the East US Azure region.

The virtual machines are protected by using NSG1. NSG1 is configured to block all outbound traffic to the internet.

You need to ensure that the virtual machines can access Vault1. The solution must use the principle of least privilege and minimize administrative effort.

What should you configure as the destination of the outbound security rule for NSG1?

Aa service tag

Ban application security group

Can IP address range

Show Suggested Answer

Suggested Answer: A

by Allene at Mar 08, 2025, 08:12 AM

Limited Time Offer

25%

Off

Get Premium AZ-104 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Leonardo

24 hours ago

I agree with Almeta, using an IP address range would be the most secure option.

upvoted 0 times

...

Ashley

3 days ago

A service tag is the way to go here. It's the most efficient and least complex option that still meets the requirements.

upvoted 0 times

...

Almeta

6 days ago

I think we should configure an IP address range as the destination.

upvoted 0 times

...