Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft Exam AZ-104 Topic 4 Question 112 Discussion

Actual exam question for Microsoft's AZ-104 exam
Question #: 112
Topic #: 4
[All AZ-104 Questions]

You have an Azure subscription that contains 10 virtual machines, a key vault named Vault 1, and a network security group (NSG) named NSG1. All the resources are deployed to the East US Azure region.

The virtual machines are protected by using NSG1. NSG1 is configured to block all outbound traffic to the internet.

You need to ensure that the virtual machines can access Vault1. The solution must use the principle of least privilege and minimize administrative effort.

What should you configure as the destination of the outbound security rule for NSG1?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Temeka at Dec 05, 2024, 03:48 PM

Limited Time Offer

25%

Off

Get Premium AZ-104 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ahmed
27 days ago
Guys, let's not overthink this. Just use a service tag and call it a day. It's the 'principle of least privilege', not the 'principle of maximum confusion'.
upvoted 0 times
Carey
8 days ago
Exactly, using a service tag will allow access to Vault1 while still following the principle of least privilege.
upvoted 0 times
...
Antonio
13 days ago
A) a service tag
upvoted 0 times
...
...
Wilda
1 months ago
A service tag? Sounds like something out of a sci-fi novel. I'm sticking with good old IP addresses.
upvoted 0 times
Virgie
1 days ago
B) an application security group
upvoted 0 times
...
Wai
3 days ago
A) a service tag
upvoted 0 times
...
...
Sheron
1 months ago
C looks good to me. Just specify the IP range and you're all set. Easy peasy.
upvoted 0 times
...
Loren
1 months ago
I'm going with B. Application security groups are the new hotness for this kind of thing.
upvoted 0 times
Gerald
1 months ago
B) an application security group
upvoted 0 times
...
...
Donte
2 months ago
That's a good point, Clay. Using a service tag could indeed be a more efficient solution.
upvoted 0 times
...
Clay
2 months ago
But wouldn't using a service tag be more secure and easier to manage in the long run?
upvoted 0 times
...
Luisa
2 months ago
A service tag is the way to go. Keeps things simple and secure.
upvoted 0 times
Rosita
1 months ago
Definitely, using a service tag is the best option in this scenario.
upvoted 0 times
...
Mona
1 months ago
A) a service tag
upvoted 0 times
...
...
Timothy
2 months ago
I agree with Donte. Configuring an IP address range would be the best option to allow access to Vault1.
upvoted 0 times
...
Donte
2 months ago
I think we should configure an IP address range as the destination.
upvoted 0 times
...

Save Cancel