Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft Exam AZ-700 Topic 8 Question 54 Discussion

Actual exam question for Microsoft's AZ-700 exam
Question #: 54
Topic #: 8
[All AZ-700 Questions]

You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains a subnet named Subnet1

You deploy an instance of Azure Application Gateway v2 named AppGw1 to Subnet1. You create a network security group (NSG) named NSG1 and link NSG1 to Subnet1.

You need to ensure that AppGw1 will only load balance traffic that originates from VNet1. The solution must minimize the impact on the functionality of AppGw1.

What should you add to NSG1?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Kristofer at Mar 04, 2024, 03:31 AM

Limited Time Offer

25%

Off

Get Premium AZ-700 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Claribel
9 months ago
That makes sense. It ensures AppGw1 only load balances traffic from VNet1.
upvoted 0 times
...
Kris
10 months ago
I believe we should use a priority of 4096 to block all internet traffic.
upvoted 0 times
...
Marguerita
10 months ago
I agree. But which priority should we use?
upvoted 0 times
...
Rene
10 months ago
I think we should add an inbound rule to NSG1.
upvoted 0 times
...
Buddy
11 months ago
You guys are overthinking this. The answer is clearly B - an outbound rule with a priority of 4096 to block all internet traffic. That way, any outbound traffic from the application gateway is restricted to just the VNet1 subnet. Easy peasy!
upvoted 0 times
...
Arthur
11 months ago
Hmm, I'm not sure about option C. Wouldn't that also block any legitimate traffic trying to access the application gateway from outside VNet1? I'm thinking option D might be the better choice - an inbound rule with a priority of 100 to block all internet traffic. That way, we're still allowing traffic from VNet1 to access the gateway.
upvoted 0 times
...
Allene
11 months ago
I agree, an outbound rule blocking all internet traffic would be overkill. We need a more targeted approach. I'm leaning towards option C - an inbound rule with a priority of 4096 to block all internet traffic. That way, we're specifically targeting the inbound traffic to the subnet, which aligns with the requirement.
upvoted 0 times
...
Ria
11 months ago
This is a tricky question. We need to ensure that AppGw1 can only load balance traffic from VNet1, but we don't want to disrupt the overall functionality of AppGw1. Adding an outbound rule to block all internet traffic seems too restrictive.
upvoted 0 times
Eladia
10 months ago
Got it, so option C) is the optimal choice to restrict traffic to VNet1 only.
upvoted 0 times
...
Nickie
10 months ago
Yes, it will only block internet traffic, not traffic originating from VNet1.
upvoted 0 times
...
Queenie
10 months ago
But won't blocking all internet traffic impact the functionality of the AppGw1?
upvoted 0 times
...
Ashley
10 months ago
That makes sense. Option C) with priority 4096 seems like the safer choice.
upvoted 0 times
...
Bernardo
10 months ago
Because if we use priority 100, it may affect other rules and impact functionality.
upvoted 0 times
...
Lisandra
10 months ago
Why not option D) an inbound rule with priority 100 to block internet traffic?
upvoted 0 times
...
Hyun
10 months ago
C) an inbound rule that has a priority of 4096 and blocks all internet traffic
upvoted 0 times
...
...

Save Cancel