Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam AZ-700 Topic 8 Question 54 Discussion

Actual exam question for Microsoft's AZ-700 exam
Question #: 54
Topic #: 8
[All AZ-700 Questions]

You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains a subnet named Subnet1

You deploy an instance of Azure Application Gateway v2 named AppGw1 to Subnet1. You create a network security group (NSG) named NSG1 and link NSG1 to Subnet1.

You need to ensure that AppGw1 will only load balance traffic that originates from VNet1. The solution must minimize the impact on the functionality of AppGw1.

What should you add to NSG1?

Show Suggested Answer Hide Answer
Suggested Answer: C

Contribute your Thoughts:

Claribel
6 months ago
That makes sense. It ensures AppGw1 only load balances traffic from VNet1.
upvoted 0 times
...
Kris
7 months ago
I believe we should use a priority of 4096 to block all internet traffic.
upvoted 0 times
...
Marguerita
7 months ago
I agree. But which priority should we use?
upvoted 0 times
...
Rene
7 months ago
I think we should add an inbound rule to NSG1.
upvoted 0 times
...
Buddy
8 months ago
You guys are overthinking this. The answer is clearly B - an outbound rule with a priority of 4096 to block all internet traffic. That way, any outbound traffic from the application gateway is restricted to just the VNet1 subnet. Easy peasy!
upvoted 0 times
...
Arthur
8 months ago
Hmm, I'm not sure about option C. Wouldn't that also block any legitimate traffic trying to access the application gateway from outside VNet1? I'm thinking option D might be the better choice - an inbound rule with a priority of 100 to block all internet traffic. That way, we're still allowing traffic from VNet1 to access the gateway.
upvoted 0 times
...
Allene
8 months ago
I agree, an outbound rule blocking all internet traffic would be overkill. We need a more targeted approach. I'm leaning towards option C - an inbound rule with a priority of 4096 to block all internet traffic. That way, we're specifically targeting the inbound traffic to the subnet, which aligns with the requirement.
upvoted 0 times
...
Ria
8 months ago
This is a tricky question. We need to ensure that AppGw1 can only load balance traffic from VNet1, but we don't want to disrupt the overall functionality of AppGw1. Adding an outbound rule to block all internet traffic seems too restrictive.
upvoted 0 times
Eladia
7 months ago
Got it, so option C) is the optimal choice to restrict traffic to VNet1 only.
upvoted 0 times
...
Nickie
7 months ago
Yes, it will only block internet traffic, not traffic originating from VNet1.
upvoted 0 times
...
Queenie
7 months ago
But won't blocking all internet traffic impact the functionality of the AppGw1?
upvoted 0 times
...
Ashley
7 months ago
That makes sense. Option C) with priority 4096 seems like the safer choice.
upvoted 0 times
...
Bernardo
7 months ago
Because if we use priority 100, it may affect other rules and impact functionality.
upvoted 0 times
...
Lisandra
7 months ago
Why not option D) an inbound rule with priority 100 to block internet traffic?
upvoted 0 times
...
Hyun
8 months ago
C) an inbound rule that has a priority of 4096 and blocks all internet traffic
upvoted 0 times
...
...

Save Cancel