Exam: AZ-900: Microsoft Azure Fundamentals 0 Likes
You have an Azure environment that contains 10 virtual networks and 10 (AZ-900)
You have an Azure environment that contains 10 virtual networks and 100 virtual machines You need to limit the amount of inbound traffic to all the Azure virtual network.
What should you create?
A) One application security group (ASG).
B) 10 virtual network gateways.
C) 10 Azure ExpressRoute circuits.
D) One Azure firewall.
Solution
Correct answer: D) One Azure firewall.
Azure Firewall is a managed, cloud-based network security service that provides threat protection and filtering for inbound and outbound traffic to and from Azure virtual networks. By creating a single Azure firewall, you can centrally manage and limit inbound traffic to all 10 virtual networks and 100 virtual machines in your Azure environment.
Application security groups (ASGs) are used to group virtual machines and define network security policies, but they don't provide a centralized way to limit inbound traffic to all virtual networks.
Virtual network gateways are used for VPN connections and don't provide traffic filtering or limiting capabilities.
Azure ExpressRoute circuits are used for dedicated, high-bandwidth connections between Azure and on-premises infrastructure, and are not related to limiting inbound traffic to virtual networks.
Category: Azure architecture and services