Exam: AZ-900: Microsoft Azure Fundamentals 0 Likes
The company compliance policy states that a server named FinServer... (AZ-900)
Your company plans to move several servers to Azure. The company compliance policy states that a server named FinServer must be on a separate network segment.
You are evaluating which Azure services can be used to meet the compliance policy requirements.
Which Azure solution should you recommend?
A) A resource group for FinServer and another resource group for all the other servers.
B) A virtual network for FinServer and another virtual network for all the other servers.
C) A VPN for FinServer and a virtual network gateway for another server.
D) One resource group for all the servers and a resource lock for FinServer.
Solution
Correct answer: B) A virtual network for FinServer and another virtual network for all the other servers.
To meet the compliance policy requirement of having FinServer on a separate network segment, you should recommend creating a separate virtual network (VNet) for FinServer and another VNet for all the other servers. This will ensure that FinServer is isolated from the other servers and meets the compliance policy requirement.
Resource groups (A) are used to group related resources together for management and billing purposes, but they do not provide network isolation.
A VPN (C) is used to establish a secure connection between on-premises infrastructure and Azure, or between Azure VNets. It's not relevant to this scenario.
A resource lock (D) is used to prevent accidental deletion or modification of a resource, but it does not provide network isolation.
By creating separate VNets, you can ensure that FinServer is on a separate network segment, meeting the compliance policy requirement.
Category: Azure architecture and services