Microsoft
AZ-101 · Question #23
AZ-101 Question #23: Real Exam Question with Answer & Explanation
Sign in or unlock AZ-101 to reveal the answer and full explanation for question #23. The question stem and answer options stay visible for context.
Question
You have an Azure virtual network named VNet1 that contains a subnet named Subnet1. Subnet1 contains three Azure virtual machines. Each virtual machine has a public IP address. The virtual machines host several applications that are accessible over port 443 to user on the Internet. Your on-premises network has a site-to-site VPN connection to VNet1. You discover that the virtual machines can be accessed by using the Remote Desktop Protocol (RDP) from the Internet and from the on-premises network. You need to prevent RDP access to the virtual machines from the Internet, unless the RDP connection is established from the on-premises network. The solution must ensure that all the applications can still be accessed by the Internet users. What should you do?
Options
- AModify the address space of the local network gateway.
- BRemove the public IP addresses from the virtual machines.
- CModify the address space of Subnet1.
- DCreate a deny rule in a network security group (NSG) that is linked to Subnet1.
Unlock AZ-101 to see the answer
You've previewed enough free AZ-101 questions. Unlock AZ-101 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.