AZ-104 Question #55: Real Exam Question with Answer & Explanation

Question

Hotspot Question You have a virtual network named VNET1 that contains the subnets shown in the following table: You have two Azure virtual machines that have the network configurations shown in the following table: For NSG1, you create the inbound security rule shown in the following table: For NSG2, you create the inbound security rule shown in the following table: For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Answer:

Options

• AFrom the Internet, you can connect to VM1 by using Remote Desktop. (Yes)
• BFrom the Internet, you can connect to VM1 by using Remote Desktop. (No)
• CFrom the Internet, you can connect to VM2 by using Remote Desktop. (Yes)
• DFrom the Internet, you can connect to VM2 by using Remote Desktop. (No)
• EFrom VM1, you can connect to VM2 by using Remote Desktop. (Yes)
• FFrom VM1, you can connect to VM2 by using Remote Desktop. (No)

Explanation

The correct answers are B, C, and E. VM1 cannot be reached via RDP from the Internet (B is correct/Yes for 'No' answer) because NSG1's inbound rule blocks or does not permit RDP (port 3389) from the Internet - typically the rule denies internet traffic or the NSG is associated at the NIC level with a Deny rule. VM2 CAN be reached via RDP from the Internet (C) because NSG2 has an inbound rule explicitly allowing port 3389 from the Internet (source: Any or Internet, destination port: 3389, action: Allow). VM1 CAN connect to VM2 via RDP (E) because both VMs are within the same virtual network (VNET1), and intra-VNet traffic is allowed by default unless explicitly blocked; NSG2's allow rule for port 3389 permits this internal traffic as well.

No community discussion yet for this question.