AZ-140 · Question #208
AZ-140 Question #208: Real Exam Question with Answer & Explanation
The correct answer is A: Conditional Access. Conditional Access with Named Locations allows you to define the public IP ranges of the Seattle and Vancouver offices and create a policy that blocks (or requires compliant access from) any location outside those ranges. This is the identity-aware, policy-based way to restrict a
Question
You have an Azure Virtual Desktop deployment that contains five session hosts. You have users that work from offices in Seattle and Vancouver. The users connect to the session hosts over the internet. You need to ensure that the users can connect to the session hosts from only the Seattle and Vancouver offices. What should you use?
Options
- AConditional Access
- BRDP Shortpath
- Ca network security group (NSG)
- DAzure Firewall
Explanation
Conditional Access with Named Locations allows you to define the public IP ranges of the Seattle and Vancouver offices and create a policy that blocks (or requires compliant access from) any location outside those ranges. This is the identity-aware, policy-based way to restrict access by geographic/network source in Azure AD. An NSG (C) or Azure Firewall (D) operate at the network layer and are not designed to gate AVD user authentication based on source location. RDP Shortpath (B) is a connectivity optimization protocol and has no location-based access control capability.
Topics
Community Discussion
No community discussion yet for this question.