nerdexam
Microsoft

AZ-400 · Question #197

SIMULATION You plan to add a new web farm that will be published by using an IP address of 10.0.0.5. You need to allow traffic from the web farm to an Azure Database for MySQL server named az400- 1156

The correct approach uses server-level firewall rules in Azure Database for MySQL's Connection Security settings to explicitly allow traffic from the specific IP address 10.0.0.5. By setting both the Start IP and End IP fields to the same address (10.0.0.5), you create a precise,

Submitted by packet_pusher· Mar 6, 2026Implement and manage database security and network access controls in Azure - specifically configuring server-level firewall rules for Azure Database for MySQL to restrict and allow traffic from specific IP addresses, aligning with AZ-400 DevSecOps and infrastructure security objectives.

Question

SIMULATION You plan to add a new web farm that will be published by using an IP address of 10.0.0.5. You need to allow traffic from the web farm to an Azure Database for MySQL server named az400- 11566895-mysql. To complete this task, sign in to the Microsoft Azure portal. Answer: Server-level firewall rules can be used to manage access to an Azure Database for MySQL Server from a specified IP address or a range of IP addresses. Create a server-level firewall rule in the Azure portal 1. On the MySQL server page, under Settings heading, click Connection Security to open the Connection Security page for the Azure Database for MySQL. 2. In the firewall rules for the Azure Database for MySQL, you can specify a single IP address or a range of addresses. If you want to limit the rule to a single IP address, type the same address in the Start IP and End IP fields. Opening the firewall enables administrators, users, and application to access any database on the MySQL server to which they have valid credentials. 3. Click Save on the toolbar to save this server-level firewall rule. Wait for the confirmation that the update to the firewall rules is successful. Reference: https://docs.microsoft.com/en-us/azure/mysql/howto-manage-firewall-using-portal#create-a- server-level-firewall-rule-in-the-azure-portal

Exhibit

AZ-400 question #197 exhibit

Explanation

The correct approach uses server-level firewall rules in Azure Database for MySQL's Connection Security settings to explicitly allow traffic from the specific IP address 10.0.0.5. By setting both the Start IP and End IP fields to the same address (10.0.0.5), you create a precise, single-IP rule that grants the web farm access without over-exposing the database server. Saving the rule activates it immediately, enabling the web farm to connect to the MySQL server while keeping all other unauthorized IPs blocked.

Topics

#Azure Database for MySQL#Firewall Rules#Network Security#Azure Portal Configuration

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice