MicrosoftMicrosoft
AZ-400 · Question #245
AZ-400 Question #245: Real Exam Question with Answer & Explanation
The correct answer is B: ensures that all traffic to new Azure Storage accounts is encrypted. During evaluation of existing resources, resources that match a deny policy definition are marked as non-compliant. https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects#denytraffic.
Submitted by carter_n· Mar 6, 2026Develop a security and compliance plan
Question
You have the following Azure policy. You assign the policy to the Tenant root group. What is the effect of the policy?
Options
- Aprevents all http traffic to existing Azure Storage accounts
- Bensures that all traffic to new Azure Storage accounts is encrypted
- Cprevents HTTPS traffic to new Azure Storage accounts when the accounts are accessed over the Internet
- Densures that all data for new Azure Storage accounts is encrypted at rest
Explanation
During evaluation of existing resources, resources that match a deny policy definition are marked as non-compliant. https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects#denytraffic.
Community Discussion
No community discussion yet for this question.