nerdexam
Microsoft

AZ-400 · Question #245

You have the following Azure policy. You assign the policy to the Tenant root group. What is the effect of the policy?

The correct answer is B. ensures that all traffic to new Azure Storage accounts is encrypted. During evaluation of existing resources, resources that match a deny policy definition are marked as non-compliant. https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects#denytraffic.

Submitted by carter_n· Mar 6, 2026Develop a security and compliance plan

Question

You have the following Azure policy. You assign the policy to the Tenant root group. What is the effect of the policy?

Options

  • Aprevents all http traffic to existing Azure Storage accounts
  • Bensures that all traffic to new Azure Storage accounts is encrypted
  • Cprevents HTTPS traffic to new Azure Storage accounts when the accounts are accessed over the Internet
  • Densures that all data for new Azure Storage accounts is encrypted at rest

How the community answered

(44 responses)
  • A
    2% (1)
  • B
    82% (36)
  • C
    5% (2)
  • D
    11% (5)

Explanation

During evaluation of existing resources, resources that match a deny policy definition are marked as non-compliant. https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects#denytraffic.

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice