AZ-500 · Question #150
AZ-500 Question #150: Real Exam Question with Answer & Explanation
The correct answer is B: Just-in-time access. Just-in-Time (JIT) VM Access Just-in-time (JIT) access is correct because it is a Microsoft Defender for Cloud feature specifically designed to lock down inbound traffic to Azure VMs and allow administrators to request temporary, time-limited access only when needed - directly ad
Question
Your company has a set of virtual machines setup in Azure. They want to ensure that IT administrators can request for access when they want to connect to the virtual machine. Which of the following could be used to fulfil this requirement?
Options
- AAzure Identity Protection
- BJust-in-time access
- CAzure Policies
- DAzure Automation
Explanation
Just-in-Time (JIT) VM Access
Just-in-time (JIT) access is correct because it is a Microsoft Defender for Cloud feature specifically designed to lock down inbound traffic to Azure VMs and allow administrators to request temporary, time-limited access only when needed - directly addressing the requirement of controlled, on-demand VM connectivity.
Why the distractors are wrong:
- Azure Identity Protection (A) focuses on detecting and responding to identity-based risks (e.g., compromised credentials), not controlling VM connection access requests.
- Azure Policies (C) enforce organizational rules and compliance standards across resources, but do not manage or gate access requests to virtual machines.
- Azure Automation (D) is used for automating repetitive tasks, configuration management, and runbooks - not for controlling administrator access to VMs.
🧠 Memory Tip: Think of JIT like a "VIP velvet rope" - administrators must request entry, access is granted only for a limited time, and the "door" locks again automatically. The word "just-in-time" itself implies access is given only when needed, which maps perfectly to the scenario described.
Topics
Community Discussion
No community discussion yet for this question.