AZ-500 · Question #86
AZ-500 Question #86: Real Exam Question with Answer & Explanation
The correct answer is D: container groups. Azure Container Groups Explanation Why D is correct: Container groups in Azure Container Instances (ACI) allow multiple containers to be scheduled together on the same host machine, sharing the same lifecycle, network, and storage resources. Since containers within a group share
Question
You plan to deploy Azure container instances. You have a containerized application that validates credit cards. The application is comprised of two containers: an application container and a validation container. The application container is monitored by the validation container. The validation container performs security checks by making requests to the application container and waiting for responses after every transaction. You need to ensure that the application container and the validation container are scheduled to be deployed together. The containers must communicate to each other only on ports that are not externally exposed. What should you include in the deployment?
Options
- Aapplication security groups
- Bnetwork security groups (NSGs)
- Cmanagement groups
- Dcontainer groups
Explanation
Azure Container Groups Explanation
Why D is correct: Container groups in Azure Container Instances (ACI) allow multiple containers to be scheduled together on the same host machine, sharing the same lifecycle, network, and storage resources. Since containers within a group share a local network namespace, they can communicate with each other via localhost on internal ports without those ports being exposed externally - perfectly matching the requirement for private application-to-validation container communication.
Why the distractors are wrong:
- A (Application Security Groups): These are used to group VM network interfaces for simplified NSG rule management - they have no relevance to container scheduling or deployment.
- B (Network Security Groups): NSGs control inbound/outbound network traffic at the subnet or NIC level for VMs; they don't manage how containers are co-located or handle inter-container communication within ACI.
- C (Management Groups): These are used to organize Azure subscriptions for governance and policy purposes - completely unrelated to container deployment or networking.
Memory Tip: Think of a container group like a pod in Kubernetes - it's the fundamental unit that bundles containers together, giving them a shared "home" so they can whisper to each other privately without the outside world listening. If containers need to live together and talk privately, they need a group!
Topics
Community Discussion
No community discussion yet for this question.