nerdexam
ExamsCNX-001Questions#4
CompTIACompTIA

CNX-001 · Question #4

CNX-001 Question #4: Real Exam Question with Answer & Explanation

The correct answer is D: Firewall. A perimeter firewall enforces the organization's "deny inbound by default, allow all outbound" policy at the edge of the cloud environment, while an Azure-style NSG applies the same rule set at the VM/subnet level. Together they ensure no inbound connections slip through and that

Cloud Network Security

Question

Security policy states that all inbound traffic to the environment needs to be restricted, but all external outbound traffic is allowed within the hybrid cloud environment. A new application server was recently set up in the cloud. Which of the following would most likely need to be configured so that the server has the appropriate access set up? (Choose two.)

Options

  • AApplication gateway
  • BIPS
  • CPort security
  • DFirewall
  • ENetwork security group
  • FScreened subnet

Explanation

A perimeter firewall enforces the organization's "deny inbound by default, allow all outbound" policy at the edge of the cloud environment, while an Azure-style NSG applies the same rule set at the VM/subnet level. Together they ensure no inbound connections slip through and that outbound traffic remains unrestricted.

Topics

#Cloud Security#Network Access Control#Firewall#Network Security Group

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CNX-001 PracticeBrowse All CNX-001 Questions