SC-100 Question #237: Real Exam Question with Answer & Explanation

Question

Your company has 10 branch offices. Each office has a local internet connection that uses a static IP address. You have an Azure subscription. The subscription contains a storage account named storage1 that stores blobs. Users in the branch offices access the blobs via the internet. You need to recommend a solution to ensure that the data in storage1 is accessible only from the branch office static IP addresses. The solution must minimize costs. What should include in the recommendation?

Options

• AAzure Private Link
• Ban Azure Firewall policy
• CAzure Storage firewall rules
• Da network security group (NSG)

Explanation

Azure Private Link enables you to access Azure PaaS Services (for example, Azure Storage and SQL Database) and Azure hosted customer-owned/ partner services over a private endpoint in your virtual network. Traffic between your virtual network and the service travels the Microsoft backbone network. Exposing your service to the public internet is no longer necessary. You can create your own private link service in your virtual network and deliver it to your customers. Setup and consumption using Azure Private Link is consistent across Azure PaaS, customer-owned, and shared partner services. Azure Private Link provides the following benefits: * Privately access services on the Azure platform: Connect your virtual network using private endpoints to all services that can be used as application components in Azure. Service providers can render their services in their own virtual network and consumers can access those services in their local virtual network. The Private Link platform will handle the connectivity between the consumer and services over the Azure backbone network. Note: Private endpoint support for statically defined IP addresses is generally available. https://learn.microsoft.com/en-us/azure/private-link/private-link-overview

No community discussion yet for this question.