Microsoft Azure Administrator Associate AZ-104 Practice Question
Your company needs to provide secure and seamless RDP and SSH access to virtual machines in an Azure virtual network without exposing any network endpoints to the internet. The solution should eliminate the need to manage or open inbound ports through Network Security Groups (NSGs). What is the BEST way to achieve this requirement?
Use Azure Bastion to connect to the VMs over SSL through the Azure portal.
Use a VPN gateway to connect to the virtual network and access the VMs privately.
Assign external addresses to the VMs and restrict inbound traffic using NSGs.
Implement a jumpbox VM with an external address within the virtual network.
Azure Bastion allows you to securely connect to your virtual machines through the Azure portal using SSL, without exposing any network endpoints to the internet and without opening any inbound ports in NSGs. This meets the requirement of providing secure and seamless access while maintaining strong security boundaries. Assigning external addresses and using NSGs still exposes your VMs to the internet and involves managing NSG rules. Implementing a jumpbox VM requires an external address and opens additional attack surfaces. Using a VPN gateway provides private access but requires additional client-side setup and still involves managing NSG rules, making Azure Bastion the most efficient and secure solution.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Azure Bastion?
Open an interactive chat with Bash
What are Network Security Groups (NSGs)?
Open an interactive chat with Bash
What is the difference between RDP and SSH?
Open an interactive chat with Bash
Microsoft Azure Administrator Associate AZ-104
Configure and manage virtual networking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access