Microsoft Azure Fundamentals AZ-900 Practice Question
As an architect for a cloud solution, you need to make sure that a sensitive database on Azure used by your internal applications is not accessible over the internet but remains reachable from your virtual network. What should you do to achieve this secure networking requirement?
Implement a private endpoint connecting to the service
Establish an Azure VPN Gateway to the service
Assign a public IP address to the service to enable secure connections
Provision a public endpoint for the service with access controls
To ensure that an Azure-based service, like a database, is accessible only from within a virtual network and not over the internet, a private endpoint should be used. The private endpoint provides a secure connection to services by assigning a private IP address from the virtual network to the service, thereby ensuring that access to the service is limited to network communications originating from within the virtual network. A public endpoint or public IP address, on the other hand, would make the service accessible via the internet, which would not be secure for sensitive data. An Azure VPN Gateway creates a secure tunnel between different networks but does not restrict the public accessibility of services.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a private endpoint in Azure?
Open an interactive chat with Bash
What is Azure Private Link?
Open an interactive chat with Bash
How does Azure VPN Gateway differ from a private endpoint?
Open an interactive chat with Bash
Microsoft Azure Fundamentals AZ-900
Azure Architecture and Services
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access