Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
You have been informed by your superiors of the company's intentions to automate server deployment to Azure. There is, however, some concern that administrative credentials could be uncovered during this process.
You are required to make sure that during the deployment, the administrative credentials are encrypted using a suitable Azure solution.
Solution: You recommend the use of Azure Information Protection.
Does the solution meet the goal?
Click on the arrows to vote for the correct answer
A. B.B
The correct answer is A, a network security group (NSG).
Explanation:
A network security group (NSG) is an Azure resource that acts as a firewall for controlling traffic in and out of virtual machines and subnets. It can be used to filter network traffic based on port, protocol, and source/destination IP address ranges.
In this scenario, to control the ports that devices on the Internet can use to access the virtual machines, you would need to create an NSG rule that allows traffic on the specific port(s) you want to use. By default, all incoming traffic is blocked, so you must create rules to allow traffic to the virtual machines.
An Azure Active Directory (Azure AD) role is used to grant permissions to manage Azure resources, not to control network traffic. An Azure Active Directory group is used to manage access to Azure resources and to assign roles to users or groups, but again, not to control network traffic. An Azure key vault is used to store and manage cryptographic keys, secrets, and certificates. It is not related to controlling network traffic.
Therefore, the correct option to use in this scenario is A, a network security group (NSG).
The solution proposed to encrypt administrative credentials during server deployment to Azure is to use Azure Information Protection (AIP).
AIP is a cloud-based solution from Azure that helps to classify, label, and protect data and documents. It provides encryption and rights management capabilities to secure sensitive information and prevent unauthorized access.
In the context of the given scenario, AIP can be used to encrypt administrative credentials during the deployment process to Azure. This ensures that the credentials are protected from unauthorized access and can only be accessed by authorized individuals with the appropriate permissions.
Therefore, the solution of using Azure Information Protection (AIP) to encrypt administrative credentials during server deployment to Azure meets the goal of ensuring that the credentials are encrypted using a suitable Azure solution.
Hence, the answer is A. Yes, the solution meets the goal.