AZ-900: Microsoft Azure Fundamentals Exam Answer

Implementing Solution for On-Premises Network Communication with Azure Virtual Machines

Prev Question Next Question

Question

You have an Azure environment that contains multiple Azure virtual machines.

You plan to implement a solution that enables the client computers on your on-premises network to communicate to the Azure virtual machines.

You need to recommend which Azure resources must be created for the planned solution.

Which two Azure resources should you include in the recommendation? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

AE

To implement a solution that enables the client computers on your on-premises network to communicate to the Azure virtual machines, you need to configure a

VPN (Virtual Private Network) to connect the on-premises network to the Azure virtual network.

The Azure VPN device is known as a Virtual Network Gateway. The virtual network gateway needs to be located in a dedicated subnet in the Azure virtual network. This dedicated subnet is known as a gateway subnet and must be named 'GatewaySubnet'.

Note: a virtual network (answer D) is also required. However, as we already have virtual machines deployed in a Azure, we can assume that the virtual network is already in place.

https://docs.microsoft.com/en-us/office365/enterprise/connect-an-on-premises-network-to-a-microsoft-azure-virtual-network

To enable the client computers on your on-premises network to communicate to the Azure virtual machines, you need to create a virtual network in Azure that is connected to your on-premises network. Here are the recommended Azure resources that you need to create for this solution:

  1. Virtual Network: The first Azure resource you need to create is a virtual network (VNet). A virtual network is an isolated network in the cloud where you can deploy your Azure resources. You can think of a virtual network as a logical representation of your on-premises network in Azure. You can create subnets within the virtual network to segment and organize your Azure resources. To create a virtual network, you need to specify an IP address range for the network and create one or more subnets.

  2. Virtual Network Gateway: The second Azure resource you need to create is a virtual network gateway. A virtual network gateway is a type of VPN gateway that enables you to establish a secure connection between your on-premises network and your virtual network in Azure. The virtual network gateway provides the necessary infrastructure to route traffic between the on-premises network and the virtual network. To create a virtual network gateway, you need to specify the type of VPN gateway (such as Site-to-Site or Point-to-Site), the VPN protocol (such as IKEv2 or SSTP), and the IP address range of your on-premises network.

Therefore, the recommended Azure resources for enabling communication between on-premises network and Azure virtual machines are a virtual network and a virtual network gateway. The other options listed in the question (load balancer, application gateway, and gateway subnet) are not required for this scenario.