Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
What are two possible solutions? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.
Click on the arrows to vote for the correct answer
A. B. C. D.B
A network security group works like a firewall. You can attach a network security group to a virtual network and/or individual subnets within the virtual network.
You can also attach a network security group to a network interface assigned to a virtual machine. You can use multiple network security groups within a virtual network to restrict traffic between resources such as virtual machines and subnets.
You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.
In this question, we need to add a rule to the network security group to allow the connection to the virtual machine on port 80 (HTTP).
https://docs.microsoft.com/en-us/azure/virtual-network/security-overviewThe two possible solutions for making a virtual machine (VM1) accessible from the internet over HTTP in Azure are:
B. Modify a Network Security Group (NSG): An NSG is a security feature in Azure that controls the inbound and outbound traffic flow to a virtual machine. By default, incoming internet traffic is blocked on all Azure VMs, including VM1. Therefore, you need to create an inbound rule that allows incoming HTTP traffic on port 80 or port 443. You can modify the NSG by following these steps:
D. Modify an Azure firewall: Azure Firewall is a cloud-based network security service that helps protect your Azure resources. You can create a firewall rule that allows incoming HTTP traffic on port 80 or port 443. You can modify the Azure firewall by following these steps:
Note: Options A and C are not correct solutions as Azure Traffic Manager is used for traffic routing and DDoS protection plan is used for preventing distributed denial-of-service attacks, but not for making a VM accessible from the internet over HTTP.