Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify a network security group (NSG).
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.A
A network security group works like a firewall. You can attach a network security group to a virtual network and/or individual subnets within the virtual network.
You can also attach a network security group to a network interface assigned to a virtual machine. You can use multiple network security groups within a virtual network to restrict traffic between resources such as virtual machines and subnets.
You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.
In this question, we need to add a rule to the network security group to allow the connection to the virtual machine on port 80 (HTTP).
https://docs.microsoft.com/en-us/azure/virtual-network/security-overviewThe provided solution to modify a network security group (NSG) can meet the goal of ensuring that VM1 is accessible from the Internet over HTTP.
A network security group (NSG) is a set of rules that controls inbound and outbound network traffic to an Azure virtual network. By modifying the rules of an NSG, you can control the traffic that is allowed to or from virtual machines in the network.
To allow VM1 to be accessible from the Internet over HTTP, you would need to modify the NSG that is associated with the virtual network that VM1 is connected to. Specifically, you would need to add an inbound security rule to allow traffic from the Internet to reach VM1 over the HTTP protocol.
The rule would need to have the following properties:
Once this rule is added to the NSG, traffic from the Internet over HTTP will be allowed to reach VM1, and it will be accessible from the Internet.
Therefore, the solution of modifying an NSG can meet the goal of ensuring that VM1 is accessible from the Internet over HTTP. The answer is A. Yes.