Azure Resource Creation in Specific Regions

B

To ensure that administrators can only create resources in specific regions within an Azure subscription, you should use an Azure policy.

An Azure policy is a service that allows you to create, assign, and manage policies that enforce rules over resources in an Azure subscription. Policies can be used to enforce specific requirements or restrictions, such as limiting resources to specific regions, ensuring that all virtual machines use a specific SKU, or enforcing naming conventions for resources.

To restrict administrators from creating resources outside of specific regions, you would create a policy that defines the regions where resources are allowed to be created. The policy would then be assigned to the subscription, resource group, or management group level, depending on the scope of the policy.

A read-only lock, on the other hand, prevents all users from making any changes to resources, including administrators. This is not an appropriate solution if you want administrators to be able to create resources, but only in specific regions.

A management group is a logical container that allows you to manage access, policies, and compliance across multiple subscriptions. While it can be used to enforce policies, it does not provide the granularity of control necessary to restrict resource creation to specific regions.

A reservation is used to prepay for a specific service or resource for a certain period of time. It is not used for enforcing policies or restricting resource creation.

The recommended Azure feature for hosting large video files and providing the best video playback experience for users worldwide is a content delivery network (CDN). Therefore, the correct answer is option C.

Explanation:

A content delivery network (CDN) is a distributed network of servers that delivers content to users based on their geographic location. By caching content closer to users, CDNs reduce the distance between users and the content they want to access, which improves the overall performance and speed of delivery.

CDNs are designed to handle large media files, including video, audio, and images, and provide faster and more reliable access to these files for users worldwide. When a user requests a video file, the CDN will redirect the user to the closest server with a cached copy of the file, reducing the latency and providing a better video playback experience.

In contrast, an application gateway (Option A) is a load balancer that provides web application firewall (WAF) protection and SSL/TLS termination. An Azure ExpressRoute circuit (Option B) is a dedicated private connection between an on-premises infrastructure and Azure datacenters. While these features have their use cases, they are not designed to handle large media files or provide a better video playback experience.

An Azure Traffic Manager profile (Option D) is a DNS-based traffic load balancer that distributes traffic across multiple endpoints. Although it can help improve application performance by directing users to the closest endpoint, it does not cache or optimize media files, and therefore, it is not the best Azure feature for hosting large video files.