Provide Remote Access to Azure Virtual Machines in VNet1

C

A Point-to-Site (P2S) VPN gateway connection lets you create a secure connection to your virtual network from an individual client computer.

The correct answer to this question is A. Azure Key Vault.

Azure Key Vault is a service that allows you to safeguard and manage cryptographic keys, certificates, and secrets used by cloud applications and services. Key Vault provides a secure and centralized place to store sensitive information, such as authentication keys, passwords, and connection strings.

To address the concern raised by the manager, the recommended solution should be one that encrypts the administrative credentials during deployment. Azure Key Vault can be used to securely store and manage administrative credentials, such as passwords and certificates, by providing a centralized location for storage and management.

By using Azure Key Vault to store and manage administrative credentials, the credentials can be protected from exposure during the deployment process. The deployment process can retrieve the required credentials from the Key Vault securely and use them to authenticate with other Azure services.

Azure Information Protection is a service that helps to classify and label sensitive information, such as personal data or confidential business information. While it provides an additional layer of security for sensitive information, it is not specifically designed for the encryption of administrative credentials during deployment.

Azure Security Center is a service that provides advanced threat protection for Azure resources. While it can help to identify and remediate security issues, it is not specifically designed for the encryption of administrative credentials during deployment.

Azure Multi-Factor Authentication (MFA) is a service that provides an additional layer of security for user sign-ins and transactions. While it can help to protect against unauthorized access to Azure resources, it is not specifically designed for the encryption of administrative credentials during deployment.

In summary, the recommended solution to encrypt administrative credentials during deployment is Azure Key Vault.

To provide remote access to virtual machines (VMs) hosted in Microsoft Azure, you can use a Point-to-Site (P2S) VPN. This allows individual remote clients to securely connect to the Azure virtual network over the Internet, using a client certificate for authentication.

Option A, Configure a Site-to-Site (S2S) VPN, is not the correct answer in this scenario because it is used to connect two networks together, whereas the requirement is to provide access for individual remote clients.

Option B, Configure a VNet-to-VNet VPN, is also not the correct answer because it is used to connect two virtual networks together, whereas there is only one virtual network in this scenario.

Option D, Configure DirectAccess on a Windows Server 2012 server VM, is not the correct answer because DirectAccess is a deprecated technology that has been replaced by Always On VPN, which uses the same underlying VPN infrastructure as P2S VPN.

Option E, Configure a Multi-Site VPN, is not the correct answer because it is used to connect multiple on-premises networks to an Azure virtual network, whereas the requirement is to provide access for individual remote clients.

Therefore, the correct answer is C, Configure a Point-to-Site (P2S) VPN, to allow remote workers to securely access the VMs on VNet1 in Microsoft Azure.