Azure VM1: Configuring Internet Access for HTTP

Configure Azure VM1 for Internet Access over HTTP

Prev Question Next Question

Question

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your Azure environment contains multiple Azure virtual machines.

You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.

Solution: You modify a DDoS protection plan.

Does this meet the goal?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B.

B

DDoS is a form of attack on a network resource. A DDoS protection plan is used to protect against DDoS attacks; it does not provide connectivity to a virtual machine.

To ensure that a virtual machine named VM1 is accessible from the Internet over HTTP, you need to modify a network security group or Azure Firewall.

https://docs.microsoft.com/en-us/azure/virtual-network/ddos-protection-overview

No, modifying a DDoS protection plan does not meet the goal of making a specific virtual machine (VM1) accessible from the internet over HTTP. A DDoS protection plan is a service that helps protect an entire Azure resource group from distributed denial-of-service (DDoS) attacks. It provides enhanced DDoS mitigation capabilities, such as traffic monitoring and application-layer protection.

To make a specific virtual machine accessible from the internet over HTTP, you need to configure a few things:

  1. Assign a public IP address to the VM1 or create an Azure Load Balancer to distribute the traffic.
  2. Open port 80 (HTTP) in the NSG (Network Security Group) associated with the VM1's virtual network interface.
  3. Ensure that there are no additional firewalls or access control lists blocking the HTTP traffic.

Therefore, the correct solution to meet the goal is to assign a public IP address to the VM1 or create an Azure Load Balancer and configure NSG and firewall settings accordingly.