Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your Azure environment contains multiple Azure virtual machines.
You need to ensure that a virtual machine named VM1 is accessible from the Internet over HTTP.
Solution: You modify a network security group (NSG).
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.A
A network security group works like a firewall. You can attach a network security group to a virtual network and/or individual subnets within the virtual network.
You can also attach a network security group to a network interface assigned to a virtual machine. You can use multiple network security groups within a virtual network to restrict traffic between resources such as virtual machines and subnets.
You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.
In this question, we need to add a rule to the network security group to allow the connection to the virtual machine on port 80 (HTTP).
https://docs.microsoft.com/en-us/azure/virtual-network/security-overviewThe solution mentioned in the scenario - modifying a Network Security Group (NSG) to allow inbound HTTP traffic to VM1 - can meet the stated goal, which is to make VM1 accessible from the Internet over HTTP.
An NSG is a security feature in Azure that acts as a virtual firewall for controlling inbound and outbound traffic to Azure resources. It contains a set of security rules that can be applied to a subnet, network interface, or virtual machine. Each rule defines a source and destination IP address range, source and destination ports, and protocol. NSGs can be associated with a subnet or a network interface attached to a virtual machine.
To make VM1 accessible from the Internet over HTTP, we need to modify the NSG associated with its network interface or subnet to allow inbound traffic on port 80, which is the default port for HTTP traffic. This can be done by creating a new inbound security rule in the NSG that allows traffic from any source on port 80 to the IP address of VM1.
Therefore, the solution of modifying an NSG to allow inbound HTTP traffic to VM1 meets the stated goal of making VM1 accessible from the Internet over HTTP.
The correct answer for this question is C. Azure Marketplace.
Azure Marketplace is an online store for buying and selling software applications that are certified to run on Azure. It offers a wide range of third-party virtual security appliances that can be easily deployed to Azure subscriptions. These security appliances are designed to protect your resources in the cloud and provide advanced threat detection, security analytics, and compliance management.
By using Azure Marketplace, you can search and find the security appliance that best meets your needs and deploy it directly to your Azure subscription. You can also compare pricing and features of different appliances and read customer reviews to ensure you choose the right solution for your business.
Option A. Azure subscriptions refers to the actual Azure subscription and is not an appropriate answer to the question.
Option B. Microsoft Defender for Cloud is a Microsoft-managed security solution that provides advanced threat protection and security management across your entire cloud environment. It is not a third-party virtual security appliance and, therefore, is not an appropriate answer to the question.
Option D. Microsoft Store is an online marketplace for Microsoft products, including software applications and hardware devices. It is not related to the deployment of third-party virtual security appliances to Azure subscriptions and, therefore, is not an appropriate answer to the question.
In summary, the most appropriate answer to the question is C. Azure Marketplace.