New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-104 Exam - Topic 11 Question 66 Discussion

Actual exam question for Microsoft's AZ-104 exam
Question #: 66
Topic #: 11
[All AZ-104 Questions]

You have an Azure subscription that contains 10 virtual machines, a key vault named Vault 1, and a network security group (NSG) named NSG1. All the resources are deployed to the East US Azure region.

The virtual machines are protected by using NSG1. NSG1 is configured to block all outbound traffic to the internet.

You need to ensure that the virtual machines can access Vault1. The solution must use the principle of least privilege and minimize administrative effort.

What should you configure as the destination of the outbound security rule for NSG1 ?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Timothy at Sep 19, 2022, 06:17 AM

Limited Time Offer

25%

Off

Get Premium AZ-104 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rose
4 months ago
I’m not sure about C, what if the service tag changes?
upvoted 0 times
...
Kristin
4 months ago
An IP address range seems too restrictive for this.
upvoted 0 times
...
Peter
4 months ago
Wait, can we really use service tags for key vault access?
upvoted 0 times
...
Emerson
4 months ago
Definitely agree with that! Service tags simplify things.
upvoted 0 times
...
Vincent
5 months ago
I think option C is the best choice.
upvoted 0 times
...
Mary
5 months ago
I’m a bit confused about application security groups. Do they even apply here, or is that just for grouping VMs?
upvoted 0 times
...
Mable
5 months ago
I feel like we practiced a similar question where we had to allow access to a specific Azure service. I think it was about using a service tag too.
upvoted 0 times
...
Sheldon
5 months ago
I'm not entirely sure, but I think using an IP address range might be too broad for least privilege.
upvoted 0 times
...
Jaclyn
5 months ago
I remember we discussed service tags in class, and they simplify NSG rules. Could it be option C?
upvoted 0 times
...
Emerson
5 months ago
I remember the professor emphasizing the importance of distinguishing between different data types. I'll double-check my notes to make sure I have this right.
upvoted 0 times
...
Apolonia
5 months ago
Okay, let's think this through step-by-step. The key is to identify the correct combination of Type, Name, and Value for the protected Resource policy.
upvoted 0 times
...

Save Cancel