Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-104 Exam - Topic 5 Question 107 Discussion

You have a subnet named Subnet1 that contains Azure virtual machines. A network security group (NSG) named NSG1 is associated to Subnet1, NSG1 on default rules.You need to create a rule in NSG1 to prevent the hosts on Subnet1 from connecting to the azure portal. The hosts must be able to connect to other ...To what should you set Destination in the rule?
A) Service tag
B) IP addresses
C) Application security group
D) Any

Microsoft AZ-104 Exam - Topic 5 Question 107 Discussion

Actual exam question for Microsoft's AZ-104 exam
Question #: 107
Topic #: 5
[All AZ-104 Questions]

You have a subnet named Subnet1 that contains Azure virtual machines. A network security group (NSG) named NSG1 is associated to Subnet1, NSG1 on default rules.

You need to create a rule in NSG1 to prevent the hosts on Subnet1 from connecting to the azure portal. The hosts must be able to connect to other ...

To what should you set Destination in the rule?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Brande at Sep 18, 2024, 04:34 AM

Limited Time Offer

25%

Off

Get Premium AZ-104 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Francene
6 months ago
Any option seems too broad for this scenario.
upvoted 0 times
...
Shenika
6 months ago
Wait, can you really block access to the Azure portal like that?
upvoted 0 times
...
Mayra
7 months ago
I thought IP addresses would work too, but I guess not.
upvoted 0 times
...
Stephaine
7 months ago
Totally agree, service tags are the way to go!
upvoted 0 times
...
Alisha
7 months ago
You need to set the destination to a service tag.
upvoted 0 times
...
Daisy
7 months ago
I think "Any" would be too broad for this scenario. We need to be specific about blocking the portal access, right?
upvoted 0 times
...
Lorriane
8 months ago
I’m a bit confused about whether to use IP addresses or service tags here. I feel like both could work, but I’m not certain.
upvoted 0 times
...
Lili
8 months ago
This question feels familiar; I think we had a practice one about NSGs and service tags. I might lean towards option A.
upvoted 0 times
...
Mauricio
8 months ago
I remember we talked about service tags in class, but I'm not sure if they can block access to the Azure portal specifically.
upvoted 0 times
...
Edda
8 months ago
I'm pretty confident the answer is Service tag. That's the most targeted and specific way to block access to the Azure portal while still allowing other connectivity.
upvoted 0 times
...
Elli
8 months ago
I'm a bit confused on this one. Is it really that simple to just use a service tag? I feel like there might be more to it than that.
upvoted 0 times
...
Donette
8 months ago
Okay, I've got a strategy here. I'll create a rule that blocks traffic to the "AzurePortal" service tag, that should do the trick.
upvoted 0 times
...
Lottie
8 months ago
Hmm, I'm not sure about this one. I'll need to double-check the documentation on NSG rules and service tags to be sure.
upvoted 0 times
...
Layla
8 months ago
I think the answer is Service tag, since the Azure portal has a specific service tag that we can use to target it in the NSG rule.
upvoted 0 times
...
Lizbeth
8 months ago
I'm leaning towards whiteboarding, but I'm not 100% confident. I should review the WebEx Teams features again to make sure I'm not missing something.
upvoted 0 times
...
Georgeanna
2 years ago
D) Any - Really? That's like saying 'Destination: Everything'. Can't be the right answer.
upvoted 0 times
Edelmira
2 years ago
C) Application security group
upvoted 0 times
...
Wenona
2 years ago
B) IP addresses
upvoted 0 times
...
Xochitl
2 years ago
A) Service tag
upvoted 0 times
...
...
Alline
2 years ago
C) Application security group - Hmm, I don't think that's the right choice here. We're trying to block the Azure portal, not a specific app.
upvoted 0 times
...
Rima
2 years ago
This is a classic case of 'when in doubt, choose the service tag'.
upvoted 0 times
Gilma
2 years ago
I'm not sure about that, I think it might be application security group.
upvoted 0 times
...
Karrie
2 years ago
C) Application security group
upvoted 0 times
...
Noel
2 years ago
I agree, service tag seems like the safest choice here.
upvoted 0 times
...
Coletta
2 years ago
A) Service tag
upvoted 0 times
...
Noble
2 years ago
I'm not sure, but I think it might be IP addresses.
upvoted 0 times
...
Ludivina
2 years ago
B) IP addresses
upvoted 0 times
...
Keneth
2 years ago
I think you're right, service tag is usually the best option.
upvoted 0 times
...
Leota
2 years ago
A) Service tag
upvoted 0 times
...
...
Willard
2 years ago
A) Service tag - Makes sense to me. The Azure portal is a service, so a service tag would be the way to go.
upvoted 0 times
Eric
2 years ago
D) Any
upvoted 0 times
...
Melita
2 years ago
C) Application security group
upvoted 0 times
...
Emogene
2 years ago
C) Application security group
upvoted 0 times
...
Emeline
2 years ago
B) IP addresses
upvoted 0 times
...
Shonda
2 years ago
B) IP addresses
upvoted 0 times
...
Tamesha
2 years ago
A) Service tag
upvoted 0 times
...
Galen
2 years ago
A) Service tag
upvoted 0 times
...
...
Mendy
2 years ago
That makes sense too. I guess it depends on how we want to manage the destination for the rule.
upvoted 0 times
...
Margery
2 years ago
I disagree, I believe the answer is A) Service tag because it allows us to define the destination based on predefined tags.
upvoted 0 times
...
Mendy
2 years ago
I think the answer is B) IP addresses because we need to specify the destination for the rule.
upvoted 0 times
...

Save Cancel