New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-900 Exam - Topic 7 Question 36 Discussion

Actual exam question for Microsoft's AZ-900 exam
Question #: 36
Topic #: 7
[All AZ-900 Questions]

You have a resource group named RG1.

You plan to create virtual networks and app services in RG1.

You need to prevent the creation of virtual machines only in RG1.

What should you use?

Show Suggested Answer Hide Answer
Suggested Answer: D

Azure policies can be used to define requirements for resource properties during deployment and for already existing resources. Azure Policy controls properties such as the types or locations of resources.

Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements.

In this question, we would create a Azure policy assigned to the resource group that denies the creation of virtual machines in the resource group.

You could place a read-only lock on the resource group. However, that would prevent the creation of any resources in the resource group, not virtual machines only. Therefore, an Azure Policy is a better solution.

References:

https://docs.microsoft.com/en-us/azure/governance/policy/overview


by Lashaunda at May 06, 2022, 08:41 AM

Limited Time Offer

25%

Off

Get Premium AZ-900 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Johnna
4 months ago
Nah, banning with a role seems too complicated for just VMs.
upvoted 0 times
...
Lorrine
4 months ago
Surprised that tags don't help with this!
upvoted 0 times
...
Bobbie
4 months ago
I think a lock would work too, right?
upvoted 0 times
...
Rebbecca
5 months ago
Totally agree, Azure policy is the way to go!
upvoted 0 times
...
Mabel
5 months ago
You can use an Azure policy to restrict VM creation.
upvoted 0 times
...
Magdalene
5 months ago
Tags seem more about organization than restrictions. I think the answer is definitely an Azure policy based on what we practiced.
upvoted 0 times
...
Ma
5 months ago
I feel like we discussed Azure roles in relation to permissions, but I'm not convinced that's the right choice for preventing VM creation.
upvoted 0 times
...
Leslie
5 months ago
I'm not entirely sure, but I remember something about using locks for resource management. Could that apply here?
upvoted 0 times
...
Aretha
5 months ago
I think we might need to use an Azure policy to restrict the creation of virtual machines in RG1. That sounds familiar from our practice sessions.
upvoted 0 times
...
Katheryn
5 months ago
The wording of these options is tricky, but I think I can narrow it down. I'll make sure to select the three that most accurately describe the dispatcher's responsibilities.
upvoted 0 times
...
Maxima
5 months ago
Keeping the end goal in mind is crucial for any discussion or problem-solving process. Option A seems like the best choice to me.
upvoted 0 times
...
Marlon
5 months ago
This question seems straightforward. I'll focus on the key ways to prevent fraud, like strong internal controls, regular reconciliations, and surprise audits.
upvoted 0 times
...

Save Cancel