Microsoft Exam SC-100 Topic 3 Question 67 Discussion

Actual exam question for Microsoft's SC-100 exam

Question #: 67
Topic #: 3

You need to design a solution to provide administrators with secure remote access to the virtual machines. The solution must meet the following requirements:

* Prevent the need to enable ports 3389 and 22 from the internet.

* Only provide permission to connect the virtual machines when required.

* Ensure that administrators use the Azure portal to connect to the virtual machines.

Which two actions should you include in the solution? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

AEnable Azure Active Directory (Azure AD) Privileged Identity Management (PIM) roles as virtual machine contributors.

BConfigure Azure VPN Gateway.

CEnable Just Enough Administration (JEA).

DEnable just-in-time (JIT) VM access.

EConfigure Azure Bastion.

Show Suggested Answer

Suggested Answer: D, E

https://docs.microsoft.com/en-us/powershell/scripting/learn/remoting/jea/overview?view=powershell-7.2 https://docs.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles

by Sherell at Jul 10, 2025, 01:51 AM

Limited Time Offer

25%

Off

Get Premium SC-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Delsie

1 days ago

Definitely go with E) Configure Azure Bastion. That's the perfect solution to meet all the requirements, no need to expose RDP/SSH ports to the internet.

upvoted 0 times

...