Exam AZ-700 All QuestionsBrowse all questions from this exam
Go to Exam
Question 240

HOTSPOT

-

You have an Azure subscription that contains the resources shown in the following table.

You need to restrict access to storage1 and sql1 by using service endpoints. The solution must meet the following requirements:

• Allow access from Subnet1 to SQLDB1.

• Implement service endpoint policies to restrict access to supported resources.

• Allow access from Subnet1 to storage1 and the read-only replica of storage1 in the paired Azure region.

What is the minimum number of service endpoints and service endpoint policies you should create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

    Correct Answer:

Discussion
matanzpl

Service Endpoint: 2 - Storage and SQL SE Policies: 1 - just for Storage SE

LieJ0n

agreed!

Andrewwfw

I believe the correct answer should be 3 & 1 Service Endpoint 3 (sql1 and storage1 in East US, storage1 in West US) Service Endpoint Policy 2 (storage in East US, storage in West US) Reasons: Virtual networks must be in the same region as the service endpoint policy. (You need 2 policies in the 2 regions for storage accounts) Azure SQL Server does not support service endpoint policies (Only Azure SQL Managed Instance does)

Andrewwfw

Correction, 1. Now we have Azure Storage cross-region service endpoints 2. You dont need a second policy for the second region: "RA-GRS secondary access is automatically allowed if the primary account is listed." https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoint-policies-overview Then answer should be 2 & 1

AlainChk

We need a second SE Policy to restrict access for SQLDB1. So that makes: 2 SE (Storage and SQL) 2 SE Policies (Storage1 and SQL)

Avanade2023

Service endpoint: 3 (sql1 and storage1 in East US, storage1 in West US) service endpoint policy: 3 (sql1 and storage1 in East US, storage1 in West US)

wds

Correct