Examice

Exam AZ-400 All QuestionsBrowse all questions from this exam

Go to Exam

Question 127

You have the following Azure policy.

You assign the policy to the Tenant root group.

What is the effect of the policy?

prevents all HTTP traffic to existing Azure Storage accounts

ensures that all traffic to new Azure Storage accounts is encrypted

prevents HTTPS traffic to new Azure Storage accounts when the accounts are accessed over the Internet

ensures that all data for new Azure Storage accounts is encrypted at rest

Correct Answer: B

This Azure policy is designed to enforce HTTPS traffic only for new Azure Storage accounts. The conditions specified in the policy will trigger a deny action for any storage account that does not support HTTPS traffic. This ensures that any new storage account created under this policy will have its traffic encrypted, as only HTTPS traffic will be allowed. This does not affect existing storage accounts unless manually remediated. Therefore, the effect of the policy is that all traffic to new Azure Storage accounts is encrypted, making option B correct.

Discussion

rafapaz09Option: D

Correct answer is good, the policy is not going to apply to the existing resources, unless you run a remediation task to force the policy to all the existing resources

Kinon4Option: A

If storage accounts don't support HTTPS only, then deny. Therefore answer is A, only accepts encrypted traffic.

Kinon4

Answer is B**

CyberLumi

The policy denies the creation of any new storage account that does not allow the https protocol. It is a DENY policy not a policy to allow https traffic. Answer is B

ozbonnyOption: B

B. ensures that all traffic to new Azure Storage accounts is encrypted

AtosOption: B

The code just seems unnecessary and answers just as bad. From what i understand it has 2 negative clauses that would effectively mean the https rule is enforced, so the storage traffic is securely encrypted. Ans: B.

binqOption: B

Correct. Policy denies all future storage accounts that don't support HTTPS. Policies don't affect existing resources, hence A is incorrect.

rdemontisOption: B

This is the reason why the correct answer is B: "During evaluation of existing resources, resources that match a deny policy definition are marked as non-compliant" https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects#deny

ShreyansOption: B

Correct Answer is B

hajurbauOption: B

Answer A is also correct if the remediation is ran. But selecting B for now

GokhanSenyuzOption: B

answer B That's the cheese!

syu31svcOption: B

Not equals true then deny is the key here You do not allow traffic if it is not HTTPS Answer is B

GovcommOption: D

All traffic to the Azure Storage Account is encrypted through HTTPS

EltoothOption: B

B is correct answer.

UnknowManOption: D

Correct and you can run "remediation task for existing resources.

CheehpOption: B

Selected during exam. B. ensures that all traffic to new Azure Storage accounts is encrypted

sujitwarrier11Option: B

Correct answer B. Azure policy wont affect existing resources I think, only the newly created once after policy is enforced are affected.

PlumpyTumblerOption: B

Word up. It's B, I'm not going to put the same link everyone else provided. This is a well documented answer.

Sst121Option: A

Ans: A