Examice

Exam AZ-800 All QuestionsBrowse all questions from this exam

Go to Exam

Question 125

You have an Azure virtual machine named VM1 that runs Windows Server.

You need to configure the management of VM1 to meet the following requirements:

✑ Require administrators to request access to VM1 before establishing a Remote Desktop connection.

✑ Limit access to VM1 from specific source IP addresses.

✑ Limit access to VM1 to a specific management port.

What should you configure?

a network security group (NSG)

Azure Active Directory (Azure AD) Privileged Identity Management (PIM)

Microsoft Defender for Cloud

Azure Front Door

Correct Answer: A

To restrict access to a virtual machine by requiring administrators to request access before establishing a connection, limiting access from specific source IP addresses, and limiting access to a specific management port, you need to use a network security group (NSG). An NSG allows you to create security rules that control the inbound and outbound traffic to your VM based on various criteria, including IP addresses and port numbers. Hence, configuring an NSG will meet all the requirements specified in the question.

Discussion

syu31svcOption: C

JIT lets you allow access to your VMs only when the access is needed, on the ports needed, and for the period of time needed C is correct

kijkenOption: B

I would say B

TelekonOption: B

https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure

Telekon

I am wrong , C in this case is correct

johosofatOption: C

Its C - look at the link Just in time access request is for Defender for the cloud - https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage?tabs=jit-config-asc%2Cjit-request-asc

skycrapOption: C

C is correct. Jit

BryRobOption: C

Given answer is correct

KrayzrOption: C

Microsoft Defender for Cloud’s Just-in-Time (JIT) VM access feature1 indeed meets all the requirements listed: It requires administrators to request access to VM1 before establishing a Remote Desktop connection. It allows you to limit access to VM1 from specific source IP addresses. It enables you to limit access to VM1 to a specific management port. So, the correct answer should be: C. Microsoft Defender for Cloud https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage

gabmancusoOption: C

A&C? Not a double? Strange... None of them, alone, help us to achieve the goal. If forced to choose one opion only, I'd say C, but port? IP?

SIAMIANJIOption: A

To meet the specified requirements, you should configure a network security group (NSG). NSGs allow you to filter network traffic to and from Azure resources, including virtual machines (VMs). You can define rules within the NSG to control inbound and outbound traffic based on source and destination IP addresses, as well as specific ports. Option A. a network security group (NSG) is the correct choice as it allows you to: