HOTSPOT -
You have several Azure virtual machines on a virtual network named VNet1. VNet1 has two subnets that have 10.2.0.0/24 and 10.2.9.0/24 address spaces.
You configure an Azure Storage account as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
Box 1: always -
Endpoint status is enabled.
Box 2: Never -
After you configure firewall and virtual network settings for your storage account, select Allow trusted Microsoft services to access this storage account as an exception to enable Azure Backup service to access the network restricted storage account.
Reference:
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-windows https://azure.microsoft.com/en-us/blog/azure-backup-now-supports-storage-accounts-secured-with-azure-storage-firewalls-and-virtual-networks/
the subnet enabled on firewall portal is12.2.0.0/24. So, in the first box, the answer is "Never"
The CORRECT selection is NEVER, NEVER and here is why. since 10.2.9.0/24 part of 10.2.0.0/16 is not checked and 10.2.0.0/24 is allowed to access this storage account where 10.2.9.0/24 is not in 10.2.0.0/24 ! ,The endpoint is enable though, it is enable to 10.2.0.0/24, but not to 10.2.9.0/24. So, the endpoint is not enable to 10.2.9.0/24. A subnet mask of 24 bits basically means that the first 3 numbers of the IP are FIXED! Thus, the 10.2.0 will never change and the remaining number gives 256 subnet addresses. Then, an IP starting by 10.2.9 does not belong to the subnet that is allowed. For fun try it on the portal, when configuring this option it forces you to select subnets, which means that, in order to provide access, they should be explicitly shown on the configuration screen.
Very nice explanation
Answer should be Never, Never. The first subnet 10.2.0.0/16 endpoint status isn't enabled.
On exam today 19/11/21. NEVER/NEVER. Score 860.
On exam 6/7/21
This is one of those questions just to confuse people for no purpose. I would say the answer is still ALWAY, NEVER. The text of question says the subnet is 12.2.9/0/24, I would say the screenshot is a mistake. Of coz anyone can argue otherwise.
this question was in the exam today, the exhibit on the exam did not have an ip address on the VNET (address range).
so is the answer still Never, Never?
I think it's still NEVER/NEVER since the ip address are included in the question itself.
I think it's still NEVER/NEVER since the ip address are included in the question itself.
Answer should be never, never; The subnet 10.2.9.0 must be added (enabled) to the endpoint via "add existing vnet".
Never, Never
never never should be correct here.
Duplicate question. Topic 1, Question 45. https://www.examtopics.com/exams/microsoft/az-303/view/9/
The answers are Never/Never Same as Question#43 in Topic 1
tested and it seems that we cannot add a fw rule for a subnet that does not have service endpoint enabled.
What is the correct answer? Service Endpoints is specific to a virtual network. So ideally all subnets should access the resource
1: Never because Service Endpoint is provided per Subnet. Only listed 10.2.0.0/24, not 10.2.9.0/24.
answer is NEVER , NEVER