HOTSPOT -
You need to recommend a solution for App1. The solution must meet the technical requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
Box 1: 3 -
One virtual network for every tier
Box 2: 1 -
Only one subnet for each tier, to minimize the number of open ports.
Scenario: You have a public-facing application named App1. App1 is comprised of the following three tiers:
✑ A SQL database
✑ A web front end
✑ A processing middle tier
Each tier is comprised of five virtual machines. Users access the web front end by using HTTPS only.
Technical requirements:
✑ Move all the virtual machines for App1 to Azure.
Minimize the number of open ports between the App1 tiers.
Should be 1 Vnet and 3 Subnets. See https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/n-tier/n-tier-sql-server
Agree with you, thanks for posting the document
Not sure because we're supposed to minimize the open ports between tiers. This is easier with 3 VNets than with 3 subnets in a single VNet.
Don't agree... You would need VNet peering + NSG's With 1 VNET and 3 Subnets, you simply control ports with Subnet Bound NSG's Creating 3 VNets would be overkill
3 VNETS : Costly, difficult to manage, difficult to operate, difficult to monitor. (difficult/complex). save cost and get bonus.
3 VNETS : Costly, difficult to manage, difficult to operate, difficult to monitor. (difficult/complex). save cost and get bonus.
Don't agree... You would need VNet peering + NSG's With 1 VNET and 3 Subnets, you simply control ports with Subnet Bound NSG's Creating 3 VNets would be overkill
3 VNETS : Costly, difficult to manage, difficult to operate, difficult to monitor. (difficult/complex). save cost and get bonus.
I agree
3 VNETS : Costly, difficult to manage, difficult to operate, difficult to monitor. (difficult/complex). save cost and get bonus.
3 virtual networks and one subnet per virtual network - Creating a virtual network for each application tier is not a best practice. 3 virtual networks and three subnets per virtual network - This solution will have 9 subnets, that is more than the number of servers for App1. 1 virtual network and one subnet per virtual network - This solution will have all servers deployed in the same subnet, that is not a best practice. Answer is 1 Vnet with 3 subnets
1 Vnet 3 Subnet
Answer is incorrect. It should be: 1 Vnet, 3 subnets.
I think 4 subnets, since we will need a GatewaySubnet too.
... yes, I'm aware that's not even an option here LOL.
But which requirement is suggesting to use VPN?
1 VNet and 3 subnets. If we use 3 Vnet that would require higher admin effort. Also because of VNet peering, each Vnet will need to have 2 subnet include gateway subnet each.
Today 19/11/21. No use case of this help platform appeared in my exam. Score 860.
Answer is correct from security. If we have one VNET everything will be talking to each other with the default VirtualNetwork Tag. WIth three VNETs you would have to specify the NSG rules, which would block off traffic when you create the peer.