Learn about the valid filtering approaches for Azure virtual networks, including network security groups and network virtual appliances. Explore how to filter traffic between subnets in Azure.
Question
Tradewind Traders is planning to migrate to Azure cloud services however management has asked you to research connectivity features between your on-premises environment and Cloud resources. In your research, you learn that Azure virtual networks enable you to filter traffic between subnets. Which of the following are valid filtering approaches?
Select all options that apply.
A. Network virtual appliances
B. Network security groups
C. Border Gateway Protocol
Answer
A. Network virtual appliances
B. Network security groups
Explanation
A network virtual appliance is a specialized VM that can be compared to a hardened network appliance. A network virtual appliance carries out a particular network function, such as running a firewall or performing Wide Area Network (WAN) optimization.
Azure virtual networks provide a way to filter traffic between subnets. You can use a network security group (NSG) to filter inbound and outbound network traffic to and from Azure resources in an Azure virtual network. NSGs contain security rules that filter network traffic by IP address, port, and protocol. When an NSG is associated with a subnet, security rules are applied to resources deployed in that subnet. Therefore, option B, Network security groups, is a valid filtering approach.
Network virtual appliances (NVAs) are VMs that perform network functions such as a firewall, routing, or VPN gateway. NVAs can be used to filter traffic between subnets. Therefore, option A, Network virtual appliances, is also a valid filtering approach.
Border Gateway Protocol (BGP) is a routing protocol that enables you to exchange routing information between your on-premises network and Azure. However, BGP is not a filtering approach. Therefore, option C is not a valid filtering approach.
Microsoft Azure AI Fundamentals AI-900 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Microsoft Azure AI Fundamentals AI-900 exam and earn Microsoft Azure AI Fundamentals AI-900 certification.
Alex Lim
Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook
