Learn about the valid filtering approaches for Azure virtual networks, including network security groups and network virtual appliances. Explore how to filter traffic between subnets in Azure.
Table of Contents
Question
Tradewind Traders is planning to migrate to Azure cloud services however management has asked you to research connectivity features between your on-premises environment and Cloud resources. In your research, you learn that Azure virtual networks enable you to filter traffic between subnets. Which of the following are valid filtering approaches?
Select all options that apply.
A. Network virtual appliances
B. Network security groups
C. Border Gateway Protocol
Answer
A. Network virtual appliances
B. Network security groups
Explanation
A network virtual appliance is a specialized VM that can be compared to a hardened network appliance. A network virtual appliance carries out a particular network function, such as running a firewall or performing Wide Area Network (WAN) optimization.
Azure virtual networks provide a way to filter traffic between subnets. You can use a network security group (NSG) to filter inbound and outbound network traffic to and from Azure resources in an Azure virtual network. NSGs contain security rules that filter network traffic by IP address, port, and protocol. When an NSG is associated with a subnet, security rules are applied to resources deployed in that subnet. Therefore, option B, Network security groups, is a valid filtering approach.
Network virtual appliances (NVAs) are VMs that perform network functions such as a firewall, routing, or VPN gateway. NVAs can be used to filter traffic between subnets. Therefore, option A, Network virtual appliances, is also a valid filtering approach.
Border Gateway Protocol (BGP) is a routing protocol that enables you to exchange routing information between your on-premises network and Azure. However, BGP is not a filtering approach. Therefore, option C is not a valid filtering approach.
Microsoft Azure AI Fundamentals AI-900 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Microsoft Azure AI Fundamentals AI-900 exam and earn Microsoft Azure AI Fundamentals AI-900 certification.
