HOTSPOT
You need to restrict traffic from VMScaleSet1 to VMScaleSet2. The solution must meet the virtual networking requirements.
What is the minimum number of custom NSG rules and NSG assignments required? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
To restrict traffic from VMScaleSet1 to VMScaleSet2, Network Security Group (NSG) rules need to be created and assigned to the appropriate resources. An NSG rule is required to allow or deny traffic to or from a network interface (NIC), VM, or subnet.
Based on the requirement to only allow traffic from VMScaleSet1 to VMScaleSet2 on TCP port 443, the following can be determined:
Minimum number of custom NSG rules:
You need at least one rule to allow TCP port 443 and another to deny all other traffic that does not match any prior rules. However, because NSGs have default rules that deny all inbound traffic if no other rule allows it, you might only need to create a single rule to allow traffic on TCP port 443. But to be fully explicit and depending on the existing rules, you might also add a deny rule explicitly. So, the minimum number could be 1 (if relying on default rules) or 2 (if being explicit).
Minimum number of NSG assignments:
For NSG assignments, you would typically assign an NSG to the subnet or network interfaces of VMScaleSet2 to control the inbound traffic from VMScaleSet1. Since all VM instances in a scale set can share a single NSG, you only need to make one assignment of the NSG to cover all instances of VMScaleSet2. Therefore, the minimum number of NSG assignments is 1.
So, for the given scenario:
The minimum number of custom NSG rules required: 1 (to allow TCP port 443, assuming default rules handle the deny)
The minimum number of NSG assignments required: 1 (assign the NSG to the subnet or NICs of VMScaleSet2)
These selections are made with the assumption that the goal is to enforce the minimum necessary configuration changes while still satisfying the requirements.
Latest AZ-700 Dumps Valid Version with 59 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund