Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
Your company has a main office in New York and a branch office in Toronto. Each office has a dedicated connection to the Internet. Each office has a firewall that uses inbound and outbound rules.
The company has an on-premises network that contains several datacenters. The datacenters contain multiple hypervisor deployments, including Window Server 2016 Hyper-V. The network uses Microsoft System Center for monitoring and Windows Azure Pack for self-service.
The company has a Microsoft Azure subscription that contains several workloads. You use Azure Resource Manager templates and other automated processes to create and manage the resources in Azure.
You have an Azure Stack integrated system in the New York office. The company has a development team in the Toronto office and a development team in the New York office. The system has an offer named Offer1. Several tenants have subscriptions based on Offer1.
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2. Server1 is used for testing. The hardware on Server1 can support the deployment of the Azure Stack Development Kit.
You have a Generation 1 virtual machine named VM1 that runs Windows Server 2012 R2. VM1 is deployed to a Hyper-V host that runs Windows Server 2016. VM1 has a fixed size disk named VM1.vhdx that is 200 GB.
End of repeated scenario.
The development team in the Toronto office fails to access the Azure Stack integrated system. The team successfully accesses the Azure subscriptions. The development team in the New York office successfully accesses the Azure Stack integrated system.
You need to ensure that the Toronto development team can access the system.
What should you do?
A . For the Toronto development team, allow the inbound endpoints of the Azure Stack infrastructure on the New York office firewalls.
B . Create a site-to-site VPN connection from Azure to the New York office.
C . For the Toronto development team, allow ports 4443 and 8080 on the New York firewalls.
D . Configure and enable iDN
Answer: B
Explanation:
References:
https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-connect-vpn
https://docs.microsoft.com/en-us/azure/azure-stack/user/azure-stack-solution-hybrid-connectivity