You have a resource group named RG1 that contains the following:
• A virtual network that contains two subnets named Subnet 1 and AzureFirewallSubnet
• An Azure Storage account named contososa1
• An Azure firewall deployed to AzureFirewallSubnet
You need to ensure that contososa1 is accessible from Subnet 1 over the Azure backbone network.
What should you do?
A . Create a stored access policy for contososa1.
B . Remove the Azure firewall-
C . implement a virtual network service endpoint.
D . Modify the Firewall and virtual networks settings for contososa1.
Answer: C
Explanation: Virtual Network (VNet) service endpoints extend your virtual network private address space and the identity of your VNet to the Azure services, over a direct connection. Endpoints allow you to secure your critical Azure service resources to only your virtual networks. Traffic from your VNet to the Azure service always remains on the Microsoft Azure backbone network.
References: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoints-overview
Leave a Reply