What should you implement?

Posted by: Pdfprep Category: AZ-303 Tags: , ,

You have resources in three Azure regions. Each region contains two virtual machines. Each virtual machine has a public IP address assigned to its network interface and a locally installed application named App1.

You plan to implement Azure Front Door-based load balancing across all the virtual machines.

You need to ensure that App1 on the virtual machines will only accept traffic routed from Azure Front Door.

What should you implement?
A . Azure Private Link
B . service endpoints
C . network security groups (NSGs) with service tags
D . network security groups (NSGs) with application security groups

Answer: C

Explanation:

Configure IP ACLing for your backends to accept traffic from Azure Front Door’s backend IP address space and Azure’s infrastructure services only. Refer the IP details below for ACLing your backend:

✑ Refer AzureFrontDoor.Backend section in Azure IP Ranges and Service Tags for Front Door’s IPv4 backend IP address range or you can also use the service tag AzureFrontDoor.Backend in your network security groups.

Reference: https://docs.microsoft.com/en-us/azure/frontdoor/front-door-faq

Leave a Reply

Your email address will not be published.