Microsoft Azure Administrator (AZ104) Practice Exam

Question: 1 / 400

Which component can restrict access to a resource in Azure based on specific network conditions?

Access Policies

Network Security Groups

Network Security Groups (NSGs) are designed to control inbound and outbound traffic for Azure resources. They accomplish this by containing a set of security rules that define which traffic is allowed or denied based on parameters such as source and destination IP addresses, port numbers, and the protocol (TCP or UDP). This means that NSGs directly impact the ability of network traffic to access Azure resources, making them essential for enforcing specific network conditions, such as restricting access to certain IPs or ranges, thereby improving security.

In contrast, Access Policies are primarily used for controlling access to specific Azure services and resources, but they do not operate at the network level. Azure Security Center provides security management and threat protection, but it is not a mechanism for network traffic control. Role-Based Access Control (RBAC) is focused on managing user permissions and roles, defining what actions users can perform on resources, but again, it does not restrict traffic based on network conditions. Therefore, using Network Security Groups is the most effective way to restrict access based on specific network criteria.

Get further explanation with Examzify DeepDiveBeta

Azure Security Center

Role-Based Access Control

Next Question

Report this question

Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy