Microsoft Azure Administrator (AZ104) Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft Azure Administrator (AZ104) Exam. Prepare with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

Which component can restrict access to a resource in Azure based on specific network conditions?

  1. Access Policies

  2. Network Security Groups

  3. Azure Security Center

  4. Role-Based Access Control

The correct answer is: Network Security Groups

Network Security Groups (NSGs) are designed to control inbound and outbound traffic for Azure resources. They accomplish this by containing a set of security rules that define which traffic is allowed or denied based on parameters such as source and destination IP addresses, port numbers, and the protocol (TCP or UDP). This means that NSGs directly impact the ability of network traffic to access Azure resources, making them essential for enforcing specific network conditions, such as restricting access to certain IPs or ranges, thereby improving security. In contrast, Access Policies are primarily used for controlling access to specific Azure services and resources, but they do not operate at the network level. Azure Security Center provides security management and threat protection, but it is not a mechanism for network traffic control. Role-Based Access Control (RBAC) is focused on managing user permissions and roles, defining what actions users can perform on resources, but again, it does not restrict traffic based on network conditions. Therefore, using Network Security Groups is the most effective way to restrict access based on specific network criteria.

More Questions Like This