Skills Learned
- Describe Network Security Groups (NSG)
- Describe Application Security Groups (ASG)
Study Guide

Practice Test

Question 3

Network Security Groups a service that is used to …

❌ ✔ ⚪ 🔵 ⬜ 🟦 Group resources based on the network interfaces assignment

❌ ✔ ⚪ 🔵 ⬜ 🟦 Group resources based on the subnet assignment

❌ ✔ ⚪ 🔵 ⬜ 🟦 Group resources based on the virtual network assignment

❌ ✔ ⚪ 🔵 ⬜ 🟦 Filter inbound traffic to the virtual network resources

❌ ✔ ⚪ 🔵 ⬜ 🟦 Filter outbound traffic to the virtual network resources

❌ ✔ ⚪ 🔵 ⬜ 🟦 Filter outbound traffic to the internet

❌ ✔ ⚪ 🔵 ⬜ 🟦 Filter inbound traffic to the internet

❌ ✔ ⚪ 🔵 ⬜ 🟦 Filter inbound and outbound traffic to/from the virtual network resources

✔ That's correct

❌ That's not correct

👨‍🦱 💬 Network Security Group is a service that allows customers to filter both inbound (incoming) and outbound (outgoing) traffic from and to resources that are located in the Azure Virtual Network.

Question 5

Contoso has a subnet with 10 Virtual Machines. 5 of which are Web Servers and 5 are Storage Servers. They need to be able to quickly and effectively manage networking setups (NGSs) for those servers in the future. Which is the most effective way to achieve this in terms of time and maintenance required?

❌ ✔ ⚪ 🔵 ⬜ 🟦 Network Security Group Rules with IP ranges

❌ ✔ ⚪ 🔵 ⬜ 🟦 Network Security Group Rules with static IP assignments

❌ ✔ ⚪ 🔵 ⬜ 🟦 Network Security Group Rules with Application Security Groups

❌ ✔ ⚪ 🔵 ⬜ 🟦 Application Security Group Rules

❌ ✔ ⚪ 🔵 ⬜ 🟦 Two Network Security Groups, one associated with web server network interfaces and the second associated with storage server network interfaces

✔ That's correct

❌ That's not correct

👨‍🦱 💬 While a multiple of mentioned ways can work, application security groups were created to help with the management of networking rules by grouping multiple servers together and enabling those groups to be used inside of the network security group rules.

Question 6

What information is required to create a Network Security Group Rule? Choose 4.

❌ ✔ ⚪ 🔵 ⬜ 🟦 Source and Target Port

❌ ✔ ⚪ 🔵 ⬜ 🟦 Service Name

❌ ✔ ⚪ 🔵 ⬜ 🟦 Source and Destination address specification

❌ ✔ ⚪ 🔵 ⬜ 🟦 Direction (inbound/outbound)

❌ ✔ ⚪ 🔵 ⬜ 🟦 Server Fully Qualified Domain Name (FQDN)

❌ ✔ ⚪ 🔵 ⬜ 🟦 Protocol

✔ That's correct

❌ That's not correct

👨‍🦱 💬 Rules can deny or allow access to the network based on the source/target port, source/target address specification, direction (inbound/outbound) and protocol.

◀ Previous Episode Next Episode ▶

Adam Marczak

Programmer, architect, trainer, blogger, evangelist are just a few of my titles. What I really am, is a passionate technology enthusiast. I take great pleasure in learning new technologies and finding ways in which this can aid people every day. My latest passion is running an Azure 4 Everyone YouTube channel, where I show that Azure really is for everyone!