Microsoft Azure Administrator Associate AZ-104 Practice Question
An organization has deployed multiple virtual machines (VMs) within an Azure virtual network. The VMs do not have public IP addresses, and network security group (NSG) rules prevent inbound internet traffic. Administrators need a secure method to manage these VMs remotely over the internet without modifying NSG rules or assigning public IPs to the VMs. What should the administrators implement to achieve this requirement?
Deploy an Azure Bastion host in the virtual network.
Configure a point-to-site VPN connection to the virtual network.
Enable just-in-time (JIT) VM access for the VMs.
Add a public load balancer to provide access to the VMs.
Deploying an Azure Bastion host in the virtual network allows administrators to securely access the VMs using Remote Desktop Protocol (RDP) or Secure Shell (SSH) directly through the Azure portal over HTTPS. This method does not require public IP addresses on the VMs or changes to NSG rules, as Azure Bastion provides secure connectivity over TLS.
Configuring a point-to-site VPN would require setting up VPN clients on administrator workstations and maintaining VPN infrastructure. While this provides secure access, it adds complexity and requires VPN connectivity. Enabling just-in-time VM access still necessitates opening inbound NSG ports, which the scenario aims to avoid. Adding a public load balancer would expose the VMs to the internet, conflicting with the security requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an Azure Bastion host, and how does it work?
Open an interactive chat with Bash
Why is using Azure Bastion more secure than assigning public IPs to VMs?
Open an interactive chat with Bash
Can Azure Bastion be used across multiple virtual networks?
Open an interactive chat with Bash
Microsoft Azure Administrator Associate AZ-104
Configure and manage virtual networking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .