Microsoft Azure Administrator Associate AZ-104 Practice Question
You manage virtual machines (VMs) in Azure that reside within a private virtual network and are not accessible from the internet. Administrators need to connect to these VMs remotely for maintenance purposes. You need to provide secure, seamless remote connectivity to these VMs without exposing them to the internet or requiring a virtual private network connection.
What should you implement?
Assign public addresses to the VMs and restrict access using Network Security Groups (NSGs)
Set up a site-to-site connection for administrators to access the VMs
Implement Azure Firewall to permit remote management traffic
Deploy an Azure Bastion host in the virtual network
You should deploy an Azure Bastion host in the virtual network. Azure Bastion provides secure remote connectivity to all VMs within the virtual network over SSL using the Azure portal. It allows administrators to access the VMs through the Azure portal without exposing the VMs to the public internet or requiring a VPN connection. This ensures that your VMs remain private while still allowing necessary remote management.
A site-to-site connection is incorrect because it involves configuring a VPN, which the requirements state should be avoided. Assigning public addresses to the VMs is not recommended because this exposes them to the internet, increasing security risks, even if Network Security Groups (NSGs) are used to restrict access. Implementing Azure Firewall is incorrect because it is designed for filtering and controlling network traffic; it does not directly provide a remote connectivity solution for managing VMs in the manner described.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Azure Bastion?
Open an interactive chat with Bash
How does Azure Bastion enhance security compared to public IPs?
Open an interactive chat with Bash
Can Azure Bastion be used with multiple virtual networks?
Open an interactive chat with Bash
Microsoft Azure Administrator Associate AZ-104
Configure and manage virtual networking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .