Microsoft Azure Security Engineer Associate AZ-500 Practice Question
You have an Azure App Service web app named ContosoWeb that shares an Azure region with a virtual network (VNet) connected to your on-premises network by a site-to-site VPN. ContosoWeb must call an on-premises REST API over private IP addresses through the VPN tunnel, while the web app must remain publicly accessible from the internet. Which networking feature should you configure first to satisfy the requirement?
Assign an Azure NAT Gateway to control the outbound traffic of ContosoWeb.
Enable regional VNet Integration for ContosoWeb and attach it to a subnet in the VNet.
Create a private endpoint for ContosoWeb in the VNet.
Enable a service endpoint for Azure App Service on the VNet subnet.
Regional VNet Integration allows an App Service app to send outbound traffic into a selected subnet in an Azure virtual network. From that subnet, the traffic follows the VNet's routing table and can traverse a site-to-site VPN gateway to reach on-premises resources by using private IP addresses. The feature does not change the app's public inbound accessibility. A private endpoint secures inbound access but does not affect outbound flows. An Azure NAT Gateway only standardizes public egress IP addresses and does not route traffic through the VPN. Service endpoints do not enable outbound connectivity from App Service to a VNet or to on-premises networks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Regional VNet Integration for Azure App Services?
Open an interactive chat with Bash
Why doesn’t a private endpoint solve the requirement for ContosoWeb?
Open an interactive chat with Bash
How does a site-to-site VPN enable communication between Azure and on-premises resources?
Open an interactive chat with Bash
Microsoft Azure Security Engineer Associate AZ-500
Secure networking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .