Microsoft Azure Security Engineer Associate AZ-500 Practice Question
Your team wants to detect whether any VM in subnet-prod is opening outbound connections to unapproved IP addresses. All VMs are protected by a single network security group named nsg-prod. You must collect logs of every allowed and denied outbound flow with source and destination information for later analysis in Log Analytics. Which Network Watcher feature should you enable?
Set up Connection Monitor between the VMs and the unapproved IP ranges.
Run IP flow verify for outbound traffic from each VM.
Enable NSG flow logs on nsg-prod.
Configure a packet capture session on each VM's network interface.
Network Security Group (NSG) flow logs, a Network Watcher feature, capture metadata for every allowed or denied flow that passes through an NSG and store the data in JSON format for further aggregation in services such as Traffic Analytics or Log Analytics. Packet capture records full packet payloads and is typically scoped per NIC and used for short-term troubleshooting, not continuous monitoring. IP flow verify provides an on-demand yes/no reachability test for a single flow and does not generate continuous logs. Connection monitor measures end-to-end connectivity and latency for specified endpoints but does not log every flow traversing the NSG. Therefore, enabling NSG flow logs on nsg-prod best meets the requirement.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Network Security Group (NSG) flow logs in Azure?
Open an interactive chat with Bash
How do NSG flow logs compare to packet capture?
Open an interactive chat with Bash
How are NSG flow logs integrated with Azure Log Analytics?
Open an interactive chat with Bash
Microsoft Azure Security Engineer Associate AZ-500
Secure networking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .