- 3 views
Exam
Answer confirmed
Question
You have an Azure virtual machine named VM1 that runs Windows Server.
You need to configure the management of VM1 to meet the following requirements:
- Require administrators to request access to VM1 before establishing a Remote Desktop connection.
- Limit access to VM1 from specific source IP addresses.
- Limit access to VM1 to a specific management port.
What should you configure?
Proposed answer
- A. a network security group (NSG)
- B. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
- C. Microsoft Defender for Cloud
- D. Azure Front Door
Suggested answer
- C. Microsoft Defender for Cloud
Correct answer
The suggested answer is correct
syu31svc
Highly Voted 1 year, 8 months ago
Selected Answer: C
JIT lets you allow access to your VMs only when the access is needed, on the ports needed, and for the period of time needed C is correct
upvoted 5 times
formacaotismic
Most Recent 4 days, 1 hour ago
Selected Answer: C
Microsoft Defender for Cloud (formerly known as Azure Security Center) indeed provides a comprehensive solution that can meet all three requirements: Just-In-Time (JIT) VM Access: This feature allows you to require administrators to request access before establishing a Remote Desktop connection, enhancing security by reducing the attack surface. Network Security Group (NSG) Management: Defender for Cloud can help you manage NSGs to limit access to specific source IP addresses and ports, ensuring that only authorized traffic can reach your VM. So, the correct choice is: C. Microsoft Defender for Cloud This option effectively combines JIT access with NSG management to provide a robust security solution for your VM.
upvoted 1 times
Ksk08
2 weeks, 6 days ago
C. Microsoft Defender for Cloud This choice effectively meets all three requirements by allowing you to implement JIT access (requiring requests for RDP connections), manage IP restrictions through NSGs, and limit management port access securely.
upvoted 1 times
Krayzr
4 months, 1 week ago
Selected Answer: C
Microsoft Defender for Cloud’s Just-in-Time (JIT) VM access feature1 indeed meets all the requirements listed: It requires administrators to request access to VM1 before establishing a Remote Desktop connection. It allows you to limit access to VM1 from specific source IP addresses. It enables you to limit access to VM1 to a specific management port. So, the correct answer should be: C. Microsoft Defender for Cloud https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage
upvoted 3 times
gabmancuso
6 months ago
A&C? Not a double? Strange... None of them, alone, help us to achieve the goal. If forced to choose one opion only, I'd say C, but port? IP?
upvoted 1 times
SIAMIANJI
6 months, 3 weeks ago
Selected Answer: A
To meet the specified requirements, you should configure a network security group (NSG). NSGs allow you to filter network traffic to and from Azure resources, including virtual machines (VMs). You can define rules within the NSG to control inbound and outbound traffic based on source and destination IP addresses, as well as specific ports. Option A. a network security group (NSG) is the correct choice as it allows you to:
upvoted 1 times
skycrap
1 year, 5 months ago
Selected Answer: C
C is correct. Jit
upvoted 2 times
Telekon
1 year, 9 months ago
Selected Answer: B
https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
upvoted 3 times
Telekon
1 year, 9 months ago
I am wrong , C in this case is correct
upvoted 1 times
BryRob
1 year, 10 months ago
Selected Answer: C
Given answer is correct
upvoted 2 times
johosofat
2 years ago
Its C - look at the link Just in time access request is for Defender for the cloud - https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage?tabs=jit-config-asc%2Cjit-request-asc
upvoted 3 times
kijken
2 years ago
I would say B
upvoted 4 times