ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-700 All Questions

View all questions & answers for the AZ-700 exam
Go to Exam

Exam AZ-700 topic 5 question 29 discussion

Actual exam question from Microsoft's AZ-700
Question #: 29
Topic #: 5
[All AZ-700 Questions]

HOTSPOT
-

You have an Azure subscription that contains the resources shown in the following table.



You need to restrict access to storage1 and sql1 by using service endpoints. The solution must meet the following requirements:

• Allow access from Subnet1 to SQLDB1.
• Implement service endpoint policies to restrict access to supported resources.
• Allow access from Subnet1 to storage1 and the read-only replica of storage1 in the paired Azure region.

What is the minimum number of service endpoints and service endpoint policies you should create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by wds at April 1, 2024, 5:04 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
matanzpl
Highly Voted 1 year ago
Service Endpoint: 2 - Storage and SQL SE Policies: 1 - just for Storage SE
upvoted 15 times
LieJ0n
1 year ago
agreed!
upvoted 1 times
0af6e8e
4 months ago
I spended some time on this but i cant create a Service Endpoint Policie to restrict access from a vnet to a SQL server instance. I only can create a Service Endpoint Policy to restrict access to storage accounts... I can create a Service Endpoint for SQL, so all traffic is routed trough the MS backbone. So the answer should be 2 -1 in my opinion?
upvoted 1 times
...
...
...
Sergovladi
Most Recent 2 months, 3 weeks ago
2 service endpoints: 1 for Storage and 1 for SQL 1 service endpoint policy: you can configure different destinations and apply 1 policy to multiple endpoint and subnets
upvoted 1 times
...
bobothewiseman
3 months ago
•2 Service Endpoints: 1 for Azure Storage, 1 for Azure SQL. •1 Service Endpoint Policy: For Azure Storage.
upvoted 1 times
...
Andrewwfw
9 months, 2 weeks ago
I believe the correct answer should be 3 & 1 Service Endpoint 3 (sql1 and storage1 in East US, storage1 in West US) Service Endpoint Policy 2 (storage in East US, storage in West US) Reasons: Virtual networks must be in the same region as the service endpoint policy. (You need 2 policies in the 2 regions for storage accounts) Azure SQL Server does not support service endpoint policies (Only Azure SQL Managed Instance does)
upvoted 1 times
Andrewwfw
9 months, 2 weeks ago
Correction, 1. Now we have Azure Storage cross-region service endpoints 2. You dont need a second policy for the second region: "RA-GRS secondary access is automatically allowed if the primary account is listed." https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-service-endpoint-policies-overview Then answer should be 2 & 1
upvoted 6 times
rilanc24
3 months, 4 weeks ago
I think we need 3 Service Endpoint, 1 - Storage 2- Storage Cross Region and 3 - SQL Local and cross-region service endpoints can't coexist on the same subnet. To replace existing service endpoints with cross-region ones, delete the existing Microsoft.Storage endpoints and re-create them as cross-region endpoints (Microsoft.Storage.Global).
upvoted 1 times
...
...
...
AlainChk
10 months ago
We need a second SE Policy to restrict access for SQLDB1. So that makes: 2 SE (Storage and SQL) 2 SE Policies (Storage1 and SQL)
upvoted 2 times
...
Avanade2023
1 year ago
Service endpoint: 3 (sql1 and storage1 in East US, storage1 in West US) service endpoint policy: 3 (sql1 and storage1 in East US, storage1 in West US)
upvoted 1 times
...
wds
1 year ago
Correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago