ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 6 question 29 discussion

Actual exam question from Microsoft's AZ-500
Question #: 29
Topic #: 6
[All AZ-500 Questions]

HOTSPOT
-

You have an Azure subscription that contains a virtual machine named VM1.

You have a network security group (NSG) named NSG1 that is associated to the network interface of VM1 and is configured as shown in the following exhibit.



Just-in-time (JIT) VM access is enabled on VM1 and has the following configurations:

• Management ports: 3389, 22
• Maximum time range: 3 hours
• Allowed source IP addresses: Any

You activate the JIT rule and connect to VM1 by using SSH.

For each of the following statements, select Yes if the statement is true, otherwise select No.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by BeginLearningforPP at Sept. 7, 2024, 12:57 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
randy0077
1 month ago
Answer YNN: https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-overview?tabs=defender-for-container-arch-aks#:~:text=Connections%20that%20are%20already%20established%20aren%27t%20interrupted.
upvoted 1 times
...
Hot_156
1 month, 4 weeks ago
N - JIT are usually created with priority 100. However, if the RDP have priority 100 then JIT would not replace this. N - Session is open until the time is gone N - "Connections that are already established aren't interrupted." Check the link "https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-overview?tabs=defender-for-container-arch-aks"
upvoted 2 times
...
BeginLearningforPP
7 months, 3 weeks ago
Answers are No No Yes
upvoted 4 times
Viggy1212
6 months, 4 weeks ago
For #1, If other rules already exist for the selected ports, then those existing rules take priority over the new "deny all inbound traffic" rules. If there are no existing rules on the selected ports, then the new rules take top priority in the NSG and Azure Firewall. Source https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-overview?tabs=defender-for-container-arch-aks Answer : Yes
upvoted 4 times
cerifyme85
6 months, 1 week ago
Takes priority over "deny" not "allow"-- NO
upvoted 2 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago