https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-nsg-manage-log
The question is asking to enable logging to collect rules applies to traffic that got blocked or allow.
Answer is C. Azure Resource Log
"A network security group (NSG) includes rules that allow or deny traffic to a virtual network subnet, network interface, or both.
When you enable logging for an NSG, you can gather the following types of resource log information:
Event: Entries are logged for which NSG rules are applied to virtual machines, based on a MAC address.
Rule counter: Contains entries for how many times each NSG rule is applied to allow or deny traffic. The status for these rules is collected every 300 seconds."
I stand corrected - -> the correct answer is Flow Log as we just want to identify the application logs that got the NGS rules. We don't need the diagnose in-depth data.
It's for the "application" of the NSG rules. Which would be Azure Resource Logs. It's not asking for traffic flow... It's asking about knowing when or who applied an NSG which would be resource logs. Don't be fooled by the trick wording here.
Should be C.
Keyword- the question is asking "the specific NSG Rules"!
Flow log only gives allow or deny by a NSG, but not tell which rule under NSG hit.
Flow logs is correct.
-----------------------
Identify unknown or undesired traffic.
Monitor traffic levels and bandwidth consumption.
Filter flow logs by IP and port to understand application behavior.
Export flow logs to analytics and visualization tools of your choice to set up monitoring dashboards.
https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-overview#common-use-cases
==================
Azure resource logs are platform logs that provide insight into operations that are performed in an Azure resource.
https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/resource-logs
I don't think you need something fancy here, just port and protocol to identify the application logs with trhe regular Azure NSG flow logs.
https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-overview#common-use-cases
Common use cases:
Filter flow logs by IP and port to understand application behavior.
Flow logs collects ingress/egress IP packets which flows through your NSG (primary objective is to analyze network traffic).
Azure Resource logs provides Diagnostics log as it contains higher-level abstraction of log entity i.e. they provide log details are tenant/resource group (or resources) scope.
Flow logs is the correct answer since we need to ensure the application of the NSG rules. We don't need to diagnose in details.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.AZ-700 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
e6d6bf4
Highly Voted 4 months, 3 weeks agoe6d6bf4
3 months, 3 weeks agomarcin1999
Most Recent 1 week, 3 days agoITrob523
2 weeks agotc0369
2 weeks, 6 days agogaurav4101
3 months, 3 weeks agomanhattan
4 months agoalexastein
4 months agoashaw20
4 months, 1 week ago