ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 4 question 60 discussion

Actual exam question from Microsoft's AZ-500
Question #: 60
Topic #: 4
[All AZ-500 Questions]

You have an Azure subscription that contains a resource group named RG1 and a security group named ServerAdmins. RG1 contains 10 virtual machines, a virtual network named VNET1, and a network security group (NSG) named NSG1. ServerAdmins can access the virtual machines by using RDP.
You need to ensure that NSG1 only allows RDP connections to the virtual machines for a maximum of 60 minutes when a member of ServerAdmins requests access.
What should you configure?

  • A. an Azure policy assigned to RG1
  • B. a just in time (JIT) VM access policy in Microsoft Defender for Cloud
  • C. an Azure Active Directory (Azure AD) Privileged Identity Management (PIM) role assignment
  • D. an Azure Bastion host on VNET1
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Rume at July 1, 2021, 12:32 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
stonwall12
4 months, 2 weeks ago
Selected Answer: B
Answer: B, JIT VM access policy in Microsoft Defender for Cloud Reason: JIT VM access is designed specifically for this scenario - it allows you to lock down inbound traffic to your VMs, reducing exposure to attacks while providing easy access when needed. Reference: https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage
upvoted 1 times
...
ESAJRR
9 months, 2 weeks ago
Selected Answer: B
B. a just in time (JIT) VM access policy in Microsoft Defender for Cloud
upvoted 2 times
...
zellck
1 year, 1 month ago
Selected Answer: B
B is the answer. https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage#enable-jit-on-your-vms-from-microsoft-defender-for-cloud For each port, you can set the: - Protocol - The protocol that is allowed on this port when a request is approved - Allowed source IPs - The IP ranges that are allowed on this port when a request is approved - Maximum request time - The maximum time window during which a specific port can be opened
upvoted 3 times
...
majstor86
1 year, 4 months ago
Selected Answer: B
B. a just in time (JIT) VM access policy in Microsoft Defender for Cloud
upvoted 1 times
...
ligu
1 year, 4 months ago
Just-in-time (JIT) is correct
upvoted 1 times
...
Amit3
1 year, 9 months ago
# In EXAM - 01-Oct-2022, 1 Case Study (6 Ques), No Labs, Plus 44 Ques.
upvoted 3 times
...
Eltooth
2 years, 3 months ago
Selected Answer: B
B is correct answer.
upvoted 1 times
...
bur88
2 years, 3 months ago
Selected Answer: B
B is correct answer. JIT can limit the time admins can access the servers. https://docs.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage?tabs=jit-config-asc%2Cjit-request-asc
upvoted 1 times
...
subhuman
2 years, 4 months ago
Selected Answer: B
The answer is Correct
upvoted 1 times
...
Siwel72
2 years, 5 months ago
Selected Answer: B
Article URL now updated, JIT it is...... https://docs.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-overview
upvoted 1 times
...
[Removed]
2 years, 6 months ago
Selected Answer: B
B is correct
upvoted 1 times
...
SecurityAnalyst
2 years, 10 months ago
# IN EXAM - 31/8/2021
upvoted 3 times
...
thienvupt
3 years ago
Correct answer
upvoted 3 times
...
Rume
3 years ago
Given answer is correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel