ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 3 question 8 discussion

Actual exam question from Microsoft's AZ-500
Question #: 8
Topic #: 3
[All AZ-500 Questions]

SIMULATION -
You need to ensure that only devices connected to a 131.107.0.0/16 subnet can access data in the rg1lod1234578 Azure Storage account.
To complete this task, sign in to the Azure portal.

Show Suggested Answer Hide Answer
Suggested Answer: See the explanation below.
Step 1:
1. In Azure portal go to the storage account you want to secure. Here: rg1lod1234578
2. Click on the settings menu called Firewalls and virtual networks.
3. To deny access by default, choose to allow access from Selected networks. To allow traffic from all networks, choose to allow access from All networks.
4. Click Save to apply your changes.
Step 2:
1. Go to the storage account you want to secure. Here: rg1lod1234578
2. Click on the settings menu called Firewalls and virtual networks.
3. Check that you've selected to allow access from Selected networks.
4. To grant access to a virtual network with a new network rule, under Virtual networks, click Add existing virtual network, select Virtual networks and Subnets options. Enter the 131.107.0.0/16 subnet and then click Add.
Note: When network rules are configured, only applications requesting data over the specified set of networks can access a storage account. You can limit access to your storage account to requests originating from specified IP addresses, IP ranges or from a list of subnets in an Azure Virtual Network (VNet).
Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security
by JohnyDoo at May 2, 2022, 4:02 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
F117A_Stealth
Highly Voted 2 years, 4 months ago
Go to the storage account Under "Security + networking" SELECT "Networking" Select "Firewalls and virtual networks" on the top (next to Custom domain) Under Public network access, CHOOSE the "Enable from selected virtual network and IP addresses RADIO button Under "Virtual networks" add existing virtual network add the network with the CIDR.
upvoted 12 times
...
JohnyDoo
Highly Voted 2 years, 10 months ago
I dont think it is correct. It should be configured under Firewall section not Virtual Network section
upvoted 6 times
...
Anil512
Most Recent 3 days, 7 hours ago
RG >> Storage Account >> Security + Networking >> Networking >> Firewall and Virtual Networks >> Enable from selected virtual networks and IP addresses >> Address Range ... CIDR IP block ...
upvoted 1 times
...
Viggy1212
5 months, 1 week ago
131.107.0.0/16 is public address space and we are adding this under Vnet. Wondering how it is possible.
upvoted 1 times
...
91743b3
7 months, 1 week ago
On exam Aug 6 2024
upvoted 2 times
...
rosef
1 year, 3 months ago
Answer is not completely correct. Last step must be performed under Firewall section. Go to the storage account Under "Security + networking" SELECT "Networking" Select "Firewalls and virtual networks" on the top (next to Custom domain) Under Public network access, CHOOSE the "Enable from selected virtual network and IP addresses RADIO button Under "Virtual networks" add existing virtual network add the network with the CIDR.
upvoted 1 times
...
gbx077
1 year, 11 months ago
# Exam question March 24, 2023
upvoted 3 times
...
Amit3
2 years, 5 months ago
Firewall and Virtual Network section of Networking in Storage Account.
upvoted 4 times
koreshio
2 years, 4 months ago
yup, this is correct.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago