Exam-Answer

Home / Microsoft / AZ-100 / Question 74

Prev Question
Next Question

Question 74

You deploy a virtual network (VNet) named VNET01. You deploy several virtual machines (VMs) connected to VNET01.

You configure a new service on VM01, which is one of the VMs connected to VNET01.

You need to allow inbound traffic to TCP port 992. You decide to create a network security group named NSG01 and attach it to the primary NIC of VM01.

Which PowerShell cmdlet should you use?

Answers



A B C D

Advertisement

Explanation

You should use the Set-AzureRmNetworkInterface cmdlet. This cmdlet modifies the NIC configured for a VM. To make this association, you should use a script similar to the following:

$nic = Get-AzureRmNetworkInterface -ResourceGroupName "RG01" -Name "primary NIC of VM01"

$nsg = Get-AzureRmNetworkSecurityGroup -ResourceGroupName "RG01" -Name "NSG01"

$nic.NetworkSecurityGroup = $nsg

$nic | Set-AzureRmNetworkInterface

You should not use the Set-AzureRmVirtualNetworkSubnetConfig cmdlet. This cmdlet is used to associate an NSG to a VNet.

You should not use the Set-AzureRmNetworkSecurityGroup cmdlet. You use this cmdlet when you need to save the changes that you made to an object that represents an NSG, for example, when you add an additional security rule.

You should not use the Set- AzureRmNetworkSecurityRuleConfig cmdlet. You use this cmdlet when you need to save the changes that you made to an object that represents a security rule. For example, you would use it when you want to change the access for a security rule from Allow to Deny.

References

Comments

Load more
Prev Question
Next Question