Home / Microsoft / AZ-100 / Question 75

Prev Question
Next Question

Question 75

You deploy a virtual network (VNet) named VNET01. VNET01 also has multiple subnets configured.

You have several virtual machines (VMs) connected to VNET01 subnets. You configure three network security groups (NSGs) named NSG01, NSG02 and NSG03. NSG01 is attached to VNET01. NSG02 and NSG03 are attached to different VMs.

Users experience some connectivity issues when they connect to the services hosted on the VMs.

You need to troubleshoot these connectivity issues. You need to identify the security rules that affect each VM.

Which two commands should you use in your script? Each correct answer presents a complete solution.





You need to list which effective security rules affect the traffic flow of the VMs. You can review the effective security rules by using the az network nic list-effective-nsg Azure CLI command or the Get-AzureRmEffectiveNetworkSecurityGroup PowerShell cmdlet. By using either, you could also review the effective security rules that the Azure portal uses. Also, both commands would allow you to review the effective security rules under support + troubleshooting section on each NIC for each VM.

You should not use the Get-AzureRmNetworkSecurityGroup cmdlet. This cmdlet gets an NSG object. You would use this object to make changes to the NSG.

You should not use the Get-AzureRmNetworkProfile cmdlet. You should use this cmdlet to retrieve a top-level network profile.

You should not use the az network nic show-effective-route-table command. This command is useful for getting the effective routing rules applied to a network interface, which also affect the communication flow.

You should not use the az network nic list command. You should use this command to list all the NICs in a resource group.



Load more
Prev Question
Next Question