Home / Microsoft / AZ-900 / Question 102

You have an Azure subscription that contains the resources in the following table.

***

Name: VNet1,??????????????????Type: Virtual network,????????Details: Not applicable

Name: Subnet1,????????????????Type: Subnet,?????????????????Details: Hosted on VNet1

Name: VM1,????????????????????Type: Virtual machine,????????Details: On Subnet1

Name: VM2,????????????????????Type: Virtual machine,????????Details: On Subnet1

***

VM1 and VM2 are deployed from the same template and host line-of-business applications accessed by using Remote Desktop.

You need to prevent users of VM2 and VM2 from accessing websites on the Internet over TCP port 80.

What should you do?

• A. Change the DenyWebSites outbound security rule.

• B. Change the Port_80 inbound security rule.

• C. Disassociate the NSG from a network interface.

• D. Associate the NSG to Subnet1.

You can associate or dissociate a network security group from a network interface or subnet.

The NSG has the appropriate rule to block users from accessing the Internet. We just need to associate it with Subnet1.

Create, change, or delete a network security group