Your company plans to deploy several web servers and several database servers to Azure.
You need to recommend an Azure solution to limit the types of connections from the web servers to the database servers.
What should you include in the recommendation?
Click on the arrows to vote for the correct answer
A. B. C. D.A
A network security group works like a firewall. You can attach a network security group to a virtual network and/or individual subnets within the virtual network.
You can also attach a network security group to a network interface assigned to a virtual machine. You can use multiple network security groups within a virtual network to restrict traffic between resources such as virtual machines and subnets.
You can filter network traffic to and from Azure resources in an Azure virtual network with a network security group. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.
https://docs.microsoft.com/en-us/azure/virtual-network/security-overviewThe recommended Azure solution to limit the types of connections from the web servers to the database servers is network security groups (NSGs).
Explanation: Network security groups (NSGs) are Azure resources that allow the filtering of network traffic to and from Azure resources. NSGs contain a set of inbound and outbound security rules that allow or deny network traffic based on source and destination IP address, port, and protocol. NSGs can be associated with subnets, individual virtual machines, or network interfaces.
In this scenario, NSGs can be used to limit the types of connections from the web servers to the database servers by creating rules that only allow the necessary traffic between the two. For example, NSGs can be used to only allow traffic from the web servers to the database servers on the specific ports required by the database application, while denying all other traffic.
Azure Service Bus is a messaging service that allows communication between different applications and services, and is not relevant to limiting types of connections between web and database servers.
A local network gateway is used to connect on-premises infrastructure to Azure over a site-to-site VPN connection, and is not relevant to limiting types of connections between web and database servers.
A route filter is used to control routing of traffic between Azure subnets or between on-premises networks and Azure, and is not relevant to limiting types of connections between web and database servers.