Design and implement private access to Azure services Questions
Practice questions for Design and implement private access to Azure services topic in Microsoft Certified: Azure Network Engineer Associate. 27 questions covering this domain.
An application already connects to a storage account by its normal FQDN. After a private endpoint is created, the team wants the same application conn...
You want to publish your own service privately to consumers in Azure by placing it behind a Standard Load Balancer. Which Azure feature enables this d...
A subnet must access Azure Storage over the Azure backbone while the storage account continues to use its public endpoint and DNS name. Which feature ...
A team wants to access a specific Azure PaaS resource from peered virtual networks and from on-premises over VPN or ExpressRoute private peering while...
A consumer wants to connect to a provider's Private Link service by using an alias but doesn't have permissions on the provider resource. What happens...
What Azure resource is created in your virtual network when you deploy a private endpoint?
Which Azure Private DNS zone name is used by private endpoints for Azure Blob Storage in Azure public cloud?
An organization wants to allow a subnet to reach a specific list of storage accounts only when using a service endpoint, blocking access to other stor...
A team must inspect traffic from clients to a private endpoint with Azure Firewall. Which configuration is required?
Who pays for and operates a Private Link Service used to publish a service privately to consumers?
A subnet must reach Azure Storage privately so even traffic from on-prem (over ExpressRoute private peering) hits the Azure backbone using the storage...
An app uses a private endpoint to a SQL Database. The team peers a second region's VNet into the same hub and wants the same FQDN to resolve to the pr...
A consumer subscribes to a third-party service via a private endpoint using the provider's alias. They must approve the private endpoint connection st...
An organization has private endpoints for Azure Storage in a hub VNet and wants VMs in spoke VNets (peered to hub) and on-premises clients (via Expres...
An organization wants to prevent VMs in their VNet from accessing Azure Storage accounts outside an approved list, even with internet access. Service ...
Which DNS zone name is used for private endpoints connecting to Azure SQL Database (logical SQL server) in the Azure public cloud?
Which Azure resource creates a private IP address in your VNet's subnet that maps to a specific Azure PaaS resource instance, enabling private connect...
A service endpoint is configured on subnet-A for Azure Storage. A VM in subnet-B in the same VNet cannot reach the storage account. What is the explan...
A security team requires on-premises DNS queries for Azure private endpoints (privatelink.database.windows.net) to resolve to private IPs, while all o...
A Private Link Service is behind an internal Standard Load Balancer. A consumer in another subscription connects via alias and the private endpoint st...
Sign in to see all 27 questions
Create a free account to browse all questions — completely free during our launch phase.