Which solution should be included to secure virtual machines comprehensively?

Disable ads (and more) with a premium pass for a one time $4.99 payment

Master the Microsoft Cybersecurity Architect Expert exam with our comprehensive SC-100 quiz. Learn with detailed questions, explanations, and get exam-ready with expert insights!

Including an Azure Bastion host in your security architecture for virtual machines provides a secure and seamless way to connect to your virtual machines via the Azure portal. Azure Bastion is a fully managed platform service that allows you to securely connect to your virtual machines through SSL without exposing them to the public internet. This approach eliminates the need for a public IP address on your VMs, minimizing the attack surface significantly.

By using the Azure Bastion host, you can enforce secure administrative access, which mitigates the risks associated with RDP (Remote Desktop Protocol) and SSH (Secure Shell) connections. This solution ensures that all connections to your virtual machines are initiated through a secure, encrypted connection, while also protecting the virtual machines from exposure to potential threats that come from open ports on the internet.

The other listed options, while they provide important security capabilities, do not offer the same level of secure access to VMs. Network Security Groups are essential for filtering network traffic to and from Azure resources, but they do not provide direct access to VMs. A Virtual Network Gateway is used for connecting on-premises networks to Azure through a VPN or ExpressRoute, but again does not facilitate access to the VMs themselves. Azure Firewall provides network-level protections and traffic management,

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy