ExpertHard1 markMultiple Choice
AZ-305 · Question 54 · Domain 4.4: Design Network Solutions
You are designing the security architecture for an Azure Storage Account.
The Storage Account must only be accessible from a specific subnet within your Azure Virtual Network. Furthermore, the traffic must not traverse the public internet, and the Storage Account must be assigned a private IP address from your VNet so it can be accessed via an ExpressRoute connection from on-premises.
Which TWO components are required to meet these requirements? (Select TWO)
You are designing the security architecture for an Azure Storage Account.
The Storage Account must only be accessible from a specific subnet within your Azure Virtual Network. Furthermore, the traffic must not traverse the public internet, and the Storage Account must be assigned a private IP address from your VNet so it can be accessed via an ExpressRoute connection from on-premises.
Which TWO components are required to meet these requirements? (Select TWO)
Answer options:
A.
Azure Service Endpoints
B.
Azure Private Endpoint
C.
Azure Private DNS Zone
D.
Azure NAT Gateway
E.
Azure Bastion
How to approach this question
Requirement: 'assigned a private IP address'. This means Private Link/Endpoint, not Service Endpoints. Private Endpoints require DNS resolution.
Full Answer
Azure Private Link (via Private Endpoints) assigns a private IP address from your VNet to the Azure Storage Account. This ensures traffic stays entirely on the private network and allows on-premises resources to access it via VPN/ExpressRoute. To ensure applications can still connect using the storage account's URL, an Azure Private DNS Zone is required to override the public DNS resolution and point to the private IP.
Common mistakes
Selecting Service Endpoints. Service Endpoints optimize routing but do not give the PaaS service a private IP address, meaning on-premises resources cannot easily access it over ExpressRoute.
Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 4
55 questions · hints · full answers · grading
More questions from this exam
Q01CASE STUDY: Tailspin Toys
Tailspin Toys is a global manufacturing company with 50,000 employees ...MediumQ02CASE STUDY: Tailspin Toys
Tailspin Toys is a global manufacturing company with 50,000 employees ...MediumQ03CASE STUDY: Tailspin Toys
Tailspin Toys is a global manufacturing company with 50,000 employees ...HardQ04CASE STUDY: Tailspin Toys
Tailspin Toys is a global manufacturing company with 50,000 employees ...MediumQ05CASE STUDY: Tailspin Toys
Tailspin Toys is a global manufacturing company with 50,000 employees ...Hard