You are an Azure administrator at a company that is migrating its on-premises applications to Azure. The company has strict regulatory requirements that only allow data access from its headquarters, which are located at a specific IP address range. The applications will use Azure Blob Storage for data storage.QuestionTo meet compliance requirements, which of the following should you configure to ensure that only traffic from the company's headquarters can access the Azure Blob Storage?A. Configure a service endpoint between the headquarters' virtual network and Azure Blob Storage.B. Implement Azure Entra Identity Governance for conditional access based on IP location.C. Set up a Network Security Group (NSG) with a rule allowing access only from the headquarters’ IP range.D. Apply an IP restriction rule in the Firewalls and virtual networks settings on the Azure Blob Storage account.
Question
You are an Azure administrator at a company that is migrating its on-premises applications to Azure. The company has strict regulatory requirements that only allow data access from its headquarters, which are located at a specific IP address range. The applications will use Azure Blob Storage for data storage.QuestionTo meet compliance requirements, which of the following should you configure to ensure that only traffic from the company's headquarters can access the Azure Blob Storage?A. Configure a service endpoint between the headquarters' virtual network and Azure Blob Storage.B. Implement Azure Entra Identity Governance for conditional access based on IP location.C. Set up a Network Security Group (NSG) with a rule allowing access only from the headquarters’ IP range.D. Apply an IP restriction rule in the Firewalls and virtual networks settings on the Azure Blob Storage account.
Solution
D. Apply an IP restriction rule in the Firewalls and virtual networks settings on the Azure Blob Storage account.
Here are the steps to do this:
- Navigate to the Azure portal and sign in with your Azure account.
- In the left-hand menu, click on "Storage accounts".
- Select the storage account you want to secure.
- In the storage account window, click on "Firewalls and virtual networks".
- Under the "Firewall" section, select "Selected networks".
- In the "IP address range" field, enter the IP range of your company's headquarters.
- Click "Save" to apply the changes.
This will ensure that only traffic from the specified IP range (i.e., your company's headquarters) can access the Azure Blob Storage.
Similar Questions
You need to recommend an Azure Blob storage access tier for infrequently accessed data. The solution must meet the following requirements:Ensure the data is available for immediate accessMinimizes the cost to store the dataWhich access tier should you recommend?Select only one answer.ArchiveCoolColdHotNextEnglish (United States)Your Privacy ChoicesTheme
What does Azure Storage's global reach refer to?Access controlIntegration with on-premises serversAbility to store and access data from multiple Azure regionsData encryption
You are implementing Azure network security and want to configure a feature that inspects and filters network traffic. You also want to be able to deny or allow various traffic types.What Azure security feature should you implement?
The Azure Blob Storage product houses large amounts of unstructured data such as images, audio, video, and text.Which of the following is Blob Storage often used for? (Select three.)answerProtection from datacenter failuresA high level of availabilityProtection against regional disastersBackup and disaster recovery dataStreaming videoFiles that need distributed accessA large number (potentially thousands) of virtual machinesI want to review this question later. (Optional)
Your company has an Azure DevOps environment that can only be accessed by Azure Active Directory users.You are instructed to make sure that the Azure DevOps environment can only be accessed from devices connected to the company's on-premises network.Which of the following actions should you take?A. Assign the devices to a security group.B. Create a GPO.C. Configure Security in Project Settings from Azure DevOps.D. Configure conditional access in Azure Active Directory.
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.