WGU D084 General Study Guide
1. Question :
The Azure Virtual Machines are deployed on a virtual network. The hostnameis
defined for all the virtual machines. It is required to perform a DNS query to
find the virtual machine as it resolves the hostname to IP. DNS queries should be
internal to the virtual network. Which component should be used?: Azure
Provided DNS
2. What is the correct CLI command to view DNS records?
A
az dns record-set list --zone-name sampleref.com network
B
az dns network record-set list --zone-name sampleref.com
C
az record- dns network set list --zone-name sampleref.com
,D
az network dns record-set list --zone-name sampleref.com: D az
network dns record-set list --zone-name sampleref.com
3. Custom DNS settings can be configured at the VNet level, and the network
interface level, but not at the level.: subnet level.
To use specific settings for an individual subnet, you must configure those
settingson each network interface in the subnet.
4. NSG Rule priority ranges: Priority values start from 100 and go to 4096
(andfrom 65001 to 65003 for default rules).
5. IRT NSGs what are service tags?: Service tags are used in NSG rules as a
quick and reliable way of creating rules that control traffic to each service.
Typically,they are used in outbound rules to control which other Azure
services the VMs ina VNet can or cannot access.
6. what are the default NSG rules and their priorities?: Virtual network:
Traffic originating and ending in a virtual network is allowed both in inbound
and outbounddirections.
,Internet : Outbound traffic is allowed, but inbound traffic is blocked.
, Load balancer: Allows Azure load balancer to probe the health of your VMs
and role instances. If you are not using a load balanced set, you can override
this rule.
Inbound:
AllowVNetInBound 65000
AllowAzureLoad BalancerInBound 65001
DenyAllInBound 65500
Outbound:
AllowVNet OutBound 65000
AllowInternet OutBound 65001
DenyAllOutBound 65500
7. caveat regarding the NSG Load Balancer security rule: The Load Balancer
default rule uses the AzureLoadBalancer service tag. This applies only to
Azure load balancer health probes, which originate at the load balancer. It does
not applyto traffic received through the load balancer, which retain their
original source IP address and port.
8. What is an application security group (ASG): Application security groups
enable you to configure network security as a natural extension of an
application'sstructure, allowing you to group virtual machines and define
1. Question :
The Azure Virtual Machines are deployed on a virtual network. The hostnameis
defined for all the virtual machines. It is required to perform a DNS query to
find the virtual machine as it resolves the hostname to IP. DNS queries should be
internal to the virtual network. Which component should be used?: Azure
Provided DNS
2. What is the correct CLI command to view DNS records?
A
az dns record-set list --zone-name sampleref.com network
B
az dns network record-set list --zone-name sampleref.com
C
az record- dns network set list --zone-name sampleref.com
,D
az network dns record-set list --zone-name sampleref.com: D az
network dns record-set list --zone-name sampleref.com
3. Custom DNS settings can be configured at the VNet level, and the network
interface level, but not at the level.: subnet level.
To use specific settings for an individual subnet, you must configure those
settingson each network interface in the subnet.
4. NSG Rule priority ranges: Priority values start from 100 and go to 4096
(andfrom 65001 to 65003 for default rules).
5. IRT NSGs what are service tags?: Service tags are used in NSG rules as a
quick and reliable way of creating rules that control traffic to each service.
Typically,they are used in outbound rules to control which other Azure
services the VMs ina VNet can or cannot access.
6. what are the default NSG rules and their priorities?: Virtual network:
Traffic originating and ending in a virtual network is allowed both in inbound
and outbounddirections.
,Internet : Outbound traffic is allowed, but inbound traffic is blocked.
, Load balancer: Allows Azure load balancer to probe the health of your VMs
and role instances. If you are not using a load balanced set, you can override
this rule.
Inbound:
AllowVNetInBound 65000
AllowAzureLoad BalancerInBound 65001
DenyAllInBound 65500
Outbound:
AllowVNet OutBound 65000
AllowInternet OutBound 65001
DenyAllOutBound 65500
7. caveat regarding the NSG Load Balancer security rule: The Load Balancer
default rule uses the AzureLoadBalancer service tag. This applies only to
Azure load balancer health probes, which originate at the load balancer. It does
not applyto traffic received through the load balancer, which retain their
original source IP address and port.
8. What is an application security group (ASG): Application security groups
enable you to configure network security as a natural extension of an
application'sstructure, allowing you to group virtual machines and define
