Practice Test
True or False: Azure Bastion is a fully managed PaaS service that provides secure and seamless RDP and SSH access to your virtual machines.
- True
- False
Answer: True
Explanation: Azure Bastion is indeed a fully managed PaaS service that provides secure and seamless RDP and SSH access directly from the Azure portal.
What is Azure Bastion Host?
- a) A subnet in your VNet
- b) A type of VPN
- c) A database engine
- d) A Azure backup server
Answer: A
Explanation: An Azure Bastion host is a fully managed PaaS service that you provision inside your virtual network. It provides secure RDP and SSH access to your VMs.
True or False: Azure Bastion supports only RDP for Windows VMs and not SSH for Linux VMs.
- True
- False
Answer: False
Explanation: Azure Bastion supports both RDP for Windows VMs and SSH for Linux VMs, providing comprehensive access and management capabilities.
In which Azure service can you find Azure Bastion?
- a) Virtual Machines
- b) Security Center
- c) Azure Active Directory
- d) Networking
Answer: D
Explanation: To implement Azure Bastion, you would navigate to the Azure portal, then to the Networking section where you can find Azure Bastion.
True or False: You don’t need to assign a public IP address to your VM to connect using Azure Bastion.
- True
- False
Answer: True
Explanation: Azure Bastion provides secure and seamless RDP/SSH connectivity to your virtual machines directly in the Azure portal over SSL, so you don’t need to assign a public IP address to your VM.
Using Azure Bastion, can you maintain a high level of security without exposing your Virtual Network to the public internet?
- a) Yes
- b) No
Answer: A
Explanation: Azure Bastion Host helps you to securely connect to a VM using a browser and the Azure portal, allowing you to maintain a high level of security without opening more ports on your virtual machines, and therefore limiting exposure to the public internet.
True or False: Azure Bastion is available in all Azure regions.
- True
- False
Answer: False
Explanation: As of now, Azure Bastion is not available in all Azure regions.
Can you use Azure Bastion with peered virtual networks?
- a) Yes
- b) No
Answer: A
Explanation: Yes, you can use Azure Bastion Host with peered virtual networks to enable secure administrative access to virtual machines across networks.
True or False: Azure Bastion can be used with both Windows and SQL Server.
- True
- False
Answer: False
Explanation: Azure Bastion is primarily for managing virtual machines, providing RDP and SSH access. It is not primarily designed for use with services like SQL Server.
What is the name of the subnet that Azure Bastion uses?
- a) Azure Virtual Network
- b) BastionSubnet
- c) BastionHost
- d) Azure Bastion Subnet
Answer: B
Explanation: The subnet that Azure Bastion uses must be named “BastionSubnet”. This subnet must be at least /27 or larger.
True or False: Azure Bastion requires an Azure ExpressRoute or VPN connection.
- True
- False
Answer: False
Explanation: Azure Bastion does not require an Azure ExpressRoute or VPN connection. You can use Azure Bastion directly from the Azure portal.
Is it possible to integrate Azure Bastion host with Azure Private Link?
- a) Yes
- b) No
Answer: A
Explanation: The integration of Azure Bastion with Azure Private Link allows internal users to access Azure Bastion over a private endpoint in their virtual network.
True or False: Azure Bastion doesn’t support multi-factor authentication (MFA).
- True
- False
Answer: False
Explanation: Azure Bastion does support multi-factor authentication (MFA) providing an additional layer of security during the authentication process.
Is Azure Bastion highly available on its own, or do you need to create more than one within the same Azure region for availability?
- a) Highly available on its own
- b) Requires more than one for availability
Answer: A
Explanation: Azure Bastion is a PaaS service built inside of Azure, and it is highly available on its own. You do not need to create multiple bastion hosts for availability.
Which protocol does Azure Bastion use to connect to servers?
- a) SSL
- b) FTP
- c) SCP
- d) SFTP
Answer: A
Explanation: Azure Bastion utilizes Secure Sockets Layer (SSL) protocol to connect to servers via RDP/SSH.
Interview Questions
What is Azure Bastion?
Azure Bastion is a fully managed PaaS service that provides secure and seamless RDP and SSH access to your virtual machines directly through the Azure Portal.
What are the benefits of using Azure Bastion?
Azure Bastion provides secure and seamless RDP/SSH connectivity to your virtual machines directly in the Azure portal over SSL. When you connect via Azure Bastion, your virtual machines do not need a public IP address.
How can I implement Azure Bastion?
Azure Bastion is a PaaS service that you provision within your virtual network. It provides secure RDP and SSH access to your virtual machines directly through the Azure portal.
How does Azure Bastion work?
Azure Bastion works by deploying a VM in your virtual network with the role of a ‘jump-server’. This VM is locked down without public IP and is accessible only through the Azure portal. This provides a secure way to access VMs in the VNet.
How do I connect to the Azure Bastion service?
You can connect to the Azure Bastion service directly from the Azure portal. You would select the VM you want to connect to, and then select the option “Bastion” for the type of connection.
Which protocols are used by Azure Bastion for secure connections?
Azure Bastion uses Remote Desktop Protocol (RDP) for Windows and Secure Shell Protocol (SSH) for Linux systems.
Can I use one Bastion host to connect to VMs in a different Virtual Network?
No, currently the Azure Bastion host is deployed in the Virtual Network and is available only to the VMs within that Virtual Network.
How many public IP addresses does Azure Bastion require?
Azure Bastion requires only one public IP address regardless of the number of VMs you need to connect to.
How does Azure Bastion handle scaling?
Azure Bastion is a scalable and redundant platform service that is designed to handle and scale based on the number of Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) connections.
Can I customize the Azure Bastion host?
No, customizations are not available on Azure Bastion and it cannot be resized or updated unlike regular VMs.
What does Azure Bastion need to be enabled?
Azure Bastion Host is a premium feature, hence you need a Virtual Network and a Public IP aside from having the necessary funds to support the feature.
Can Azure Bastion access on-premises networks?
No, Azure Bastion is limited to providing access to VMs within the same Virtual Network in Azure.
Can Azure Bastion be accessed through a VNet peering?
No, Azure Bastion is limited to the Virtual Network in which it was deployed.
Does Azure Bastion support multi-factor authentication?
Yes, Azure Bastion supports Azure multi-factor authentication to further enhance security.
Can Azure Bastion be accessed from any browser?
Yes, as long as the browser supports HTML5 and SSL, Azure Bastion can be accessed.
extutorials.com