Secure the connectivity of hybrid networks

Practice Test

Azure Virtual Network (VNet) is a fundamental component to ensuring secure connectivity between Azure and on-premises hybrid networks.

• True
• False

Answer: True

Explanation: Azure Virtual Network is an essential component that provides secure private network space in Azure which is necessary to maintain the secure connectivity between Azure and on-premise networks.

Network Security Groups (NSGs) in Azure do not limit network traffic to resources within a virtual network in Azure.

• True
• False

Answer: False

Explanation: Network Security Groups (NSGs) can be used to control and limit network traffic to resources within a virtual network.

Which of the following encryption model is used in Azure to secure the connectivity of hybrid networks?

• Transport Layer Security (TLS)
• Secure Shell (SSH)
• HyperText Transfer Protocol Secure (HTTPS)
• Internet Protocol Security (IPSec)

Answer: Transport Layer Security (TLS)

Explanation: TLS is used by Azure for securing the connectivity of hybrid networks. It helps in providing privacy and data integrity between applications over networks.

VPN gateway is a type of virtual network gateway that is used for secure connectivity between Azure and on-premise networks.

• True
• False

Answer: True

Explanation: VPN gateway, a form of virtual network gateway, provides a secure connection between an Azure virtual network and an on-premises location over the internet.

Azure Firewall does not support hybrid and multi-tier applications.

• True
• False

Answer: False

Explanation: Azure Firewall supports hybrid network connectivity and multi-tier applications thus providing a unified network security enforcement and protection control point.

Virtual Network peering in Azure does not establish connectivity between virtual networks.

• True
• False

Answer: False

Explanation: Virtual Network peering involves connecting virtual networks. Traffic between the peered virtual networks is routed through the Microsoft backbone infrastructure.

Azure ExpressRoute is a cloud-based service that provides a reliable and secure internet connection.

• True
• False

Answer: False

Explanation: Azure ExpressRoute is not a cloud-based service. It is a service that enables you to create private connections between Azure datacenters and infrastructure on your premises or in a colocation environment.

Which among the following services would you use to manage, secure, and monitor your hybrid network connectivity in Azure?

• Azure Security Center
• Azure Network Watcher
• Azure Advisor
• All of the above

Answer: Azure Network Watcher

Explanation: Azure Network Watcher is a regional service that enables you to monitor and diagnose conditions at a network scenario level in your network.

Azure Bastion provides secure and seamless RDP and SSH connectivity to your virtual machines directly in the Azure portal over SSL.

• True
• False

Answer: True

Explanation: Azure Bastion is a service that enables secure, seamless RDP/SSH connectivity to your virtual machines directly in the Azure portal over SSL.

Azure VPN Gateway establishes encrypted tunnels between an Azure virtual network and your on-premise network.

• True
• False

Answer: True

Explanation: Azure VPN Gateway connects your on-premises networks to Azure using site-to-site VPNs in a similar way that you set up and connect to a remote branch office.

Interview Questions

What is a hybrid network in Microsoft Azure?

A hybrid network in Microsoft Azure is a type of infrastructure architecture that combines on-premises, private cloud, and public cloud services to deliver services and applications.

What are some key benefits of hybrid networks in Microsoft Azure?

Some key benefits include improved scalability, cost-effectiveness, business continuity, flexibility, and security as it combines the advantages of both local and public cloud infrastructures.

What is Azure Firewall and does it protect hybrid networks?

Azure Firewall is a cloud-based network security service provided by Azure. It provides threat intelligence-based filtering and intrusion detection that can ensure the secure connectivity of hybrid networks.

What technology is primarily used to establish hybrid connectivity with Azure?

Virtual Private Network (VPN) or ExpressRoute connections are primarily used to establish hybrid connectivity with Azure.

What does Azure VPN Gateway do?

Azure VPN Gateway enables the establishment of secure, cross-premises connectivity between your virtual network within Azure and your on-premises IT infrastructure.

How does Azure DDoS Protection secure hybrid networks?

Azure DDoS Protection prevents your services from being affected by DDoS (Distributed Denial of Service) attacks by automatically monitoring and mitigating such attacks when they are detected.

What is Network Security Groups in Azure?

Network Security Groups (NSGs) in Azure enable you to filter network traffic to and from Azure resources within an Azure virtual network.

What tool can be used to manage and enforce network policies across hybrid environments in Azure?

Azure Policy can be used to enforce and manage network policies across hybrid environments in Azure.

What role does Azure ExpressRoute play in securing hybrid networks?

Azure ExpressRoute provides private network connectivity to Microsoft Azure, thus skipping internet-based connections and enhancing security for hybrid networks.

What feature does Azure offer to prevent data leakage over the network in hybrid environments?

Azure offers Azure Information Protection (AIP) to classify, label, and protect documents and emails, thereby preventing data leakage over the network in hybrid environments.

How does Azure Private Link secure the hybrid network?

Azure Private Link secures the hybrid network by providing private connectivity from a virtual network to Azure platform as a service (PaaS), customer-owned, or Microsoft partner services.

What is Azure Bastion’s role in securing hybrid networks?

Azure Bastion provides secure and seamless RDP and SSH access to your virtual machines directly through the Azure Portal, thereby providing an additional layer of security for hybrid networks.

What Azure service allows you to extend your on-premises networks into the Microsoft cloud over a dedicated private connection?

Azure ExpressRoute allows you to extend your on-premises networks into the Microsoft cloud over a dedicated private connection.

How does Azure Security Center help in securing hybrid networks?

Azure Security Center provides unified security management and advanced threat protection across hybrid cloud workloads. It allows you to prevent, detect, and respond to threats with increased visibility and control over the security of your resources.

What is the purpose of Azure Network Watcher?

Azure Network Watcher is a service that provides tools to monitor, diagnose, view metrics, and enable or disable logs for resources in Azure virtual networks. It helps to visualize and troubleshoot your network, thereby ensuring that your connectivity is both secure and optimal.