CompTIA DataX (CNX-001) — Question 57

Server A (10.2.3.9) needs to access Server B (10.2.2.7) within the cloud environment since they are segmented into different network sections. All external inbound traffic must be blocked to those servers. Which of the following need to be configured to appropriately secure the cloud network? (Choose two.)

Answer options

• A. Network security group rule: allow 10.2.3.9 to 10.2.2.7
• B. Network security group rule: allow 10.2.0.0/16 to 0.0.0.0/0
• C. Network security group rule: deny 0.0.0.0/0 to 10.2.0.0/16
• D. Firewall rule: deny 10.2.0.0/16 to 0.0.0.0/0
• E. Firewall rule: allow 10.2.0.0/16 to 0.0.0.0/0
• F. Network security group rule: deny 10.2.0.0/16 to 0.0.0.0/0

Correct answer: A, C

Explanation

The correct answer includes option A, which allows traffic from Server A to Server B, and option C, which denies all external traffic to the 10.2.0.0/16 network. Options B and E allow broader access that contradicts the requirement to block external inbound traffic, while options D and F do not facilitate the necessary access between the two servers.