Securing Windows Server 2016 — Question 122

Your network has an internal network and a perimeter network. Only the servers on the perimeter network can access the Internet. You create a Microsoft
Operations Management Suite (OMS) instance in Microsoft Azure.
You deploy Microsoft Monitoring Agent to all the servers on both the networks.
You discover that only the servers on the perimeter network report to OMS.
You need to ensure that all the servers report to OMS.
What should you do?

Answer options

• A. Install a Web Application Proxy on the perimeter network and install an OMS Gateway on the internal network. Publish the OMS Gateway from the Web Application Proxy.
• B. Install a Web Application Proxy and an OMS Gateway on the perimeter network. Publish the OMS Gateway from the Web Application Proxy.
• C. Configure the network firewalls to allow the internal servers to access the IP addresses of the Azure OMS instance by using TCP port 443. parameter.

Correct answer: A

Explanation

The correct answer is A because installing a Web Application Proxy on the perimeter network while having an OMS Gateway on the internal network allows internal servers to access the OMS instance securely. Option B is incorrect as it places both components on the perimeter network, which would not facilitate internal server reporting. Option C, while potentially useful, does not directly address the need for a gateway to facilitate communication from the internal network to OMS.