Microsoft Azure Administrator — Question 76

You deploy Azure virtual machines to three Azure regions

Each region contains a virtual network. Each virtual network contains multiple subnets peered in a full mesh topology.

Each subnet contains a network security group (NSG) that has defined rules.

A user reports that he cannot use port 33000 to connect from a virtual machine in one region to a virtual machine in another region.

Which two options can you use to diagnose the issue? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

Answer options

• A. Azure Virtual Network Manager
• B. IP flow verify
• C. Azure Monitor Network Insights
• D. Connection troubleshoot
• E. elective security rules

Correct answer: B, D

Explanation

The correct answers, B (IP flow verify) and D (Connection troubleshoot), are tools designed to analyze and troubleshoot network connectivity issues. IP flow verify checks the network security group rules and the effective security settings for the specified port, while Connection troubleshoot allows you to test the connection from one VM to another. The other options, while useful for network management or insights, do not directly diagnose connectivity issues in this scenario.