CASE STUDY: Contoso Ltd is a global financial services firm with 10,000 employees. They have a primary on-premises data center in London and a secondary in New York. They are migrating to Azure and require a hub-and-spoke network topology. Requirements: 1) Secure connectivity between on-premises and Azure with at least 5 Gbps throughput and redundancy. 2) Centralized inspection of all outbound internet traffic from spoke VNets. 3) Spoke VNets must communicate with each other securely. 4) PaaS services (Storage, SQL) must be accessed privately without traversing the public internet. 5) Web applications in spokes require WAF protection and global load balancing.
Question 1 of 5: To meet Requirement 1 (Secure connectivity with at least 5 Gbps throughput and redundancy), which hybrid connectivity solution should you recommend?
AZ-305 · Question 52 · Domain 4.4: Network Solutions
CASE STUDY: Contoso Ltd is a global financial services firm with 10,000 employees. They have a primary on-premises data center in London and a secondary in New York. They are migrating to Azure and require a hub-and-spoke network topology. Requirements: 1) Secure connectivity between on-premises and Azure with at least 5 Gbps throughput and redundancy. 2) Centralized inspection of all outbound internet traffic from spoke VNets. 3) Spoke VNets must communicate with each other securely. 4) PaaS services (Storage, SQL) must be accessed privately without traversing the public internet. 5) Web applications in spokes require WAF protection and global load balancing.
Question 2 of 5: To meet Requirement 2 (Centralized inspection of all outbound internet traffic), what should you deploy in the Hub VNet?
Answer options:
Network Security Groups (NSGs) on every spoke subnet.
Azure Firewall and User Defined Routes (UDRs) in the spokes.
Azure Application Gateway.
Azure Bastion.
55 questions · hints · full answers · grading
Expert