Azure DDoS Protection Standard can be used to protect which of the following?

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft SC-900 Exam. Master key concepts with targeted flashcards and multiple-choice questions, featuring hints and explanations. Get prepared and confident for success!

Azure DDoS Protection Standard is specifically designed to protect Azure resources from Distributed Denial of Service (DDoS) attacks, which can overwhelm network resources and disrupt service availability. The service can be applied to virtual networks, enabling it to monitor traffic and automatically implement mitigations if a DDoS attack is detected.

By utilizing Azure DDoS Protection Standard on virtual networks, organizations can ensure that all resources configured within that virtual network benefit from enhanced DDoS protection. This includes not only virtual machines but also any services hosted within the virtual network context, thereby maintaining service continuity and availability even under attack.

In contrast, Azure Active Directory (Azure AD) users and applications do not rely on the same types of network protections that DDoS protection provides. Resource groups, while important for organizing Azure resources, do not themselves become targets but are merely a means of managing those underlying resources. Therefore, the most appropriate and effective application of Azure DDoS Protection Standard is with virtual networks, as it directly relates to network-level protections against potential DDoS threats.