Can network security group (NSG) default rules be deleted?

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft SC-900 Exam. Master key concepts with targeted flashcards and multiple-choice questions, featuring hints and explanations. Get prepared and confident for success!

Network Security Groups (NSGs) in Azure are critical for filtering network traffic to and from Azure resources. They contain both default and custom rules that define the allowed or denied traffic based on various parameters such as source and destination IP addresses, ports, and protocols.

The default rules in an NSG are predefined and cannot be removed. They are fundamental to the security model in Azure, ensuring that there are baseline protections in place. For example, default rules typically allow inbound traffic for Azure services and deny all other inbound traffic while allowing all outbound traffic. This is essential for maintaining a secure environment.

While you can modify the priority of custom rules and create new rules, you must retain these default rules to leverage Azure's built-in security functionalities. Therefore, the answer is that the default rules cannot be deleted, highlighting their importance in the overall security landscape of Azure resources.