What provides traffic filtering that can be applied to specific network interfaces on a virtual network?

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft SC-900 Exam. Master key concepts with targeted flashcards and multiple-choice questions, featuring hints and explanations. Get prepared and confident for success!

Network security groups (NSGs) are designed to provide traffic filtering at the network interface level within an Azure virtual network. An NSG consists of security rules that allow or deny inbound and outbound network traffic based on various criteria, including source and destination IP addresses, port numbers, and protocols. By associating NSGs with specific network interfaces or subnets, you can effectively control the flow of traffic to and from those resources.

NSGs are integral to implementing a layered security approach in Azure, allowing for granular control of traffic access to virtual machines and other resources. This capability helps organizations enforce security policies and compliance requirements effectively, ensuring that only authorized traffic is permitted.

The other options do not provide the same functionality: Azure Bastion is primarily a secure gateway for RDP and SSH access; Azure Firewall is a managed firewall service with more extensive capabilities but operates at a different layer; and Azure Advisor is a recommendation service that helps optimize your Azure resources but does not directly filter traffic.

More Multiple Choice Questions