An architect needs to design a solution where Azure Storage accounts are accessible only from specific virtual network subnets. Which two features, used together, achieve this?

Microsoft Azure Fundamentals Hard

Microsoft Azure Fundamentals — Hard

An architect needs to design a solution where Azure Storage accounts are accessible only from specific virtual network subnets. Which two features, used together, achieve this?

Key points

  • VNet Service Endpoints restrict access at the network level
  • Storage account firewall VNet rules further control access within the storage account
  • NSG rules and Azure Firewall do not provide subnet-specific restrictions
  • Private DNS zones and Azure Bastion are unrelated to restricting storage account access

Ready to go further?

Start full exam Practice more questions

Related questions