-
AZ 104 – NSG Rules Question
updated 2 years, 7 months ago
2 Members
·
5
Posts
-
Hello
Was doing some practice questions and came across this one.
I selected “No” as my answer since the connection should not go through since the “newly added” inbound security rule to both “TDSG-TDSub1” and “TDSG-TD1” have a priority of “200” which will be overwritten by the initial NSG rule applied for “TDSG-TD1” – which has a priority rule of 100 (uses UDP).
However, my answer was wrong.
Am I missing something here? From what I know, once a rule denies a connection, it will not go through the list of rules anymore although theres a rule that allows a connection right below it.
Please help me!
Thanks in advance!
Jay
-
Hi JaeJae,
Thanks for bringing up the question.
Our team will review this question for possible revision. I appreciate your feedback on this item, it will definitely help us improve our content!
Let us know if you need further assistance. The Tutorials Dojo team is dedicated to helping you pass your AWS exam on your first try!
Regards,
Gerome @ Tutorials Dojo
-
Thanks Gerome!! – Please let me know!
-
Hi JaeJae,
“From what I know, once a rule denies a connection, it will not go through the list of rules anymore”
If you’d look carefully in the screenshots you’ve provided, the action for the default inbound security rule is set to “Allow”. This means that the RDP connection will go through TDSG-TD1. Also by default, servers can listen on TCP/UDP port 3389. Your statement about priorities is valid if the action in the inbound security rule is set to “Deny”. Therefore, the correct answer for this question is Yes.
Let us know if you need further assistance. The Tutorials Dojo team is dedicated to helping you pass your AWS exam on your first try!
Regards,
Gerome @ Tutorials Dojo
-
Hello Gerome!
Thank you very much!! Totally makes sense now. Clearly small details matter when dealing with rules, and I totally missed that. I appreciate you looking at it and letting me know!
Have a good one!
Jae
Log in to reply.