🔥 3-day streak
Microsoft Cybersecurity Architect Expert52 / 158
Question 52 of 158

A financial services company runs 200 Windows and Linux VMs in Azure hosting sensitive workloads. Administrators currently connect to these VMs via RDP and SSH over public IP addresses with ports left permanently open, which auditors flagged as a management-plane exposure risk. The security architect must reduce the attack surface for administrative access while retaining the ability for approved admins to connect on demand and generate an audit trail of each access request. Which design should the architect recommend?

Reviewed for accuracy · Report an issueNext question