🔥 3-day streak
Microsoft Cybersecurity Architect Expert69 / 158
Question 69 of 158

Contoso hosts several legacy on-premises web applications and RDP/SSH management interfaces that internal employees and contractors currently reach through a full-tunnel VPN. Security wants to eliminate broad network-level access, apply Conditional Access and per-application access policies, and avoid exposing the apps directly to the internet. Remote users must reach these private resources without a traditional VPN client that grants access to the whole network. Which solution should the architect specify?

Reviewed for accuracy · Report an issueNext question