You have an Azure subscription.

Microsoft DP-300 Question Answer

You create a logical SQL server that hosts four databases Each database will be used by a separate customer.

You need to ensure that each customer can access only its own database. The solution must minimize administrative effort

Which two actions should you perform? Each correct answer presents part of the solution

NOTE: Each correct selection is worth one point.

Create a network security group (NSG)

Create a server-level firewall rule

Create a private endpoint

Create a database-level firewall rule.

Deny public access.

Explanation:

Basic Concept: This question tests secure database administration, where the control must match the data state, access boundary, identity model, or compliance requirement.

Why C and D is Correct: A private endpoint exposes an Azure service through a private IP address in a virtual network, avoiding public endpoint dependency. The scenario asks for: You need to ensure that each customer can access only its own database. That makes Create a private endpoint the option that satisfies the required Azure SQL layer and operational outcome. Create a database-level firewall rule. is a security-related control, but its value depends on whether the requirement is identity, encryption, auditing, network isolation, or data exposure reduction. In this scenario, the important constraint is: You need to ensure that each customer can access only its own database. Create a database-level firewall rule. satisfies that constraint without adding an unrelated service or manual process.

Why A is Wrong: Create a network security group (NSG) is a security-related control, but its value depends on whether the requirement is identity, encryption, auditing, network isolation, or data exposure reduction. It does not satisfy the required identity, encryption, firewall, auditing, or data-exposure boundary described in the scenario: You need to ensure that each customer can access only its own database.

Why B is Wrong: Create a server-level firewall rule is a security-related control, but its value depends on whether the requirement is identity, encryption, auditing, network isolation, or data exposure reduction. It protects or manages a different security layer, so the required database access or protection behavior would still be incomplete.

Why E is Wrong: Deny public access. is a security-related control, but its value depends on whether the requirement is identity, encryption, auditing, network isolation, or data exposure reduction. It protects or manages a different security layer, so the required database access or protection behavior would still be incomplete.

DP-300 PDF/Engine

Printable Format
Value of Money
100% Pass Assurance
Verified Answers
Researched by Industry Experts
Based on Real Exams Scenarios
100% Real Questions

Get 65% Discount on All Products, Use Coupon: "ac4s65"

You have two on-premises Microsoft SQL Server 2019 instances named SQL1 and SQL2.

You have a Microsoft SQL Server 2017 server that hosts five databases.

Pre-Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

You have an Azure subscription.

The Answer Is:

Explanation:

Quick Links