Azure Application Security Groups (ASGs) are a feature of Azure Network Security Groups (NSGs) that allow you to group virtual machines (VMs) and define network security policies based on those groups. This makes it easier to manage network security for complex environments with multiple VMs.

With ASGs, you can define security policies based on the application or workload running on a VM rather than just the IP address or subnet. This allows you to create more granular security policies that are easier to manage and maintain.

This lab challenge assumes familiarity with the following concepts:

• Understand the concept of Application Security Groups
• Create an Application Security Group resource
• Attach an Application Security Group to a virtual machine
• Update the inbound port rule to restrict the traffic to the web server to only the application security group

If you are unfamiliar with any of the above, Cloud Academy recommends completing the labs mentioned in the prerequisites before attempting this lab challenge.

This hands-on lab challenge will test your practical ability to interact with Azure Application Security Groups to satisfy a set of requirements in a production-like Azure environment. You will be presented with a task and set of requirements you must fulfill to pass the challenge.

This is a real environment, which means you can prove your knowledge in an applied way, substituting multiple choice questions for a dynamic performance-based exam situation.

• Azure Virtual Networks, Virtual Machines & Network Security Groups (Lab)

• Azure Administrator
• Azure Security Engineer
• Azure Solutions Architect
• Azure DevOps Engineer

• Azure Application Security Groups
• Azure Virtual Machines
• Azure Network Security Groups