Update private-link-faq.yml

Network policies like NSGs (Network security groups) and User-Defined Routes previously weren't supported for private endpoints. To deploy a private endpoint on a given subnet, an explicit disable setting was required on that subnet. This setting is only applicable for the private endpoint. For other resources in the subnet, access is controlled based on security rules in the network security group.
Private Endpoint support for Network Security Groups (NSGs) is now in GA. 
This feature enhancement will provide you with the ability to enable advanced security controls on traffic destined to a private endpoint.
If customer is interested in using this feature, they will need to set a specific subnet level property, called PrivateEndpointNetworkPolicies, to Enabled.

Author: sathyagorantla

articles/private-link/private-link-faq.yml

@@ -41,7 +41,13 @@ sections:
       - question: |
           Do I need to disable network policies for Private Link?
         answer: |
-          Yes. Both Private Endpoint and Private Link Service need to disable network policies to function properly. They both have properties independent of one another.
+          Yes. Private Link Service need to disable network policies to function properly.
+      
+      - question: |
+          Can I use for User-Defined Routes only, Network Security Groups only, or for both for Private EndPoint?
+        answer: |
+          Yes. To utilize policies like User-Defined Routes and Network Security Groups, You need to enable Network policies for a subnet in a virtual network for the Private Endpoint . This setting affects all the private endpoints within the subnet.
+          
 
   - name: Private Endpoint
     questions:
@@ -138,4 +144,4 @@ sections:
 additionalContent: |
 
   ## Next steps
-     - Learn about [Azure Private Link](private-link-overview.md)
+     - Learn about [Azure Private Link](private-link-overview.md)