Exam AZ-700 topic 4 question 31 discussion

Actual exam question from Microsoft's AZ-700

Question #: 31
Topic #: 4

You have an Azure subscription that contains the resources shown in the following table.

Users on HP1 connect to App1 by using a URL of https://app1.contoso.com.

You need to ensure that the IDPS on FW1 can identify security threats in the connections from HP1 to Server1.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A. Enable TLS inspection for FW1.
B. Import a server certificate to KV1.
C. Enable threat intelligence for FW1.
D. Add an application group to HP1.
E. Add a secured virtual network to FW1.

Show Suggested Answer

Suggested Answer: AB 🗳️

by _fvt at April 7, 2023, 11:29 a.m.

Comments

Submit Cancel

_fvt

Highly Voted 1 year ago

Selected Answer: AB

Seems correct. https://learn.microsoft.com/en-us/azure/firewall/premium-certificates https://learn.microsoft.com/en-us/azure/firewall/premium-features#tls-inspection

upvoted 7 times

...

Lazylinux

Most Recent 7 months ago

Selected Answer: AB

Given ans is correct FW needs TLS inspection enable and for TLS inspection to work a cert uploaded to KV need be in place to decrypt encrypted traffic

upvoted 1 times

...

Rob_G

1 year ago

Selected Answer: AB

Correct A & B The Firewall needs to be able to decrypt the traffic so the IDS can inspect the traffic. To do this TLS inspection needs to be enabled and a copy of the certificate needs to be stored.

upvoted 4 times

...

Exam AZ-700 All Questions

View all questions & answers for the AZ-700 exam

Exam AZ-700 topic 4 question 31 discussion

Comments

_fvt

Lazylinux

Rob_G

SY0-701