ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-303 All Questions

View all questions & answers for the AZ-303 exam
Go to Exam

Exam AZ-303 topic 5 question 69 discussion

Actual exam question from Microsoft's AZ-303
Question #: 69
Topic #: 5
[All AZ-303 Questions]

HOTSPOT -
You are designing a virtual network to support a web application. The web application uses Blob storage to store large images. The web application will be deployed to an Azure App Service Web App.
You have the following requirements:
✑ Secure all communications by using Secured Socket layer (SSL)
✑ SSL encryption and decryption must be processed efficiently to support high traffic load on the web application
✑ Protect the web application from web vulnerabilities and attacks without modification to backend code
✑ Optimize web application responsiveness and reliability by routing HTTP request and responses to the endpoint with the lowest network latency for the client.
You need to configure the Azure components to meet the requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1: Azure application Gateway
Azure Application Gateway supports end-to-end encryption of traffic. Application Gateway terminates the SSL connection at the application gateway. The gateway then applies the routing rules to the traffic, re-encrypts the packet, and forwards the packet to the appropriate back-end server based on the routing rules defined.
Any response from the web server goes through the same process back to the end user.

Box 2: Azure Security Center -
Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud - whether they're in Azure or not - as well as on premises.

Box 3: Azure Traffic Manager -
Azure Traffic Manager is a DNS-based traffic load balancer that enables you to distribute traffic optimally to services across global Azure regions, while providing high availability and responsiveness.
References:
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-end-to-end-ssl-powershell https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview https://docs.microsoft.com/en-us/azure/security-center/security-center-intro
by snobrega at Jan. 3, 2021, 2:01 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
snobrega
Highly Voted 4 years, 7 months ago
- App Gateway - App Gateway - Traffic Manager
upvoted 102 times
...
SyntaxError
Highly Voted 4 years, 7 months ago
- App Gateway - App Gateway - Traffic Manager Source: https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview
upvoted 28 times
...
AD3
Most Recent 3 years, 5 months ago
Azure Security Center and Azure Defender are now called Microsoft Defender for Cloud. The gateway doesn't provide capability of assessing vulnerability and management of vulnerability. The answer is correct for second box. It's Security Center new name Microsoft Defender for Cloud.
upvoted 1 times
...
nd78
3 years, 6 months ago
on Exam today 21st Jan, 2022
upvoted 1 times
...
Noexperience
3 years, 7 months ago
Given answer is wrong https://techcommunity.microsoft.com/t5/itops-talk-blog/what-s-the-difference-between-azure-security-center-azure/ba-p/2155188 It should be App Gateway, App Gateway and Traffic Manager. Azure Security Center is just a collection of event from Azure and log analytics.
upvoted 1 times
...
shafqat
3 years, 10 months ago
- App Gateway - App Gateway - Traffic Manager
upvoted 4 times
...
syu31svc
3 years, 11 months ago
https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview Protect your web applications from web vulnerabilities and attacks without modification to back-end code. It offers Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL), termination https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods Select Performance routing when you have endpoints in different geographic locations and you want end users to use the "closest" endpoint for the lowest network latency App Gateway App Gateway Traffic Manager
upvoted 5 times
...
tteesstt
3 years, 11 months ago
1) APP GW 2) Security Center - can't be APP GW, it has no built in security features by default. 3) Traffic Manager
upvoted 1 times
ranhara
3 years, 10 months ago
WAF has security features
upvoted 4 times
...
...
BPQ
3 years, 12 months ago
Azure Security Center Security Center helps you prevent, detect, and respond to threats. It provides increased visibility into and control over the security of your Azure resources. Application Gateway is integrated with Security Center. Security Center scans your environment to detect unprotected web applications. It can recommend Application Gateway WAF to protect these vulnerable resources. You create the firewalls directly from Security Center. These WAF instances are integrated with Security Center. They send alerts and health information to Security Center for reporting.
upvoted 2 times
...
mooni
4 years ago
I believe the correct answer is App Gateway, Security Centre and Traffic Manager. You can enable Azure Defender from security center which provides security alerts and advanced threat protection for virtual machines, SQL databases, containers, web applications, your network, and more. The answer to the second question can not be an APGW as APGW on its own would not protect the web application without WAF being enabled and in the answer choice there is nowhere mention of WAF. However, Security center will provide you recommendations based on the data collected via azure defender.
upvoted 5 times
certpro
3 years, 12 months ago
Agree, according to this link, the given answer looks correct (Using Security center to Protect) https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview
upvoted 1 times
...
...
VMUN
4 years, 1 month ago
26-June-21, Passed the exam. Answered - App GW, App GW, Traffic Manager
upvoted 5 times
...
JustinWilliamAndrew
4 years, 1 month ago
I think they want to test on one of the exam topic which is monitoring so security center is my choice. It is 50/50
upvoted 1 times
...
wardy1983
4 years, 3 months ago
https://docs.microsoft.com/en-us/azure/security-center/security-center-introduction please read
upvoted 3 times
...
DNeo
4 years, 4 months ago
2nd one is also App Gateway because it has WAF to provide protection against web vulnerabilities
upvoted 6 times
...
paulxyz90
4 years, 4 months ago
The second one is tricky. Docs say - Security Center Security Center's threat protection enables you to detect and prevent threats at the Infrastructure as a Service (IaaS) layer, non-Azure servers as well as for Platforms as a Service (PaaS) in Azure. Security Center helps you detect threats across Azure PaaS services. You can detect threats targeting Azure services including Azure App Service, Azure SQL, Azure Storage Account, and more data services. So then we have WA - it says - Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection of your web applications from common exploits and vulnerabilities. They are both protecting the app from threats however since it says protection from WEB VULNERABILITIES and ATTACKS then it would say WAF makes sense. The AG has a WAF but it's not the WAF itself so then Azure Security Center could be right too. Not sure.
upvoted 5 times
rdemontis
4 years ago
In my opinion here the key is that Security Center is not a way to protect the app from Attack and Vulnerabilities as WAF does, but a way to find and detect them. After the detection process you eventually have to solve them
upvoted 2 times
...
pentium75
4 years ago
There's no way how Security Center would 'protect the web application from web vulnerabilities and attacks'. That clearly refers to WAF which is part of AppGW.
upvoted 3 times
...
paulxyz90
4 years, 4 months ago
Thought of another thing. Since it says that no modification of backend code is allowed that might mean WAF again. Since Security Center Recommendations might suggest mods vs. just protect from attack. SC would identity only and have the ability through 'quick fix' to auto remediate. Net it's more of a assessment / detective control + optional remediation. APP GW and WAF is an active prevention control.
upvoted 1 times
...
...
oberte007
4 years, 5 months ago
I think App Gateway for the both first combo box and traffic manager for the last one
upvoted 3 times
...
Stephan99
4 years, 6 months ago
Azure Application Gateway offers a web application firewall (WAF) that provides centralized protection of your web applications from common exploits and vulnerabilities. Security Center collects data from your Azure virtual machines (VMs), virtual machine scale sets, IaaS containers, and non-Azure (including on-premises) machines to monitor for security vulnerabilities and threats.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel