ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-700 All Questions

View all questions & answers for the AZ-700 exam
Go to Exam

Exam AZ-700 topic 4 question 3 discussion

Actual exam question from Microsoft's AZ-700
Question #: 3
Topic #: 4
[All AZ-700 Questions]

You have an Azure Web Application Firewall (WAF) policy in prevention mode that is associated to an Azure Front Door instance.
You need to configure the policy to meet the following requirements:
✑ Log all connections from Australia.
✑ Deny all connections from New Zealand.
✑ Deny all further connections from a network of 131.107.100.0/24 if there are more than 100 connections during one minute.
What is the minimum number of objects you should create?

  • A. three custom rules that each has one condition
  • B. one custom rule that has three conditions
  • C. one custom rule that has one condition
  • D. one rule that has two conditions and another rule that has one condition
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by gme999 at Oct. 25, 2021, 6:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jamesat
Highly Voted 2 years, 8 months ago
Selected Answer: A
I would go with A as you would need 3 separate rules for this. Rule 1 - Match rule, condition match Australia, action Log Rule 2 - Match rule, condition match New Zealand action Deny Rule 3 - Rate Limit rule, condition match IP range and rate, action Deny
upvoted 17 times
...
walkwolf3
Highly Voted 3 years, 5 months ago
Answer is correct since all 3 requirements have different conditions and actions.
upvoted 14 times
pinchocr
2 years, 11 months ago
actions are the same for two of them (block)
upvoted 1 times
Feliphus
6 months ago
That's true, but you can not merge into an unique rule the two block actions, because you need one rule type match and a second one rule type rate limit
upvoted 1 times
...
jeepTango123456
2 years, 8 months ago
https://techcommunity.microsoft.com/t5/azure-network-security-blog/azure-waf-custom-rule-samples-and-use-cases/ba-p/2033020 "Another concept to make use of in constructing effective Custom Rules is compound conditions. Rules can be created with a single condition, or you can add multiple conditions that must be satisfied to constitute a match. When adding multiple conditions, they are added as an AND statement, so all conditions must be met for the Action to take place. If you need to construct a rule with OR logic, it is best to create multiple rules with the same Action." so three rules are needed
upvoted 6 times
xRiot007
1 month ago
In this case, the Deny would be an OR logic. "If traffic is from NZ or if it from an IP with blabla". If you put AND then only if the IP is from NZ also it will Deny it.
upvoted 1 times
...
...
...
...
GBAU
Most Recent 1 year, 6 months ago
Selected Answer: A
Deny all traffic from NZ? Harsh
upvoted 4 times
...
Lazylinux
1 year, 7 months ago
Selected Answer: A
Definitely A as per given answer three custom rules that each has one condition, as NOTE you cannot and another different condition but you can add AND IF condition into the custom rule and hence means if you did use AND IF then both conditions MUST be met in order for the custom rule to be effective but in this scenario the conditions are NOT related at all 1 x Geo - Log Australia 1 x Geo - New Zealand BLOCKED 1 x Rate Limit - limit specific IP
upvoted 7 times
...
polinoma
2 years ago
The answer should be B, because we are looking for a "minimum number of objects you should create" Answer A not covering this rule. You could create three custom rules, one to log all connections from Australia, another to deny all connections from New Zealand, and a third to deny further connections from a network of 131.107.100.0/24 if there are more than 100 connections during one minute. However, this approach requires creating three custom rules instead of one, which increases the number of objects to manage, so it is not the most efficient solution.
upvoted 1 times
...
MightyMonarch74
2 years, 1 month ago
three custom rules that each has one condition 1 x Geographic - Log Australia 1 x Geographic - Block New Zealand 1 x Rate Limit - limit specific IP
upvoted 2 times
...
GohanF2
2 years, 6 months ago
Answers are correct.
upvoted 1 times
...
jellybiscuit
2 years, 7 months ago
Selected Answer: A
A The three conditions - from australia - from new zealand - from 131.107.100.0 They are not related and not additive, so you need three rules. When you add multiple conditions they come with a "and if". There is no "or" option. You have to get "or" with a new rule.
upvoted 4 times
...
Cristoicach91
2 years, 8 months ago
Selected Answer: A
You need 3 rules because you can either allow/deny/log
upvoted 4 times
...
lobs_wort
2 years, 9 months ago
In exam on 21-July-2022.
upvoted 1 times
...
cypher9
2 years, 9 months ago
A rule is made of a match condition, a priority, and an action. Action types supported are: ALLOW, BLOCK, LOG, and REDIRECT. 3 different conditions = 3 custom rules
upvoted 2 times
...
armand10
2 years, 10 months ago
D correct since each custom rule is mapped only to one action (log,allow, deny).
upvoted 2 times
...
Kannanthalaiappan
3 years, 2 months ago
Ans D ?? one rule type "match" with first two conditions, another rule type "Rate limit" with last condition.
upvoted 5 times
pinchocr
2 years, 11 months ago
You can only give one action "Deny" or "Allow" per rule. Not sure if you can use one rule for block traffic from one region AND per number of request. The other rule would contain the Allow traffic from first region
upvoted 1 times
...
Prutser2
2 years, 7 months ago
that would require a Boolean OR statement, which is not available under the condition, its on IF which can be combined with AND IF
upvoted 1 times
...
...
nitinkumarmca
3 years, 2 months ago
Selected Answer: A
Correct answer is A
upvoted 3 times
...
Contactfornitish
3 years, 3 months ago
Appeared in exam on 17/01/2022
upvoted 1 times
...
Pravda
3 years, 4 months ago
Variation on exam 1/6/2022
upvoted 3 times
...
gme999
3 years, 6 months ago
Correct
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago