ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-700 All Questions

View all questions & answers for the AZ-700 exam
Go to Exam

Exam AZ-700 topic 3 question 19 discussion

Actual exam question from Microsoft's AZ-700
Question #: 19
Topic #: 3
[All AZ-700 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure application gateway that has Azure Web Application Firewall (WAF) enabled.
You configure the application gateway to direct traffic to the URL of the application gateway.
You attempt to access the URL and receive an HTTP 403 error. You view the diagnostics log and discover the following error.

You need to ensure that the URL is accessible through the application gateway from any IP address.
Solution: You create a WAF policy exclusion for request headers that contain 137.135.10.24.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by DeepMoon at Sept. 29, 2022, 12:51 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
flurgen248
1 year, 4 months ago
Selected Answer: B
https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-monitor?pivots=front-door-standard-premium#waf-logs Client IP is the IP address of the client that made the request. If there was an X-Forwarded-For header in the request, the client IP address is taken from that header field instead. There wasn't an X-Forwarded-For header, so it is your IP address. Creating a WAF exclusion would allow you to connect, but that is not the goal. Any connections from a different IP would still get the 403 error. The answer is No.
upvoted 2 times
daemon101
1 year ago
Agree. The requirement is "You need to ensure that the URL is accessible through the application gateway from any IP address".
upvoted 1 times
...
...
Nicolas_UY
1 year, 7 months ago
Selected Answer: B
B. No Creating a WAF policy exclusion for request headers that contain 137.135.10.24 will not ensure that the URL is accessible through the application gateway from any IP address. Instead, you should check the WAF rules and policy settings to ensure that the IP address or range of IP addresses from which you are trying to access the URL is not being blocked by the WAF. You may also need to check the access control lists (ACLs) and network security groups (NSGs) associated with the application gateway to ensure that traffic from the desired IP addresses is allowed.
upvoted 3 times
...
DeepMoon
1 year, 10 months ago
Given Answer is Correct: Disabling a client IP for missing an Accept Header is definitely not the answer.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel