You are designing a solution that will host 20 different web applications.
You need to recommend a solution to secure the web applications with a firewall that protects against common web-based attacks including SQL injection, cross- site scripting attacks, and session hijacks. The solution must minimize costs.
Which three Azure features should you recommend? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Click on the arrows to vote for the correct answer
A. B. C. D. E. F.DEF
The web application firewall (WAF) in Azure Application Gateway helps protect web applications from common web-based attacks like SQL injection, cross-site scripting attacks, and session hijacks. It comes preconfigured with protection from threats identified by the Open Web Application Security Project (OWASP) as the top 10 common vulnerabilities.
ExpressRoute connections do not go over the public Internet and thus can be considered more secure than VPN-based solutions. This allows ExpressRoute connections to offer more reliability, faster speeds, lower latencies, and higher security than typical connections over the Internet.
https://azure.microsoft.com/en-us/updates/application-gateway-web-application-firewall-in-public-preview/ https://docs.microsoft.com/en-us/azure/security/fundamentals/overviewThe recommended solution to secure 20 web applications against common web-based attacks with minimal cost is to use Azure Application Gateway with Web Application Firewall (WAF).
The correct answers are:
D. Web Application Firewall (WAF) F. Azure Application Gateway
Here's why:
Web Application Firewall (WAF): A WAF is a security feature that protects web applications from common web-based attacks. It inspects incoming traffic and blocks any malicious requests that might harm the application. Azure WAF is a managed service that can be easily integrated with Azure Application Gateway. It provides protection against OWASP Top 10 vulnerabilities, including SQL injection, cross-site scripting attacks, and session hijacks. Azure WAF can be configured with custom rules and policies, and it is continually updated to provide protection against the latest threats.
Azure Application Gateway: Azure Application Gateway is a layer-7 load balancer that provides application delivery controller (ADC) as a service. It is designed to manage and secure web traffic to multiple backend servers. It offers a range of features such as SSL offloading, cookie-based session affinity, URL-based routing, and health probes. By integrating Azure Application Gateway with WAF, you can provide a scalable and secure solution to protect 20 different web applications.
In summary, by using Azure Application Gateway with Web Application Firewall, you can protect 20 different web applications against common web-based attacks while minimizing costs. Azure Application Gateway provides a scalable solution to manage web traffic, while Azure WAF provides security against known vulnerabilities.