Question 13 of 48 from exam AZ-101: Microsoft Azure Integration and Security

Question 13 of 48 from exam AZ-101: Microsoft Azure Integration and Security

Question

HOTSPOT -

You have an Azure web app named WebApp1 that runs in an Azure App Service plan named ASP1. ASP1 is based on the D1 pricing tier.

You need to ensure that WebApp1 can be accessed only from computers on your on-premises network. The solution must minimize costs.

What should you configure? To answer, select the appropriate options in the answer area.

Each correct selection is worth one point.

NOTE:

Hot Area:

Explanations

Box 1: B1 -

B1 (Basic) would minimize cost compared P1v2 (premium) and S1 (standard).

Box 2: Cross Origin Resource Sharing (CORS)

Once you set the CORS rules for the service, then a properly authenticated request made against the service from a different domain will be evaluated to determine whether it is allowed according to the rules you have specified.

Note: CORS (Cross Origin Resource Sharing) is an HTTP feature that enables a web application running under one domain to access resources in another domain. In order to reduce the possibility of cross-site scripting attacks, all modern web browsers implement a security restriction known as same-origin policy.

This prevents a web page from calling APIs in a different domain. CORS provides a secure way to allow one origin (the origin domain) to call APIs in another origin.

https://azure.microsoft.com/en-us/pricing/details/app-service/windows/ https://docs.microsoft.com/en-us/azure/cdn/cdn-cors