Question 68 of 239 from exam AZ-300: Microsoft Azure Architect Technologies

Question 68 of 239 from exam AZ-300: Microsoft Azure Architect Technologies

Question

HOTSPOT -

You are designing a virtual network to support a web application. The web application uses Blob storage to store large images. The web application will be deployed to an Azure App Service Web App.

You have the following requirements:

Secure all communications by using Secured Socket layer (SSL)

-> SSL encryption and decryption must be processed efficiently to support high traffic load on the web application

-> Protect the web application from web vulnerabilities and attacks without modification to backend code

-> Optimize web application responsiveness and reliability by routing HTTP request and responses to the endpoint with the lowest network latency for the client.

You need to configure the Azure components to meet the requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Explanations

Box 1: Azure application Gateway

Azure Application Gateway supports end-to-end encryption of traffic. Application Gateway terminates the SSL connection at the application gateway. The gateway then applies the routing rules to the traffic, re-encrypts the packet, and forwards the packet to the appropriate back-end server based on the routing rules defined.

Any response from the web server goes through the same process back to the end user.

Box 2: Azure Security Center -

Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud - whether they're in Azure or not - as well as on premises.

Box 3: Azure Traffic Manager -

Azure Traffic Manager is a DNS-based traffic load balancer that enables you to distribute traffic optimally to services across global Azure regions, while providing high availability and responsiveness.

https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-end-to-end-ssl-powershell https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview https://docs.microsoft.com/en-us/azure/security-center/security-center-intro