HOTSPOT
You are designing a virtual network to support a web application. The web application uses Blob storage to store large images. The web application will be deployed to an Azure App Service Web App.
You have the following requirements:
✑ Secure all communications by using Secured Socket layer (SSL)
✑ SSL encryption and decryption must be processed efficiently to support high traffic load on the web application
✑ Protect the web application from web vulnerabilities and attacks without modification to backend code
✑ Optimize web application responsiveness and reliability by routing HTTP request and responses to the endpoint with the lowest network latency for the client.
You need to configure the Azure components to meet the requirements.
What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer:
Explanation:
Box 1: Azure application Gateway
Azure Application Gateway supports end-to-end encryption of traffic. Application Gateway terminates the SSL connection at the application gateway. The gateway then applies the routing rules to the traffic, re-encrypts the packet, and forwards the packet to the appropriate back-end server based on the routing rules defined. Any response from the web server goes through the same process back to the end user.
Box 2: Azure application Gateway
https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview
Box 3: Azure Traffic Manager
Azure Traffic Manager is a DNS-based traffic load balancer that enables you to distribute traffic optimally to services across global Azure regions, while providing high availability and responsiveness.
References:
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-end-to-end-ssl-powershell
https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-overview
https://docs.microsoft.com/en-us/azure/security-center/security-center-intro
Leave a Reply