Exam AZ-204 topic 2 question 37 discussion

A&D are correct. The question was not copied correctly from AZ-203 https://www.examtopics.com/discussions/microsoft/view/21243-exam-az-203-topic-24-question-22-discussion/

Is this a valid question for AZ204? I don't see this topic in the skills measured?

There is a option to (D) Override backend path and (A)Use for App Service while add HTTP Setting

A and C are correct.

question seems to be wrong

From ChatGPT: The correct actions to configure the Azure Application Gateway for the web app are: A. In the Azure Application Gateway's HTTP setting, enable the Use for App service setting - This ensures that the Application Gateway can work seamlessly with the Azure Web App. C. Add an authentication certificate for contoso.azurewebsites.net to the Azure Application Gateway - This is necessary to secure the traffic with SSL. So, the correct answers are A and C.

C. For SSL traffic, the Azure Application Gateway needs to authenticate itself to the backend web app using an SSL certificate. Adding an authentication (or backend) certificate for contoso.azurewebsites.net to the Application Gateway is necessary to establish a secure SSL connection between the Application Gateway and the web app. This certificate ensures that the traffic remains encrypted and secure as it passes through the Application Gateway to the web app.

A and C, The correct actions to configure Azure Application Gateway for the web app are: A. In the Azure Application Gateway's HTTP setting, enable the Use for App service setting. C. Add an authentication certificate for contoso.azurewebsites.net to the Azure Application Gateway. Explanation: A. Enabling the "Use for App service" setting in the HTTP setting of Azure Application Gateway ensures that the gateway can be used with Azure App Service, which includes the web app. C. Adding an authentication certificate for contoso.azurewebsites.net is necessary to secure the traffic with SSL. This involves associating an SSL certificate with the custom domain (contoso.azurewebsites.net) used by the web app. Therefore, options A and C are the correct actions.

Not sure, but looks like there is no need for cert. Application Gateway operates as an application delivery controller (ADC). It offers Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL), termination, cookie-based session affinity, round-robin load distribution, content-based routing, ability to host multiple websites, and security enhancements. Application Gateway security enhancements include TLS policy management and end-to-end TLS support. Application security is strengthened by WAF integration into Application Gateway. The combination protects your web applications against common vulnerabilities. And it provides an easy-to-configure central location to manage. https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview#benefits

A, C, Bings exaplanation: The correct answers are: A. In the Azure Application Gateway’s HTTP setting, enable the Use for App service setting. C. Add an authentication certificate for contoso.azurewebsites.net to the Azure Application Gateway. Explanation: Option A: The Azure Application Gateway needs to be configured to use the App service setting. This is because the traffic is being routed through an Azure Application Gateway instance that is used by multiple web apps1. Option C: Since all traffic must be secured with SSL, an authentication certificate for contoso.azurewebsites.net needs to be added to the Azure Application Gateway1. Option B is not correct because converting the web app to run in an Azure App service environment (ASE) is not necessary for configuring the Azure Application Gateway for the web app1. Option D is not correct because changing the backend path to a different web app (contoso22.azurewebsites.net) does not align with the requirement of routing traffic to contoso.azurewebsites.net1.

The right answers are A and C. To configure the Azure Application Gateway for the web app hosted at contoso.azurewebsites.net and ensure that all traffic is secured with SSL, you should perform the following actions: A. In the Azure Application Gateway's HTTP setting, enable the Use for App service setting. This setting ensures that the Azure Application Gateway can communicate with the Azure App Service (web app) using the appropriate settings and protocols. C. Add an authentication certificate for contoso.azurewebsites.net to the Azure Application Gateway. This step is essential to enable SSL termination at the Azure Application Gateway. You need to upload and configure the SSL certificate for contoso.azurewebsites.net so that the gateway can securely handle HTTPS traffic for your web app. The other options, B and D, are not necessary for securing traffic with SSL.

it should be A and C, its in the doc: The SSL certificate is needed to secure the traffic to the web app by encrypting the data between the client and the server. If you do not add an SSL certificate to the Azure Application Gateway, then all traffic to the web app will be unencrypted. This means that anyone who can intercept the traffic can see the data that is being transmitted, including passwords, credit card numbers, and other sensitive information. https://learn.microsoft.com/en-us/azure/application-gateway/end-to-end-ssl-portal

D is definitely incorrect

Should be AC: The correct actions to configure the Azure Application Gateway for the web app are: A. In the Azure Application Gateway's HTTP setting, enable the "Use for App service" setting. This ensures that the Application Gateway is configured to work properly with the web app running in Azure App Service. C. Add an authentication certificate for "contoso.azurewebsites.net" to the Azure Application Gateway. This certificate is necessary to enable SSL/TLS encryption for securing the traffic between the clients and the Application Gateway. Therefore, the correct options are A and C.

Received this in my exam today (22/02/2023). Selected A and D. Score 927.

Nowhere it is mentiones contoso22

A. yes, app is using default appservice domain azurewebsites.net, so my assumption is, it's hosted as appservice, B - it's not needed as it's already running as App Service, therefore C - is not needed as well, D - yes you need either pool or redirection, in this case we need to redirect the traffic, there's 100% typo in hostname