You need to configure an Azure solution that meets the following requirements: ✑ Secures websites from attacks ✑ Generates reports that contain details of attempted attacks What should you include in the solution?
Firewall and NSG BOTH Allow/Deny. The difference between them is (mainly among other things) :
FIREWALL = acts as a defence in depth PERIMETER (OUTSIDE the virtual network) filter = between a virtual network and the outside world
NSG : acts as a defence in depth NETWORK/SUBNET (INSIDE/WITHIN the virtual network filter) = at the resources level
Please correct me if I am wrong.
https://docs.microsoft.com/en-us/learn/modules/secure-network-connectivity-azure/
A: Azure Firewall provides logging and monitoring capabilities, allowing you to generate reports on attempted attacks. It acts as a protective barrier for your websites, preventing unauthorized access and blocking malicious traffic. With Azure Firewall, you can monitor and analyze attempted attacks without the need for any attachments.
The correct answer is D. As per the following link "https://docs.microsoft.com/en-us/azure/ddos-protection/ddos-protection-overview", we can see that the chart states that DDoS supports 'Mitigation reports'. Furthermore, for those we do not know the definition of DDoS, the first line of this link states: 'A DDoS attack attempts to exhaust an application's resources, making the application unavailable to legitimate users."
I do understand how this answer came to be but isn't DDoS automatically enabled on Azure? Would like to know what you guys think. I will accept the answer provided, but the above-mentioned point was bugging me.
Imo it should be AD, because it is not specified in question what kind of attack it is. And FW by closing unused ports will increase security as well. It is not specified how this web app is running. On VM? As a service?
Think the same, D answer is correct.
Why?
https://docs.microsoft.com/en-us/azure/ddos-protection/ddos-protection-overview
https://docs.microsoft.com/en-us/azure/ddos-protection/diagnostic-logging?tabs=DDoSProtectionNotifications
This section is not available anymore. Please use the main Exam Page.AZ-900 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Jay_azure
Highly Voted 4 years agoMozbius_
2 years, 11 months agophidelics
1 year, 3 months agoluiz
3 years, 8 months agoarpi2910
2 years, 11 months agoRagijo
Highly Voted 4 years, 11 months agoGaneshSneha
4 years, 9 months agokewokil120
Most Recent 1 day, 15 hours agopompali42
8 months agoRajivjain
1 year, 4 months agonavid1365
1 year, 4 months agoLanka22
2 years, 1 month agomikep1
2 years, 10 months agoAnNguyen88
2 years, 10 months agoJam1007
2 years, 10 months agoNouvelle_France
2 years, 11 months agoAzuni
2 years, 11 months agominimei
2 years, 11 months agoraulek
3 years, 1 month agotype_12
3 years, 7 months agoAmchi
3 years, 8 months agomateo2121
3 years, 8 months agoFrontPageFreebirds
3 years, 9 months ago