ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 11 - AZ-204 discussion

Report
Export

HOTSPOT

You need to ensure that network security policies are met.

How should you configure network security? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 11
Correct answer: Question 11

Explanation:

Box 1: Valid root certificate

Scenario: All websites and services must use SSL from a valid root certificate authority.

Box 2: Azure Application Gateway

Scenario:

Any web service accessible over the Internet must be protected from cross site scripting attacks.

All Internal services must only be accessible from Internal Virtual Networks (VNets)

All parts of the system must support inbound and outbound traffic restrictions.

Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection of your web applications from common exploits and vulnerabilities. Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities. SQL injection and cross-site scripting are among the most common attacks.

Application Gateway supports autoscaling, SSL offloading, and end-to-end SSL, a web application firewall (WAF), cookie-based session affinity, URL path-based routing, multisite hosting, redirection, rewrite HTTP headers and other features.

Note: Both Nginx and Azure Application Gateway act as a reverse proxy with Layer 7 load-balancing features plus a WAF to ensure strong protection against common web vulnerabilities and exploits.

You can modify Nginx web server configuration/SSL for X-XSS protection. This helps to prevent cross-site scripting exploits by forcing the injection of HTTP headers with X-XSS protection.

Reference:

https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview

https://www.upguard.com/articles/10-tips-for-securing-your-nginx-deployment

asked 02/10/2024
Laurence Peterson
34 questions
User
0 comments
Sorted by

Leave a comment first