Module quiz: Network security Quiz Answers
In this article i am gone to share Coursera Course: Implement Platform Protection by Microsoft | Week 2 Quiz | Module quiz: Network security Quiz Answers with you..
Enrol Link: Implement Platform Protection
Module quiz: Network security Quiz Answers
You are designing the network security architecture for a multi-tier application in Azure. The application consists of a web front-end, an application server, and a database server, each hosted in separate subnets within a virtual network. Your goal is to implement appropriate network security measures to protect the application.
Which of the following measures would be suitable for securing network communication between the different tiers of the application?
- Configuring Azure Application Gateway to provide SSL termination and load balancing for the web front-end tier.
- Implementing Azure Private Link to securely access the database server without exposing it to the public internet.
- Implementing network security groups (NSGs) to restrict traffic flow between the subnets based on IP addresses, port ranges, and protocols.
- Deploying Azure Firewall to centrally manage and control outbound and inbound traffic for all tiers of the application.
As a security engineer working on a complex Azure deployment, you are responsible for setting up network security for various resources. While configuring the network security groups (NSGs), you need to determine the number of NSGs that can be applied to a single virtual machine (VM), subnet, or network adapter.
For configuring network security for your Azure resources, how many NSGs can be applied to a single VM, subnet, or network adapter?
You are configuring network security in Azure using application security groups (ASGs) and network security groups (NSGs). As you work with ASGs, you come across certain constraints that need to be considered.
Which of the following statements is correct regarding the constraints of ASGs in Azure?
- ASG rules are automatically applied to all network interfaces in the associated subnet, regardless of ASG membership.
- Multiple ASGs cannot be specified as the source or destination in a security rule.
- ASGs can have an unlimited number of members in a subscription.
- All network interfaces assigned to an ASG cannot exist in the same virtual network.
You are a security engineer responsible for managing the network security of your organization’s Azure resources. You are working to enhance the security and performance of the resources.
For such scenarios, what benefits do service endpoints bring to network security in Azure? Select all that apply.
- Direct access to Azure service resources without public internet access
- Direct increase in network latency
- Real-time traffic monitoring
- Simplified setup and management without the need for NAT or gateway devices
ExtraNet Corp is a service provider that offers Azure resources through Azure Private Link. They have received a connection request from a service consumer. The service consumer does not have RBAC permissions on the service provider resource. What will be the status of the connection request on the service provider’s side, and what action can the service provider take?
- The connection request will appear as “Pending” on the service provider’s side.
- The connection request will be rejected by the service provider.
- The connection request will be automatically approved by the service provider.
- The connection request will be removed by the service provider.
Suppose you manage a web application that requires Secure Sockets Layer (SSL) encryption and load balancing across multiple backend servers. Based on the provided requirement, which of the following components of Azure Application Gateway are essential?
- Frontend port, listener, and backend pool
- Frontend IP address, backend pool, and HTTP setting
- Frontend IP address, backend port, and SSL certificate
- Frontend port, SSL certificate, and virtual network
You are managing an application that requires SSL termination at the gateway for secure communication. The application experiences varying traffic load patterns. In addition, you want to ensure that the application remains highly available and fault-tolerant across multiple availability zones.
Which features of Application Gateway will you leverage to address these requirements? Select the most appropriate option.
- Connection draining and custom error pages
- Static virtual Internet Protocol (VIP) and web application firewall (WAF)
- URL-based routing and multiple-site hosting
- Autoscaling and zone redundancy
The Web Application Firewall (WAF) policies in Azure can be associated with different components to customize security settings.
Which level of WAF policy allows you to customize the exclusions, custom rules, managed rule sets, and other settings for each site behind an Application Gateway?
- Listener policy
- Per-site policy
- Global policy
- Per-URI policy
You are managing a web application that handles sensitive user data. You want to ensure the highest level of security for your HTTP/HTTPS workload. You are considering using Azure Front Door for your application’s traffic management and security.
Which feature of Azure Front Door allows you to create custom rules to control access and secure your HTTP/HTTPS workload?
- URL-based routing
- Accelerate application performance
- High application availability with smart health probes
- WAF feature
You have multiple web applications hosted on Azure, and you want to implement a Web Application Firewall (WAF) to manage security for these applications.
Which Azure component can you associate with a WAF policy to provide security for your applications at the regional level?
- Azure Virtual Network
- Azure Front Door
- Azure Load Balancer
- Azure Application Gateway