Technical Review 1044123: Introduction to Azure Web Application Firewall

Author: lootle1

learn-pr/azure-networking/introduction-azure-web-application-firewall/1-introduction.yml

@@ -1,14 +1,14 @@
-### YamlMime:ModuleUnit
-uid: learn.introduction-azure-web-application-firewall.1-introduction
-title: Introduction
-metadata:
-  title: Introduction
-  description: Introduction to the Introduction to Azure Web Application Firewall module.
-  ms.date: 02/14/2024
-  author: vhorne
-  ms.author: victorh
-  ms.topic: unit
-durationInMinutes: 4
-content: |
-  [!include[](includes/1-introduction.md)]
-
+### YamlMime:ModuleUnit
+uid: learn.introduction-azure-web-application-firewall.1-introduction
+title: Introduction
+metadata:
+  title: Introduction
+  description: Introduction to the Introduction to Azure Web Application Firewall module.
+  ms.date: 05/01/2025
+  author: vhorne
+  ms.author: victorh
+  ms.topic: unit
+durationInMinutes: 4
+content: |
+  [!include[](includes/1-introduction.md)]
+

learn-pr/azure-networking/introduction-azure-web-application-firewall/2-what-is-azure-web-application-firewall.yml

@@ -1,14 +1,14 @@
-### YamlMime:ModuleUnit
-uid: learn.introduction-azure-web-application-firewall.2-what-is-azure-web-application-firewall
-title: What is Azure Web Application Firewall?
-metadata:
-  title: What is Azure Web Application Firewall?
-  description: Learn the basics of Azure Web Application Firewall including key features and common attacks it protects against.
-  ms.date: 02/14/2024
-  author: vhorne
-  ms.author: victorh
-  ms.topic: unit
-durationInMinutes: 10
-content: |
-  [!include[](includes/2-what-is-azure-web-application-firewall.md)]
-
+### YamlMime:ModuleUnit
+uid: learn.introduction-azure-web-application-firewall.2-what-is-azure-web-application-firewall
+title: What is Azure Web Application Firewall?
+metadata:
+  title: What is Azure Web Application Firewall?
+  description: Learn the basics of Azure Web Application Firewall including key features and common attacks it protects against.
+  ms.date: 05/01/2025
+  author: vhorne
+  ms.author: victorh
+  ms.topic: unit
+durationInMinutes: 10
+content: |
+  [!include[](includes/2-what-is-azure-web-application-firewall.md)]
+

learn-pr/azure-networking/introduction-azure-web-application-firewall/3-how-azure-web-application-firewall-works.yml

@@ -1,14 +1,14 @@
-### YamlMime:ModuleUnit
-uid: learn.introduction-azure-web-application-firewall.3-how-azure-web-application-firewall-works
-title: How Azure Web Application Firewall works
-metadata:
-  title: How Azure Web Application Firewall works
-  description: Learn how Azure Web Application Firewall works. In particular, learn about core rule sets and rule groups.
-  ms.date: 02/14/2024
-  author: vhorne
-  ms.author: victorh
-  ms.topic: unit
-durationInMinutes: 12
-content: |
-  [!include[](includes/3-how-azure-web-application-firewall-works.md)]
-
+### YamlMime:ModuleUnit
+uid: learn.introduction-azure-web-application-firewall.3-how-azure-web-application-firewall-works
+title: How Azure Web Application Firewall works
+metadata:
+  title: How Azure Web Application Firewall works
+  description: Learn how Azure Web Application Firewall works. In particular, learn about core rule sets and rule groups.
+  ms.date: 05/01/2025
+  author: vhorne
+  ms.author: victorh
+  ms.topic: unit
+durationInMinutes: 12
+content: |
+  [!include[](includes/3-how-azure-web-application-firewall-works.md)]
+

learn-pr/azure-networking/introduction-azure-web-application-firewall/4-when-to-use-azure-web-application-firewall.yml

@@ -1,14 +1,14 @@
-### YamlMime:ModuleUnit
-uid: learn.introduction-azure-web-application-firewall.4-when-to-use-azure-web-application-firewall
-title: When to use Azure Web Application Firewall
-metadata:
-  title: When to use Azure Web Application Firewall
-  description: Learn about common scenarios for using Azure Web Application Firewall.
-  ms.date: 02/14/2024
-  author: vhorne
-  ms.author: victorh
-  ms.topic: unit
-durationInMinutes: 8
-content: |
-  [!include[](includes/4-when-to-use-azure-web-application-firewall.md)]
-
+### YamlMime:ModuleUnit
+uid: learn.introduction-azure-web-application-firewall.4-when-to-use-azure-web-application-firewall
+title: When to use Azure Web Application Firewall
+metadata:
+  title: When to use Azure Web Application Firewall
+  description: Learn about common scenarios for using Azure Web Application Firewall.
+  ms.date: 05/01/2025
+  author: vhorne
+  ms.author: victorh
+  ms.topic: unit
+durationInMinutes: 8
+content: |
+  [!include[](includes/4-when-to-use-azure-web-application-firewall.md)]
+

learn-pr/azure-networking/introduction-azure-web-application-firewall/5-knowledge-check.yml

@@ -1,50 +1,50 @@
-### YamlMime:ModuleUnit
-uid: learn.introduction-azure-web-application-firewall.5-knowledge-check
-title: Module assessment
-metadata:
-  title: Module assessment
-  description: Check your knowledge.
-  ms.date: 02/14/2024
-  author: vhorne
-  ms.author: victorh
-  ms.topic: unit
-durationInMinutes: 4
-content: |
-  [!include[](includes/5-knowledge-check.md)]
-quiz:
-  title: Check your knowledge
-  questions:
-  - content: "Suppose a company wants to stop threat actors from submitting malicious requests to a web app. Which of the following Azure Web Application Firewall modes should the company use?"
-    choices:
-    - content: "Detection"
-      isCorrect: false
-      explanation: "Incorrect. Detection mode only logs a rule violation. It doesn't stop a request from being submitted."
-    - content: "Prevention"
-      isCorrect: true
-      explanation: "Correct. Prevention mode not only logs a rule violation, but it also stops the request from being submitted to the web app."
-    - content: "Exclusions"
-      isCorrect: false
-      explanation: "Incorrect. Exclusions are an Azure Web Application Firewall feature that enables you to ignore specified HTTP/HTTPS request attributes."
-  - content: "Suppose a company wants to deploy Azure Web Application Firewall to protect a web application that accepts user data from a form. Which of the following best describes how Azure Web Application Firewall protects the app?"
-    choices:
-    - content: "Custom rules"
-      isCorrect: false
-      explanation: "Incorrect. A custom rule is a user-defined firewall rule that helps protect an app from a threat not covered by the managed rules offered by Azure Web Application Firewall."
-    - content: "Remote file inclusion"
-      isCorrect: false
-      explanation: "Incorrect. Remote file inclusion is an exploit where an attacker sends the server specially configured text that passes a remote file to a script's `include` statement."
-    - content: "Sanitizing input"
-      isCorrect: true
-      explanation: "Correct. Sanitizing input refers to removing or disabling dangerous text elements of user-generated input."
-  - content: "Suppose a company wants to deploy a web app and is trying to decide whether to use in-house developers to code against common exploits. Which of the following scenarios isn't an argument in favor of using Azure Web Application Firewall?" 
-    choices:
-    - content: "Your web app includes user accounts and stores sensitive or proprietary data."
-      isCorrect: false
-      explanation: "Incorrect. User credentials, sensitive personal information, and proprietary company data are coveted by malicious users, so Azure Web Application Firewall is a good choice for protecting that data."
-    - content: "Your web app is made available to employees, customers, and vendors using a private network connection."
-      isCorrect: true
-      explanation: "Correct. Private access to the virtual network where the web app resides means that app traffic never goes over the public internet. There is no need to protect the app against common web exploits."
-    - content: "Your web app development team lacks security expertise, time, and money."
-      isCorrect: false
-      explanation: "Incorrect. A lack of expertise, time, and money can prevent your team from covering all possible exploits, which can leave your app vulnerable. Azure Web Application Firewall protects against all OWASP exploits and can be deployed quickly and cost-effectively."
-
+### YamlMime:ModuleUnit
+uid: learn.introduction-azure-web-application-firewall.5-knowledge-check
+title: Module assessment
+metadata:
+  title: Module assessment
+  description: Check your knowledge.
+  ms.date: 05/01/2025
+  author: vhorne
+  ms.author: victorh
+  ms.topic: unit
+durationInMinutes: 4
+content: |
+  [!include[](includes/5-knowledge-check.md)]
+quiz:
+  title: Check your knowledge
+  questions:
+  - content: "Suppose a company wants to stop threat actors from submitting malicious requests to a web app. Which of the following Azure Web Application Firewall modes should the company use?"
+    choices:
+    - content: "Detection"
+      isCorrect: false
+      explanation: "Incorrect. Detection mode only logs a rule violation. It doesn't stop a request from being submitted."
+    - content: "Prevention"
+      isCorrect: true
+      explanation: "Correct. Prevention mode not only logs a rule violation, but it also stops the request from being submitted to the web app."
+    - content: "Exclusions"
+      isCorrect: false
+      explanation: "Incorrect. Exclusions are an Azure Web Application Firewall feature that enables you to ignore specified HTTP/HTTPS request attributes."
+  - content: "Suppose a company wants to deploy Azure Web Application Firewall to protect a web application that accepts user data from a form. Which of the following best describes how Azure Web Application Firewall protects the app?"
+    choices:
+    - content: "Custom rules"
+      isCorrect: false
+      explanation: "Incorrect. A custom rule is a user-defined firewall rule that helps protect an app from a threat not covered by the managed rules offered by Azure Web Application Firewall."
+    - content: "Remote file inclusion"
+      isCorrect: false
+      explanation: "Incorrect. Remote file inclusion is an exploit where an attacker sends the server specially configured text that passes a remote file to a script's `include` statement."
+    - content: "Sanitizing input"
+      isCorrect: true
+      explanation: "Correct. Sanitizing input refers to removing or disabling dangerous text elements of user-generated input."
+  - content: "Suppose a company wants to deploy a web app and is trying to decide whether to use in-house developers to code against common exploits. Which of the following scenarios isn't an argument in favor of using Azure Web Application Firewall?" 
+    choices:
+    - content: "Your web app includes user accounts and stores sensitive or proprietary data."
+      isCorrect: false
+      explanation: "Incorrect. User credentials, sensitive personal information, and proprietary company data are coveted by malicious users, so Azure Web Application Firewall is a good choice for protecting that data."
+    - content: "Your web app is made available to employees, customers, and vendors using a private network connection."
+      isCorrect: true
+      explanation: "Correct. Private access to the virtual network where the web app resides means that app traffic never goes over the public internet. There is no need to protect the app against common web exploits."
+    - content: "Your web app development team lacks security expertise, time, and money."
+      isCorrect: false
+      explanation: "Incorrect. A lack of expertise, time, and money can prevent your team from covering all possible exploits, which can leave your app vulnerable. Azure Web Application Firewall protects against all OWASP exploits and can be deployed quickly and cost-effectively."
+

learn-pr/azure-networking/introduction-azure-web-application-firewall/6-summary.yml

@@ -1,14 +1,14 @@
-### YamlMime:ModuleUnit
-uid: learn.introduction-azure-web-application-firewall.6-summary
-title: Summary
-metadata:
-  title: Summary
-  description: Summary.
-  ms.date: 02/14/2024
-  author: vhorne
-  ms.author: victorh
-  ms.topic: unit
-durationInMinutes: 2
-content: |
-  [!include[](includes/6-summary.md)]
-
+### YamlMime:ModuleUnit
+uid: learn.introduction-azure-web-application-firewall.6-summary
+title: Summary
+metadata:
+  title: Summary
+  description: Summary.
+  ms.date: 05/01/2025
+  author: vhorne
+  ms.author: victorh
+  ms.topic: unit
+durationInMinutes: 2
+content: |
+  [!include[](includes/6-summary.md)]
+

learn-pr/azure-networking/introduction-azure-web-application-firewall/index.yml

@@ -1,49 +1,49 @@
-### YamlMime:Module
-uid: introduction-azure-web-application-firewall
-metadata:
-  title: "Introduction to Azure Web Application Firewall"
-  description: Describe how Azure Web Application Firewall protects Azure web applications from common attacks, including its features, how it's deployed, and its common use cases.
-  manager: kumud
-  ms.date: 02/14/2024
-  author: vhorne
-  ms.author: victorh
-  ms.topic: module-intro-to-product
-  ms.service: azure-web-application-firewall
-title: "Introduction to Azure Web Application Firewall"
-summary: Describe how Azure Web Application Firewall protects Azure web applications from common attacks, including the features, how it's deployed, and common use cases.
-abstract: |
-  After completing this module, you'll be able to:
-  - Explain how Azure Web Application Firewall works to protect Azure web apps from known threats. 
-  - Evaluate whether Azure Web Application Firewall is the right solution to protect your Azure web apps from malicious exploits. 
-  - Identify and describe use cases for Azure Web Application Firewall.  
-prerequisites: |
-  To get the best learning experience from this module, you should have: 
-  - Beginner-level knowledge of Azure, including Azure virtual networks, Azure App Service, Azure Front Door, and Azure Application Gateway. 
-  - Beginner-level knowledge of networking, including IP addresses, HTTP/HTTPS request parameters, and HTTP request methods. 
-  - Beginner-level knowledge of cloud computing, including availability and web applications.  
-iconUrl: /training/achievements/introduction-to-azure-web-application-firewall.svg
-ratingEnabled: true
-levels:
-- beginner
-roles:
-- administrator
-- developer
-- devops-engineer
-- security-engineer
-- solution-architect
-- technology-manager
-products:
-- azure-web-application-firewall
-subjects:
-- cloud-computing
-- cloud-security
-units:
-- learn.introduction-azure-web-application-firewall.1-introduction
-- learn.introduction-azure-web-application-firewall.2-what-is-azure-web-application-firewall
-- learn.introduction-azure-web-application-firewall.3-how-azure-web-application-firewall-works
-- learn.introduction-azure-web-application-firewall.4-when-to-use-azure-web-application-firewall
-- learn.introduction-azure-web-application-firewall.5-knowledge-check
-- learn.introduction-azure-web-application-firewall.6-summary
-badge:
-  uid: learn.introduction-azure-web-application-firewall.badge
-
+### YamlMime:Module
+uid: introduction-azure-web-application-firewall
+metadata:
+  title: "Introduction to Azure Web Application Firewall"
+  description: Describe how Azure Web Application Firewall protects Azure web applications from common attacks, including its features, how it's deployed, and its common use cases.
+  manager: kumud
+  ms.date: 05/01/2025
+  author: vhorne
+  ms.author: victorh
+  ms.topic: module-intro-to-product
+  ms.service: azure-web-application-firewall
+title: "Introduction to Azure Web Application Firewall"
+summary: Describe how Azure Web Application Firewall protects Azure web applications from common attacks, including the features, how it's deployed, and common use cases.
+abstract: |
+  After completing this module, you'll be able to:
+  - Explain how Azure Web Application Firewall works to protect Azure web apps from known threats. 
+  - Evaluate whether Azure Web Application Firewall is the right solution to protect your Azure web apps from malicious exploits. 
+  - Identify and describe use cases for Azure Web Application Firewall.  
+prerequisites: |
+  To get the best learning experience from this module, you should have: 
+  - Beginner-level knowledge of Azure, including Azure virtual networks, Azure App Service, Azure Front Door, and Azure Application Gateway. 
+  - Beginner-level knowledge of networking, including IP addresses, HTTP/HTTPS request parameters, and HTTP request methods. 
+  - Beginner-level knowledge of cloud computing, including availability and web applications.  
+iconUrl: /training/achievements/introduction-to-azure-web-application-firewall.svg
+ratingEnabled: true
+levels:
+- beginner
+roles:
+- administrator
+- developer
+- devops-engineer
+- security-engineer
+- solution-architect
+- technology-manager
+products:
+- azure-web-application-firewall
+subjects:
+- cloud-computing
+- cloud-security
+units:
+- learn.introduction-azure-web-application-firewall.1-introduction
+- learn.introduction-azure-web-application-firewall.2-what-is-azure-web-application-firewall
+- learn.introduction-azure-web-application-firewall.3-how-azure-web-application-firewall-works
+- learn.introduction-azure-web-application-firewall.4-when-to-use-azure-web-application-firewall
+- learn.introduction-azure-web-application-firewall.5-knowledge-check
+- learn.introduction-azure-web-application-firewall.6-summary
+badge:
+  uid: learn.introduction-azure-web-application-firewall.badge
+