You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- content: Which of the following Azure Application Gateway features can protect web applications against SQL injection attacks?
19
-
choices:
20
-
- content: Health probes
21
-
isCorrect: false
22
-
explanation: Incorrect. Health probes allow the application gateway to determine which hosts in the back-end pool are no longer responding.
23
-
- content: TLS/SSL termination
24
-
isCorrect: false
25
-
explanation: Incorrect. TLS/SSL termination offloads the encryption and decryption operations of TLS/SSL onto the application gateway.
26
-
- content: Web application firewall
27
-
isCorrect: true
28
-
explanation: Correct. A web application firewall allows you to protect against SQL injection and other attacks.
29
-
- content: You have a back-end pool made up of four Azure infrastructure as a service (IaaS) virtual machines. Occasionally, one or more of these virtual machines might become temporarily unresponsive. You want to ensure that Application Gateway doesn't forward traffic to an unresponsive virtual machine, even if you're unaware that a problem exists. Which Application Gateway feature can prevent traffic from forwarding to an unresponsive virtual machine?
30
-
choices:
31
-
- content: Health probes
32
-
isCorrect: true
33
-
explanation: Correct. Health probes allow the application gateway to determine which hosts in the back-end pool are no longer responding.
34
-
- content: Web application firewall
35
-
isCorrect: false
36
-
explanation: Incorrect. A web application firewall allows you to protect against SQL injection and other attacks.
37
-
- content: Connection draining
38
-
isCorrect: false
39
-
explanation: Incorrect. Connection draining allows you to deregister an instance in a back-end pool so that it doesn't receive any new traffic. It doesn't detect whether an instance in the back-end pool is unresponsive.
40
-
- content: You have a back-end pool made up of eight Azure IaaS virtual machines. You need to install a new framework on each of these virtual machines. You don't want the virtual machine to participate in the back-end pool while you do this maintenance operation. You want to stop new connections from occurring on the VM that you're doing maintenance on, and you also want to allow any existing connections that are present to complete naturally. Which of the following Azure Application Gateway features can you use to accomplish this goal?
41
-
choices:
42
-
- content: Session affinity
43
-
isCorrect: false
44
-
explanation: Incorrect. Session affinity ensures that the same back-end pool host always serves a client connection to a web application.
45
-
- content: Connection draining
46
-
isCorrect: true
47
-
explanation: Correct. Connection draining allows you to deregister an instance in a back-end pool so that it doesn't receive any new traffic. Connection draining is useful in maintenance scenarios during which you want to gracefully remove traffic from a node.
48
-
- content: Health probes
49
-
isCorrect: false
50
-
explanation: Incorrect. Health probes allow the application gateway to determine which hosts in the back-end pool are no longer responding.
- content: Which of the following Azure Application Gateway features can protect web applications against SQL injection attacks?
19
+
choices:
20
+
- content: Health probes
21
+
isCorrect: false
22
+
explanation: Incorrect. Health probes allow the application gateway to determine which hosts in the back-end pool are no longer responding.
23
+
- content: TLS/SSL termination
24
+
isCorrect: false
25
+
explanation: Incorrect. TLS/SSL termination offloads the encryption and decryption operations of TLS/SSL onto the application gateway.
26
+
- content: Web application firewall
27
+
isCorrect: true
28
+
explanation: Correct. A web application firewall allows you to protect against SQL injection and other attacks.
29
+
- content: You have a back-end pool made up of four Azure infrastructure as a service (IaaS) virtual machines. Occasionally, one or more of these virtual machines might become temporarily unresponsive. You want to ensure that Application Gateway doesn't forward traffic to an unresponsive virtual machine, even if you're unaware that a problem exists. Which Application Gateway feature can prevent traffic from forwarding to an unresponsive virtual machine?
30
+
choices:
31
+
- content: Health probes
32
+
isCorrect: true
33
+
explanation: Correct. Health probes allow the application gateway to determine which hosts in the back-end pool are no longer responding.
34
+
- content: Web application firewall
35
+
isCorrect: false
36
+
explanation: Incorrect. A web application firewall allows you to protect against SQL injection and other attacks.
37
+
- content: Connection draining
38
+
isCorrect: false
39
+
explanation: Incorrect. Connection draining allows you to deregister an instance in a back-end pool so that it doesn't receive any new traffic. It doesn't detect whether an instance in the back-end pool is unresponsive.
40
+
- content: You have a back-end pool made up of eight Azure IaaS virtual machines. You need to install a new framework on each of these virtual machines. You don't want the virtual machine to participate in the back-end pool while you do this maintenance operation. You want to stop new connections from occurring on the virtual machine that you're doing maintenance on. You also want to allow any existing connections that are present to complete naturally. Which of the following Azure Application Gateway features can you use to accomplish this goal?
41
+
choices:
42
+
- content: Session affinity
43
+
isCorrect: false
44
+
explanation: Incorrect. Session affinity ensures that the same back-end pool host always serves a client connection to a web application.
45
+
- content: Connection draining
46
+
isCorrect: true
47
+
explanation: Correct. Connection draining allows you to deregister an instance in a back-end pool so that it doesn't receive any new traffic. Connection draining is useful in maintenance scenarios during which you want to gracefully remove traffic from a node.
48
+
- content: Health probes
49
+
isCorrect: false
50
+
explanation: Incorrect. Health probes allow the application gateway to determine which hosts in the back-end pool are no longer responding.
Copy file name to clipboardExpand all lines: learn-pr/azure/intro-to-azure-application-gateway/includes/1-introduction.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,10 +4,10 @@ Adatum is a new and expanding online commerce store that sells industrial drones
4
4
5
5
To meet your goals, you need to ensure that the Azure service replicates the functionality that the special hardware currently provides. Important functionality that must be present in the replacement service includes:
6
6
7
-
- Detect if one of the on-premises servers becomes unavailable so that traffic is no longer directed to it
8
-
- TLS termination functionality to reduce the amount of CPU capacity consumed by encryption and decryption operations
9
-
- Session affinity to ensure that the same back-end pool host always serves a client connection to a web application
10
-
- Security filtering of malicious traffic such as SQL injection and cross site scripting attacks
7
+
- Detect if one of the on-premises servers becomes unavailable so that traffic is no longer directed to it.
8
+
- TLS (Transport Layer Security) termination functionality to reduce the amount of CPU capacity consumed by encryption and decryption operations.
9
+
- Session affinity to ensure that the same back-end pool host always serves a client connection to a web application.
10
+
- Security filtering of malicious traffic such as SQL injection and cross site scripting attacks.
11
11
12
12
This module explains what Azure Application Gateway does, how it works, and when you should choose to use Azure Application Gateway as a solution to meet your organization’s needs.
Copy file name to clipboardExpand all lines: learn-pr/azure/intro-to-azure-application-gateway/includes/3-how-azure-application-gateway-works.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ Azure Application Gateway has a series of components that combine to securely ro
8
8
9
9
## Load balancing in Application Gateway
10
10
11
-
Application Gateway automatically load balances the requests sent to the servers in each back-end pool using a round-robin mechanism. Load-balancing works with the OSI Layer 7 routing implemented by Application Gateway routing, which means that it load balances requests based on the routing parameters (host names and paths) used by the Application Gateway rules. In comparison, other load balancers, such as Azure Load Balancer, function at the OSI Layer 4 level and distribute traffic based on the IP address of the target of a request.
11
+
Application Gateway uses a round-robin mechanism to automatically load balance the requests sent to the servers in each back-end pool. Load-balancing works with the Open Systems Interconnection (OSI) Layer 7 routing implemented by Application Gateway routing, which means that it load balances requests based on the routing parameters (host names and paths) used by the Application Gateway rules. In comparison, other load balancers, such as Azure Load Balancer, function at the OSI Layer 4 level and distribute traffic based on the IP address of the target of a request.
12
12
13
13
You can configure session stickiness if you need to ensure that all requests for a client in the same session are routed to the same server in a back-end pool.
14
14
@@ -45,7 +45,7 @@ Path-based routing sends requests with different URL paths to different pools of
45
45
46
46
### Multiple-site routing
47
47
48
-
Multiple-site routing configures more than one web application on the same Application Gateway instance. In a multi-site configuration, you register multiple DNS names (CNAMEs) for the IP address of the application gateway, specifying the name of each site. Application Gateway uses separate listeners to wait for requests for each site. Each listener passes the request to a different rule, which can route the requests to servers in a different back-end pool. For example, you could direct all requests for `http://contoso.com` to servers in one back-end pool, and requests for `http://fabrikam.com` to another back-end pool. The following diagram shows this configuration:
48
+
Multiple-site routing configures more than one web application on the same Application Gateway instance. In a multi-site configuration, you register multiple domain name system names (CNAMEs) for the IP address of the application gateway, specifying the name of each site. Application Gateway uses separate listeners to wait for requests for each site. Each listener passes the request to a different rule, which can route the requests to servers in a different back-end pool. For example, you could direct all requests for `http://contoso.com` to servers in one back-end pool, and requests for `http://fabrikam.com` to another back-end pool. The following diagram shows this configuration:
49
49
50
50
:::image type="content" source="../images/multi-site-routing.png" alt-text="Diagram that depicts multi-site routing in Azure Application Gateway." border="false":::
51
51
@@ -79,4 +79,4 @@ Application Gateway supports autoscaling, and can scale up or down based on chan
79
79
80
80
## WebSocket and HTTP/2 traffic
81
81
82
-
Application Gateway provides native support for the WebSocket and HTTP/2 protocols. The WebSocket and HTTP/2 protocols enable full duplex communication between a server and a client over a long-running TCP connection. This type of communication is more interactive between the web server and the client, and can be bidirectional without the need for polling as required in HTTP-based implementations. These protocols have low overhead (unlike HTTP) and can reuse the same TCP connection for multiple request/responses resulting in a more efficient resource utilization. These protocols are designed to work over traditional HTTP ports of 80 and 443.
82
+
Application Gateway provides native support for the WebSocket and HTTP/2 protocols. The WebSocket and HTTP/2 protocols enable full duplex communication between a server and a client over a long-running Transmission Control Protocol (TCP) connection. This type of communication is more interactive between the web server and the client, and can be bidirectional without the need for polling as required in HTTP-based implementations. These protocols have low overhead (unlike HTTP) and can reuse the same TCP connection for multiple request/responses resulting in a more efficient resource utilization. These protocols are designed to work over traditional HTTP ports of 80 and 443.
Copy file name to clipboardExpand all lines: learn-pr/azure/intro-to-azure-application-gateway/includes/4-when-to-use-azure-application-gateway.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,4 +1,4 @@
1
-
Azure Application Gateway can meet your organization’s needs for the following reasons:
1
+
Azure Application Gateway can meet your organization’s needs for the following reasons:
2
2
3
3
- Azure Application Gateway routing allows traffic to be directed from an endpoint in Azure to a back-end pool made up of servers running in Adatum’s on-premises datacenter. The health-probe functionality of Azure Application Gateway ensures that traffic isn't being directed to any server that becomes unavailable.
4
4
- Azure Application Gateway TLS termination functionality reduces the amount of CPU capacity that servers in the back-end pool allocate to encryption and decryption operations.
0 commit comments