HOTSPOT
You have an Azure subscription.
You plan to deploy an app that has a web front end and an application tier.
You need to recommend a load balancing solution that meets the following requirements:
✑ Internet to web tier:
– Provides URL-based routing
– Supports connection draining
– Prevents SQL injection attacks
✑ Web tier to application tier:
– Provides port forwarding
– Supports HTTPS health probes
– Supports an availability set as a backend pool
Which load balancing solution should you recommend for each tier? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Answer: Explanation:
Box 1: An Azure Application Gateway that has a web application firewall (WAF) Azure Application Gateway offers a web application firewall (WAF) that provides centralized protection of your web applications from common exploits and vulnerabilities. Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities. SQL injection and cross-site scripting are among the most common attacks.
Application Gateway operates as an application delivery controller (ADC). It offers Secure Sockets Layer (SSL) termination, cookie-based session affinity, round-robin load distribution, content-based routing, ability to host multiple websites, and security enhancements.
Box 2: An internal Azure Standard Load Balancer
The internet to web tier is the public interface, while the web tier to application tier should be internal.
Note: When using load-balancing rules with Azure Load Balancer, you need to specify a health probes to allow Load Balancer to detect the backend endpoint status. Health probes support the TCP, HTTP, HTTPS protocols.
References:
https://docs.microsoft.com/en-us/azure/application-gateway/waf-overview
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-custom-probe-overview
Leave a Reply