AZ-900 Exam - Question 246

Perimeter layer. Please someone change the answer.

Perimeter layer Same question before this

Saving everyones time from MS - Question # 10 (Multiple Choice) Which defense in depth layer uses distributed denial of service (DDoS) protection? A. Physical security layer B. Perimeter layer C. Network layer D. Application layer Item Description Answer: B Objective: 2.4 Describe Azure identity, access, and security Rationale: The perimeter layer uses distributed denial of service (DDoS) protection to filter large-scale attacks before they can cause a denial of service for users. URL: https://learn.microsoft.com/training/modules/secure-network-connectivity-azure/2-what-is-defense-in-depth

This is a question about Defense in Depth and not The OSI model. In a Defense in depth context DDOS is applied at the Perimeter layer within Azure. The comments about layer 3 and Network are crossing over into where DDoS would sit within the OSI model, which has a "network" layer (1=physical, 2=datalink, 3=network, 4=transport etc). This is a more general network question that you'd expect on a network security exam perhaps, but is not specific to Azure implementation of DDoS

ohhh f im going to get one anwer wrong but its fine. damm micosoft you doing it dirty

Same question and answer as before: Perimeter layer, not network layer.

please do not get confused it is "Perimeter" Layer

Perimeter layer. DDos impletented at perimeter layer

as per Chat GPT: Azure DDoS protection is implemented at the network layer (layer 3 and 4) of the OSI (Open Systems Interconnection) model. This type of protection specifically targets Distributed Denial of Service (DDoS) attacks, which can congest a network or server with a high volume of incoming traffic from multiple sources, making it unavailable to legitimate users. Azure's DDoS protection service monitors network traffic and blocks malicious traffic before it reaches the target network, ensuring that the availability of the network and the resources hosted on it are protected against DDoS attacks.

the correct answer is for sure "Perimeter layer"

DDOS is at the Perimeter Layer: https://learn.microsoft.com/en-us/training/modules/secure-network-connectivity-azure/2-what-is-defense

The given answer is wrong! The correct answer should be "Perimeter layer" because the reference here is to the Defense-in-depth model and not to the OSI model. See the link below under section "Perimeter". https://learn.microsoft.com/en-us/training/modules/describe-azure-identity-access-security/8-describe-defense-depth

Perimeter The network perimeter protects from network-based attacks against your resources. Identifying these attacks, eliminating their impact, and alerting you when they happen are important ways to keep your network secure. At this layer, it's important to: Use DDoS protection to filter large-scale attacks before they can affect the availability of a system for users. Use perimeter firewalls to identify and alert on malicious attacks against your network.

Azure distributed denial of service (DDoS) protection is an example of protection that is implemented at the perimeter layer. Explanation: Based on the context, the perimeter layer refers to the security measures that are implemented at the outermost boundaries of the network, which is where Azure DDoS protection operates. It is designed to protect the network perimeter from large-scale attacks and filter malicious traffic before it affects system availability. This aligns with the general security principle of creating a defensive barrier at the network's edge.

As per Kevin Brown: Perimeter •Use distributed denial of service (DDoS) protection to filter large-scale attacks before they can cause a denial of service for end users. •Use perimeter firewalls to identify and alert on malicious attacks against your network.

"Azure" DDoS Protection protects at layer 3 and layer 4 network layers. For web applications protection at layer 7, you need to add protection at the application layer using a WAF offering. Answer: Networking Layer https://learn.microsoft.com/en-us/azure/ddos-protection/ddos-protection-overview

même Question n° : 232 , couche 3