You need to configure an Azure solution that meets the following requirements:
✑ Secures websites from attacks
✑ Generates reports that contain details of attempted attacks
What should you include in the solution?
You need to configure an Azure solution that meets the following requirements:
✑ Secures websites from attacks
✑ Generates reports that contain details of attempted attacks
What should you include in the solution?
Azure Firewall is suitable for securing websites from various types of attacks beyond just Distributed Denial of Service (DDoS) attacks. It acts as a barrier that controls both inbound and outbound traffic based on configured rules, preventing unauthorized access and blocking malicious traffic. Additionally, Azure Firewall provides logging and monitoring capabilities, allowing the generation of detailed reports on attempted attacks, which meets the requirement of gaining insights into attack attempts.
Attack is the Key word for DDOS. Rules is keyword for Firewall. Allow/Deny is the Keyword for NSG
very good tip
Thanks I had confusion with Firewall and NSG
Firewall and NSG BOTH Allow/Deny. The difference between them is (mainly among other things) : FIREWALL = acts as a defence in depth PERIMETER (OUTSIDE the virtual network) filter = between a virtual network and the outside world NSG : acts as a defence in depth NETWORK/SUBNET (INSIDE/WITHIN the virtual network filter) = at the resources level Please correct me if I am wrong. https://docs.microsoft.com/en-us/learn/modules/secure-network-connectivity-azure/
This is the comment!!!. Thanks for the info
This is the comment!!!. Thanks for the info
Azure Firewall doesn't protect from attacks, only filter traffic at layer 3 and layer 7, so DDoS is the correct answer.
Thanks!!
Does ddos protect from a sql injection attack? Would you not call that an attack? Me thinks not. Another ambiguous MS question.
https://docs.microsoft.com/en-us/azure/virtual-network/ddos-protection-overview Resource (application) layer attacks: These attacks target web application packets, to disrupt the transmission of data between hosts. The attacks include HTTP protocol violations, SQL injection, cross-site scripting, and other layer 7 attacks. Use a Web Application Firewall, such as the Azure Application Gateway web application firewall, as well as DDoS Protection Standard to provide defense against these attacks. There are also third-party web application firewall offerings available in the Azure Marketplace.
Quoting..."Use a Web Application Firewall, ..., as well as DDoS Protection Standard to provide defense against these attacks" so both are used in defense hence both are right answers.
Web Application Firewall and Azure Firewall are not same products. WAF is included in Azure Application Gateway. https://docs.microsoft.com/en-us/learn/modules/secure-network-connectivity-azure/3-protect-network-azure-firewall
Web Application Firewall and Azure Firewall are not same products. WAF is included in Azure Application Gateway. https://docs.microsoft.com/en-us/learn/modules/secure-network-connectivity-azure/3-protect-network-azure-firewall
Quoting..."Use a Web Application Firewall, ..., as well as DDoS Protection Standard to provide defense against these attacks" so both are used in defense hence both are right answers.
Web Application Firewall and Azure Firewall are not same products. WAF is included in Azure Application Gateway. https://docs.microsoft.com/en-us/learn/modules/secure-network-connectivity-azure/3-protect-network-azure-firewall
Web Application Firewall and Azure Firewall are not same products. WAF is included in Azure Application Gateway. https://docs.microsoft.com/en-us/learn/modules/secure-network-connectivity-azure/3-protect-network-azure-firewall
Why in comment you guys always confuse???
The question states : What should you include in the solution? So, it's not the complete solution. DDOS protection does most of the things demanded. In a complete solution you would combine it with Azure Application Gateway Web Application Firewall
Why is the answer DDOS? Would it be Firewall? Firewall and DDOS both sends events to Azure Monitor.
Azure firewall dont protect against attacks
I read somewhere that firewall protects from sql injection which I beleive is a type of attack.
I agree, also believe both are right answers.
I read somewhere that firewall protects from sql injection which I beleive is a type of attack.
It's important to remember that Azure firewall provide protection for non-HTTPS traffic. If your website is public facing, you should have HTTPS enabled, which means that DDos, along with WAF, will be used to secure your website
Imo it should be AD, because it is not specified in question what kind of attack it is. And FW by closing unused ports will increase security as well. It is not specified how this web app is running. On VM? As a service?
Got this in 5/11/21 exam
https://docs.microsoft.com/en-us/azure/virtual-network/ddos-protection-overview
Tricky question. When searching documentation, Firewall doesn't mention anything about reports (it makes logs though). DDOS protection mentions "reports."
DD0S=attack
DD0S=attack
Keyword here is websites, that is virtually the only thing that DDOs can really affect since it's public facing. A firewall wont help here
Answer la correct because azure firewall dont protect again advanced attacks. Only D answer can have some protection against web attacks
Firewalls prevent attacks from the internet by not allowing malicious traffic through. DDOS is a specific type of attack. Denial of service are actual connections from many bogus sources so this is not picked up by the firewall. Because there are so many bogus sources the device is overwhelmed and is not able to handle real connections. In a real solution both of these are required. If you only have money for one of these than a Firewall is the first purchase.
The Keywords is "Generates reports". so, the most suitable answer is D.
I was 50/50 between A and D, I chose A
DDoS protection is correct answer
Think the same, D answer is correct. Why? https://docs.microsoft.com/en-us/azure/ddos-protection/ddos-protection-overview https://docs.microsoft.com/en-us/azure/ddos-protection/diagnostic-logging?tabs=DDoSProtectionNotifications
The correct answer is D. As per the following link "https://docs.microsoft.com/en-us/azure/ddos-protection/ddos-protection-overview", we can see that the chart states that DDoS supports 'Mitigation reports'. Furthermore, for those we do not know the definition of DDoS, the first line of this link states: 'A DDoS attack attempts to exhaust an application's resources, making the application unavailable to legitimate users."
Azure firewall can't act as a WAF and protect against attacks??
It can but it doesn't generate reports as stated which DDoS does
It can't according to the documentation https://docs.microsoft.com/en-us/learn/modules/secure-network-connectivity-azure/3-protect-network-azure-firewall
Ddos can protect your data from an hacker. It only protects you from ddos
Azure DDoS Protection protects from various types of DDoS attacks: https://docs.microsoft.com/en-us/azure/virtual-network/ddos-protection-overview#types-of-ddos-attacks-that-ddos-protection-standard-mitigates DDoS Protection Standard can also generate reports. Azure Firewall is mostly used to filter and log traffic: https://docs.microsoft.com/en-us/azure/firewall/firewall-faq#what-capabilities-are-supported-in-azure-firewall
Keyword is "Attack"
correct Ans is Azure Advanced Threat Protection.
Keyword: Attack - Firewall cant protect the attack the only option we have is DDOS
D is correct
Why the answer is DDOS ??
ANS IS A WAF protects you cross site scripting and malicious attack. you can place it in front of your web application/server. its a preventing security tool. ddos is a form a threat it is not a preventive tool
D is correct
I do understand how this answer came to be but isn't DDoS automatically enabled on Azure? Would like to know what you guys think. I will accept the answer provided, but the above-mentioned point was bugging me.
DDoS protection is correct
The answer correct is D (DDoS attack)
The answer (DDoS) is incorrect. DDoS is one type of attack (out of hundreds of possible attacks). Azure Firewall should be the correct answer
A: Azure Firewall provides logging and monitoring capabilities, allowing you to generate reports on attempted attacks. It acts as a protective barrier for your websites, preventing unauthorized access and blocking malicious traffic. With Azure Firewall, you can monitor and analyze attempted attacks without the need for any attachments.
Its F DDOS ATTACK
Azure Firewall is a l3-l7 firewall per Microsoft. Layer 7 = app layer = website. Layer 7 firewalls protect Layer 7 with IPS like configs.