Home / Microsoft / AZ-303 / Question 59

Prev Question
Next Question

Question 59

You are implementing a solution that runs in multiple Azure App Service web apps. Each web app is provisioned in a Basic tier App Service Plan. All web traffic to the web app should be routed through an Azure Application Gateway instance. The web app address is named company1.com.

You need to configure the Azure Application Gateway instance, and secure all traffic with Secure Sockets Layer (SSL) with the least administrative efforts.

Which two actions should you perform to meet the requirements? Each correct answer presents part of the solution.





You should enable the Use for App service setting in the Azure Application Gateway's HTTP setting. Since App Service is a multi-tenant service, you need to pass the host header in the incoming request to resolve to the correct App Service endpoint. You must enable this setting to pick the host name from backend address and pass it through the host header. This setting also enables the Create a probe with pick host name from backend address and Pick host name from backend address automatically switches.

You should also add an SSL wildcard certificate for company1.com to the Azure Application Gateway. Azure Application Gateway supports TSL termination at the gateway, offloading the application server to process TLS decryption, and centralizing in one place the certificate management, such as configuring and renew this certificate in the future.

You should not upgrade the web apps to Standard pricing tier. You can use the Basic pricing tier to integrate App Service web apps with Azure Application Gateway or configure custom domains and SSL certificates. You should upgrade to Standard tier if you need to integrate with Azure Traffic Manager to implement a multi-region web application with DSN based traffic-routing.

You should not add an SSL wildcard certificate for company1.com to each web app. You can use the Basic pricing tier to configure custom domains and SSL certificates in the App Service. However, you need to configure the SSL certificate and renew it in the future for each App Service, increasing the administrative efforts.



Load more
Prev Question
Next Question