Secure networking Questions
Practice questions for Secure networking topic in Microsoft Certified: Azure Security Engineer Associate. 48 questions covering this domain.
A user creates a private endpoint to a resource they don't own and selects manual approval. The endpoint shows Pending. Which statement is correct?
Your organization uses Azure Virtual Network Manager security admin rules. What happens when traffic matches an Always allow security admin rule?
An Application Gateway WAF policy is running in prevention mode with OWASP anomaly scoring. A single matched rule has severity Critical. What is the e...
Two inbound network security group rules match the same traffic. Which rule is processed first?
A subnet is granted access to an Azure Storage account by using a virtual network service endpoint. How does the source IP appear to the storage servi...
A private endpoint is configured for an Azure service, but clients still resolve the service's public IP address. What should you change?
Which Azure Firewall SKU adds signature-based intrusion detection and prevention?
You need protection against a volumetric Layer 3 or Layer 4 attack and also protection against Layer 7 web exploits. Which combination should you depl...
A private endpoint connection was created by using manual approval. Which connection status must the endpoint reach before it can send traffic to the ...
You need to determine which route Azure will use from a VM to a specific destination IP. Which Azure Network Watcher tool should you use?
A newly deployed Application Gateway WAF should log attacks but avoid blocking legitimate traffic until tuning is complete. Which mode should be used ...
A regulated workload must keep all PaaS connectivity off the public internet, including DNS resolution from on-prem. Which design element is required ...
An architect needs east-west traffic between on-prem and many spoke VNets to traverse a centralized firewall through ExpressRoute, while spoke-to-spok...
An architect must inspect spoke-to-spoke traffic in a hub-and-spoke topology with a centralized Azure Firewall. Which configuration is required?
A team must view all NSG rules applied to a NIC across subnet and NIC NSGs and identify why a connection is failing. Which Network Watcher tool gives ...
A web application is exposed via Azure Front Door, but the origin App Service must accept traffic only from Front Door. Which controls together implem...
Which Azure service provides centralized management of routing, security, and connectivity across many regional virtual hubs?
Which Azure Bastion SKU supports IP-based connection to on-prem or non-Azure VMs and shareable links?
Which Azure Firewall feature lets you write FQDN-based application rules for outbound HTTPS traffic without TLS termination, but with TLS inspection i...
Which Azure DDoS Protection tier provides volumetric and protocol attack mitigation tuned to specific public IP resources, with traffic analytics and ...
Sign in to see all 48 questions
Create a free account to browse all questions — completely free during our launch phase.