Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

Your company hosts a mission-critical e-commerce site on Azure VMs behind a Standard SKU public load balancer in a virtual network named prod-vnet. A 300-Gbps UDP flood previously forced the service offline. Management requires a solution that will automatically mitigate similar Layer 3/4 attacks, provide a financial guarantee and Rapid Response support, and surface near real-time mitigation metrics in Azure Monitor. What should you do?

  • Enable Azure DDoS Protection Standard on prod-vnet and associate it with the existing public IP addresses.

  • Rely on the built-in Azure DDoS Protection Basic and create Azure Monitor alert rules on network throughput.

  • Replace the load balancer with Azure Front Door Standard and enable a WAF policy.

  • Deploy an Azure Application Gateway v2 with Web Application Firewall in front of the load balancer.

Microsoft Azure Security Engineer Associate AZ-500
Secure networking
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot