Microsoft Azure Security Engineer Associate AZ-500 Practice Question
Your company is deploying Azure Front Door Standard/Premium in front of an Azure App Service that already listens on HTTPS. A compliance audit requires that every hop is encrypted: traffic from clients to Front Door and from Front Door to the App Service must use TLS, and no clear-text HTTP must be permitted. Which Front Door configuration meets the requirement without changing the application code?
Configure a Private Link origin connection for the App Service backend.
Enable the built-in HTTP-to-HTTPS redirection feature in the App Service.
Attach a Web Application Firewall policy that allows only HTTPS traffic.
Enable HTTPS on the front-end endpoint and set the origin protocol policy for the App Service origin to HTTPS only.
Enabling HTTPS on the front-end endpoint provides TLS encryption between clients and Azure Front Door. Setting the origin protocol policy of the App Service origin to HTTPS only forces Front Door to use TLS when it forwards requests to the backend, preventing any fallback to HTTP. A WAF policy can block or allow requests but does not control the protocol used between Front Door and its origin. Configuring HTTP-to-HTTPS redirection in App Service protects only direct traffic to the site and does not stop Front Door from using HTTP. Using Private Link changes the network path but still allows either HTTP or HTTPS, so it does not by itself guarantee encryption on the second hop.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Azure Front Door's origin protocol policy?
Open an interactive chat with Bash
How does HTTPS ensure data encryption during communication?
Open an interactive chat with Bash
Why doesn't a Web Application Firewall (WAF) control the protocol used by Azure Front Door?
Open an interactive chat with Bash
Microsoft Azure Security Engineer Associate AZ-500
Secure networking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .