New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-100 Exam - Topic 9 Question 24 Discussion

Actual exam question for Microsoft's SC-100 exam
Question #: 24
Topic #: 9
[All SC-100 Questions]

You are designing a security strategy for providing access to Azure App Service web apps through an Azure Front Door instance. You need to recommend a solution to ensure that the web apps only allow access through the Front Door instance.

Solution: You recommend access restrictions based on HTTP headers that have the Front Door ID.

Does this meet the goal?

Show Suggested Answer Hide Answer
Suggested Answer: A

https://docs.microsoft.com/en-us/azure/frontdoor/front-door-faq#how-do-i-lock-down-the-access-to-my-backend-to-only-azure-front-door-


by Justine at May 29, 2023, 12:37 AM

Limited Time Offer

25%

Off

Get Premium SC-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Diane
4 months ago
Wait, can headers really be trusted that much?
upvoted 0 times
...
Miesha
4 months ago
Not sure if that's enough protection, honestly.
upvoted 0 times
...
Bettyann
4 months ago
Definitely a yes! Front Door ID is key.
upvoted 0 times
...
Sherron
4 months ago
I think it could work, but what about spoofing?
upvoted 0 times
...
Miles
4 months ago
That sounds like a solid plan!
upvoted 0 times
...
Lonna
5 months ago
I’m leaning towards "No" because I recall that Azure Front Door has specific features for securing access that might be more effective.
upvoted 0 times
...
Tamar
5 months ago
I feel like relying solely on HTTP headers might not be enough. What if someone spoofed the header?
upvoted 0 times
...
Rolf
5 months ago
I remember a practice question where we had to restrict access to a web app, and I think we used IP filtering instead.
upvoted 0 times
...
Kristeen
5 months ago
I think using HTTP headers for access restrictions could work, but I'm not entirely sure if it's foolproof.
upvoted 0 times
...
Susana
5 months ago
I'm a bit confused by this question. I'll need to think through the implications of the DSCI Certified Lead Assessor not being an employee of an Accredited Organization.
upvoted 0 times
...
Murray
5 months ago
Yeah, I practiced a question like this before, and I think the answer was that alerts should still come through.
upvoted 0 times
...
Gracia
5 months ago
I'm leaning towards option C, enabling single sign-on (SSO) from Azure AD Connect. That seems like the most direct way to address the issue of users having to manually enter their passwords when accessing Microsoft 365 apps.
upvoted 0 times
...

Save Cancel