Practice Test 1 | Microsoft Azure Security Technologies | AZ-500 | Dumps | Mock Test
View Case Study
The web application needs to be configured for mutual authentication. Which of the following actions need to be performed for this requirement? Choose two answers from the options given below.
A. Upload public certificate to the web application.
B. Enable the HTTPS only setting for the web application.
C. Set the Minimum TLS version protocol setting to 1.2.
D. Turn on the Incoming client certificates protocol setting for the web application.
In this question, we must decide regarding the actions we must take to enable a web application for mutual authentication.
Answer -– C and D
Option C is correct, because for mutual authentication, we need to Set the Minimum TLS version protocol setting to 1.2.
Option D is correct because for mutual authentication, we need to turn on the incoming client certificates protocol setting for the web application
Option A is incorrect, since having a public certificate is not a secure practice.
Option B is incorrect, since the requirement of the case study is to allow communication to the web application on both HTTP and HTTPS.
Explanation:
You can restrict access to your Azure App Service app by enabling different types of authentications for it. One way to do it is to request a client certificate when the client request is over TLS/SSL and validate the certificate. This mechanism, is called TLS mutual authentication or client certificate authentication.
For details, please refer the following link:
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-configure-tls-mutual-auth
Comments are closed, but trackbacks and pingbacks are open.