Microsoft Azure Architect Design (AZ-304) Practice Test

Which Azure solution would ensure the secure management of multiple web applications while minimizing costs?

• A. Azure Application Gateway with WAF
• B. Azure Firewall with NSGs
• C. Basic Load Balancer with security rules
• D. Azure Traffic Manager with health probes

The correct answer is: Azure Application Gateway with WAF

Choosing Azure Application Gateway with Web Application Firewall (WAF) is a strategic decision for ensuring the secure management of multiple web applications while also being cost-effective. The Azure Application Gateway provides an application delivery controller (ADC) as a service, which optimizes web traffic and enables secure connections through features like SSL termination, URL-based routing, and application layer (Layer 7) load balancing. The addition of a Web Application Firewall enhances security by protecting web applications from common threats and vulnerabilities as defined by the OWASP Top 10. This means that while supporting multiple applications, the solution offers dedicated security protocols that conform to best practices, thereby helping to mitigate risks associated with web traffic. Moreover, Azure Application Gateway can scale dynamically according to demand, offering flexibility that minimizes costs through effective resource utilization. Instead of deploying separate security solutions for each application, the WAF provides comprehensive coverage for all applications hosted behind the Gateway, leading to reduced operational complexities and cost savings in both infrastructure and maintenance. In comparison, other options like Azure Firewall with Network Security Groups (NSGs) provide robust security but may involve higher costs and complexity when managing multiple web applications with separate configurations. A Basic Load Balancer lacks the advanced security features required for web application protection. Using Azure Traffic Manager