Challenge - 5 Problems

🎖️

Cloud Connection Master

Get all challenges correct to earn this badge!

Test your skills under time pressure!

❓ service_behavior

intermediate

2:00remaining

How does Azure App Service connect to an Azure SQL Database securely?

You have an Azure App Service and an Azure SQL Database in the same subscription. You want the app to connect securely without exposing the database to the public internet. What is the behavior of the connection when you enable Private Endpoint on the SQL Database?

AThe App Service cannot connect to the SQL Database once Private Endpoint is enabled unless you use a VPN.

BThe App Service connects over the public internet using the database's public IP address.

CThe App Service connects through the Azure backbone network using the Private Endpoint IP, avoiding the public internet.

DThe App Service connects using a shared access signature token over HTTP.

Attempts:

2 left

❓ Architecture

intermediate

2:00remaining

Choosing the best connection method for an on-premises app to Azure Storage

You have an application running on-premises that needs to connect to Azure Blob Storage. You want to minimize latency and secure the connection without exposing storage to the public internet. Which architecture option achieves this?

AConnect over the internet using the storage account's public endpoint with HTTPS.

BUse Azure ExpressRoute with a private peering connection to access the storage account's private endpoint.

CConnect via VPN to Azure and use the storage account's public endpoint.

DUse Azure CDN to cache blobs and connect to the CDN endpoint over the internet.

Attempts:

2 left

❓ security

advanced

2:00remaining

What happens if you configure an Azure SQL Database firewall rule to allow all IP addresses (0.0.0.0 - 255.255.255.255)?

You set the Azure SQL Database server firewall rule to allow all IP addresses (0.0.0.0 to 255.255.255.255). What is the security impact and connection behavior?

AThe database accepts connections from any IP address, increasing exposure to attacks.

BThe database only accepts connections from Azure services but blocks external IPs.

CThe database rejects all connections because 0.0.0.0 is invalid as a start IP.

DThe database requires VPN connections despite the firewall rule.

Attempts:

2 left

✅ Best Practice

advanced

2:00remaining

Which method is best to connect an Azure Function to a private Azure Cosmos DB account securely?

You have an Azure Function and an Azure Cosmos DB account configured with a private endpoint in a virtual network. What is the best way for the function to connect securely to Cosmos DB?

AUse a shared access signature token over HTTP to connect to Cosmos DB.

BUse the Cosmos DB public endpoint with a connection string containing the primary key.

CExpose Cosmos DB to the internet temporarily during function execution.

DEnable the function to run inside the same virtual network using VNet integration and connect via the private endpoint IP.

Attempts:

2 left

🧠 Conceptual

expert

2:00remaining

What is the effect of enabling 'Allow trusted Microsoft services to access this resource' on an Azure Storage account firewall?

You enable the option 'Allow trusted Microsoft services to access this resource' on an Azure Storage account firewall. Which of the following describes the connection behavior?

AOnly Azure services marked as trusted can bypass the firewall and connect to the storage account.

BAll internet traffic is allowed to connect to the storage account regardless of firewall rules.

COnly services in the same subscription can connect, others are blocked.

DThe storage account disables all firewall rules and becomes publicly accessible.

Attempts:

2 left