Microsoft Cybersecurity Architect Expert SC-100
Your company operates both an on-premises network and an Azure subscription, but currently lacks a Site-to-Site VPN or an ExpressRoute connection between the two. You are responsible for designing the security standards for Azure App Service web apps that need to access Microsoft SQL Server databases hosted on the on-premises network. Your objective is to recommend security standards ensuring that these web apps can securely access the databases while minimizing the number of internet-accessible endpoints on the on-premises network. What should be included in your recommendation?
Exam-Like
A
virtual network NAT gateway integration
B
hybrid connections
C
virtual network integration
D
a private endpoint
Explanation:
Hybrid Connections can connect Azure App Service Web Apps to on-premises resources that use a static TCP port. Supported resources include Microsoft SQL Server, MySQL, HTTP Web APIs, Mobile Services, and most custom Web Services. Hybrid Connections provide a secure way to connect Azure App Service web apps to on-premises databases, minimizing the number of open internet-accessible endpoints. This is achieved by installing the Hybrid Connection Manager on a server in the on-premises network, which establishes a secure tunnel to Azure using TCP ports 80/443.