Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Litware, Inc. is implementing an Azure architecture that includes App Service web apps and virtual machines (VMs) within various landing zones. As part of this implementation, it is crucial to optimize the connectivity between the Azure VMs and the Azure App Service web apps, ensuring that the traffic remains secure and efficient. Specifically, the goal is to have the VMs in each landing zone communicate with the App Service web apps within the same zone using the Microsoft backbone network, avoiding the use of public endpoints. Given these requirements, what strategy should you recommend to achieve the desired connectivity?
Litware, Inc. is implementing an Azure architecture that includes App Service web apps and virtual machines (VMs) within various landing zones. As part of this implementation, it is crucial to optimize the connectivity between the Azure VMs and the Azure App Service web apps, ensuring that the traffic remains secure and efficient. Specifically, the goal is to have the VMs in each landing zone communicate with the App Service web apps within the same zone using the Microsoft backbone network, avoiding the use of public endpoints. Given these requirements, what strategy should you recommend to achieve the desired connectivity?
Explanation:
The recommended strategy for App Service web app connectivity that meets the landing zone requirements is to use Virtual Network Integration and Private Endpoints. Virtual Network Integration allows the app to access resources in or through a virtual network, ensuring application isolation and security. Private Endpoints ensure that the communication between Azure virtual machines and App Service web apps happens over the Microsoft backbone network, thereby eliminating exposure to public endpoints.