🔥 3-day streak
Microsoft Cybersecurity Architect Expert148 / 158
Question 148 of 158
A retail company is migrating a customer-facing web application to Azure App Service (PaaS). The security architect must define baseline requirements that reduce the workload's exposure while following Microsoft's recommended security guidance for web workloads. The application currently uses a connection string with an embedded SQL password stored in the app settings, accepts inbound traffic over both HTTP and HTTPS, and allows connections from any client IP. Which combination of baseline requirements should the architect specify to best harden this web workload?
Reviewed for accuracy · Report an issueNext question