Which three actions should you perform?

You manage an Azure web app in standard service tier at the following address: contoso.azurewebsites.net
Your company has a new domain for the site named www.contoso.com that must be accessible by secure
socket layer(SSL) encryption.
You need to add a custom domain to the Azure web app and assign an SSL certificate.
Which three actions should you perform? Each correct answer presents part of the solution.

A.
Add SSL binding for the www.contosco.com domain with the IP-based SSL option selected.

B.
Create a CNAME record from www.contoso.com to contoso.azurewebsites.net.

C.
Create a new file that will redirect the site to the new URL and upload it to the Azure Web site.

D.
Add SSL binding for the www.contoso.com domain with the server Name indication (SNL)SSL option
selected.

E.
Add www.contoso.com to the list of domain names as a custom domain.

Explanation:
Step 1: When adding a CNAME record, you must set the Host Name field to the sub-domain you wish to use.
For example, www. You must set the Address field to the .azurewebsites.netdomain name of your Azure
Website. For example, contoso.azurwebsites.net.
* Step 2: Modify the service definition and configuration files
Your application must be configured to use the certificate, and an HTTPS endpoint must be added. As a result,
the service definition and service configuration files need to be updated.
* Step 3:
IP based SSL associates a certificate with a domain name by mapping the dedicated public IP address of the
server to the domain name. This requires each domain name (contoso.com,
fabricam.com, etc.) associated with your service to have a dedicated IP address. This is the traditional method
of associating SSL certificates with a web server.

Show Hint

← Previous question

Next question →

Leave a Reply 7

mcjames

I believe the answer is:

BDE.

Question never mentions static IP so D would be more correct than A.

I think its BCD;

B: definitely need a CNAME
C: http://bit.ly/2jKnuKn
D: What mcjames said

tj1

For B

https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-domain
“Map a subdomain (for example, http://www.contoso.com) by using a CNAME record”

For E

You need to add it to the custom domain whether you are buying a new one or using an existing domain
this is the documentaiton for using an existing one ( for example GoDaddy )
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-domain

For D

It took me a while to think about it but mcjames has a valid point to choose D over A

The right ans is B-C-A. D over A is because IP based Key word.

ekramy

definitely it is BDE

Donathon Ong

I chose A. The key is we normally want the website to be as compatible as possible.

In SSL Type, select whether to use Server Name Indication (SNI) or IP-based SSL.

SNI-based SSL – Multiple SNI-based SSL bindings may be added. This option allows multiple SSL certificates to secure multiple domains on the same IP address. Most modern browsers (including Internet Explorer, Chrome, Firefox, and Opera) support SNI (find more comprehensive browser support information at Server Name Indication).
IP-based SSL – Only one IP-based SSL binding may be added. This option allows only one SSL certificate to secure a dedicated public IP address. To secure multiple domains, you must secure them all using the same SSL certificate. This is the traditional option for SSL binding.
The users have to shell out more money when they configure the website to use IP Based SSL. This is very obvious, as this requires a dedicated IP (a resource) to be allocated for the website. This is also an expensive resource. SNI SSL is comparatively cheaper as it doesn’t need a dedicated IP Address. However, it has own limitations as the non-SNI compliant browsers will not be able to access the site.

toast

BDE