What is the primary function of Azure DDoS Protection?

  1. To block all external connections to your network
  2. To manage user access tokens
  3. To encrypt user passwords
  4. To mitigate Distributed Denial of Service attacks and maintain service availability ✓

Correct answer: To mitigate Distributed Denial of Service attacks and maintain service availability

Azure DDoS Protection is designed specifically to detect and mitigate volumetric, protocol, and application-layer Distributed Denial of Service attacks, ensuring that legitimate traffic can still reach Azure-hosted services during an attack. Option D is correct because this service absorbs and scrubs attack traffic while maintaining availability for real users. Option A is incorrect because Azure DDoS Protection does not block all external connections; it selectively mitigates attack traffic while allowing legitimate traffic through. Option B is incorrect because user access token management is handled by Azure Active Directory and related identity services, not DDoS Protection. Option C is incorrect because password encryption is a function of identity and credential management services, not a DDoS mitigation product.

Topic: · azure ddos protection, network security, availability, azure

Practice Microsoft Azure Security Engineer (AZ-500) Questions Free