<< Prev Question Next Question >>
Question 41/71
You have an Azure subscription.
You have a DNS domain named contoso.com that is hosted by a third-party DNS registrar.
Developers use Azure DevOps to deploy web apps to App Service Environments- When a new app is deployed, a CNAME record for the app is registered in contoso.com.
You need to recommend a solution to secure the DNS record tor each web app. The solution must meet the following requirements:
* Ensure that when an app is deleted, the CNAME record for the app is removed also
* Minimize administrative effort.
What should you include in the recommendation?
You have a DNS domain named contoso.com that is hosted by a third-party DNS registrar.
Developers use Azure DevOps to deploy web apps to App Service Environments- When a new app is deployed, a CNAME record for the app is registered in contoso.com.
You need to recommend a solution to secure the DNS record tor each web app. The solution must meet the following requirements:
* Ensure that when an app is deleted, the CNAME record for the app is removed also
* Minimize administrative effort.
What should you include in the recommendation?
Recent Comments (The most recent comments are at the top.)
A
Microsoft Defender for App Service includes a built-in capability to detect and alert you about dangling DNS entries. Here's how it works:
Monitoring Deprovisioning: Defender for App Service monitors when an App Service web app is decommissioned or deleted.
DNS Record Check: It then checks if there are any custom domains (CNAME records) still pointing to that now-nonexistent web app.
Security Alert: If it finds such a dangling DNS entry, it generates a security alert to notify you of the potential subdomain takeover risk.