Microsoft Azure Architect Design (AZ-301) Practice Exam

Which of the following is NOT a valid method to perform load balancing for authentication components in an Azure environment?

• A. Azure Application Gateway and Basic Load Balancer
• B. Traffic Manager and Standard Load Balancer
• C. Azure Application Gateway and Standard Load Balancer
• D. Traffic Manager with Basic Load Balancer

The correct answer is: Traffic Manager with Basic Load Balancer

The option that is noted as not a valid method for load balancing authentication components in an Azure environment is the combination of Traffic Manager with a Basic Load Balancer. Traffic Manager is a DNS-based traffic load balancer that allows you to distribute traffic to various regions and services based on latency, performance, or other routing methods. It operates at a higher level, directing client requests for the authentication components to the most appropriate endpoint. In contrast, the Basic Load Balancer is designed for use within a single Azure region and can only operate at the transport layer (Layer 4). It doesn't support advanced features such as SSL termination or application-layer (Layer 7) routing, which are typically necessary for managing authentication workflows effectively. The other combinations, such as Azure Application Gateway with either Basic Load Balancer or Standard Load Balancer, and Traffic Manager with Standard Load Balancer, involve traffic management methods that integrate better with authentication processes. The Application Gateway, for example, can handle HTTP/HTTPS traffic specifically and provides more robust features relevant to web applications, including SSL termination and cookie-based session affinity. In summary, Traffic Manager paired with the Basic Load Balancer lacks the necessary functionality to effectively handle the complexities of load balancing for authentication components, making this pairing an unsuitable