Describe basic security capabilities in Azure Flashcards
1
Q
What is Azure Bastion?
A
An intermediate hardened instance that connects to a machine server via SSH (Linux) or RDP (Windows) from a web portal.
2
Q
What are the requirements of creating an Azure Bastion?
A
It needs its own subnet on a VNet called AzureBastionSubnet with at least a size of /26 (64 addresses).
3
Q
What are the key features of Azure Bastion?
A
RDP and SSH directly in the Azure portal
Remote session over TLS and firewall traversal for RDP/SSH
No public IP required on the Azure VM
No hassle of managing Network Security Groups (NSGs)
Protection against port scanning
Protect against zero-day exploits. Hardening in one place only.