Describe features and tools in Azure for Governance and Compliance Flashcards

1
Q

what are azure blueprints?

A
  • helps manage multiple subscriptions
  • let you standardize cloud subscription or environment deployements
  • can define repeatable settings and policies that are applied as new subs are created
  • dev teams can rapidly build and deploy new environments
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what are artifacts?

A
  • each blueprint definition is known as an artifact
  • it is possible for artifacts to have no additional params
  • can also contains one or more params that you can configure such as allowed locations for resource deployments
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what can artifacts include?

A
  • role assignments
  • policy assignments
  • azure resource manager templates
  • resource groups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

how do azure blueprints help monitor deployments?

A
  • versionable allowing for initial config to be made and then add updates later on and assign a new version to that update
  • azure creates record that associates a resource with the blueprint that defines it; helps track and audit deployments
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what is azure policy?

A
  • service that enables you to create, assign and manage policies that control or audit your resources
  • these policies enforce rules across resource configs so that configs stay compliant with corporate standards
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

how does azure policy define policies?

A
  • can define indivual and groups of related policies known as initiatives
  • evaluates resources and highlights resources that arent compliant with the policies you’ve created, also prevents noncompliant resources being created
    -can set policies on each level
  • policies can be inherited comes with built in policy and initiative for storage, networking, compute, security center and monitoring
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what are azure policy initiatives?

A

a way of grouping related policies together

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what are resource locks?

A
  • prevents resource from being accidentally deleted or changed
  • can be applied to individual resources, resource groups or even an entire sub
  • inherited, so lock on group will lock all resources within it
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

what are the types of resource locks?

A
  • Delete; authorised users cna read and modify a resource but not delete
  • ReadOnly; authorised users can read but not delete or update a resource
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

how do I delete or change a locked resource?

A
  • first remove lock
  • apply action
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what is the service trust portal?

A
  • ## portal that provides access to various content, tools and other resources about security, privacy and compliance practices
How well did you know this?
1
Not at all
2
3
4
5
Perfectly