Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Azure AZ-900 > Describe features and tools in Azure for governance and compliance > Flashcards

Describe features and tools in Azure for governance and compliance Flashcards

1
Q

Az

Azure Blueprints

A

-Easily create, deploy, and update compliant environments

Package of various Azure components (artifacts):
-Resource Groups
-ARM Templates
-Policy Assignments
-Role Assignments

-Centralized storage for organizationally approved design patterns
-Blueprint definition – describing what should happen (reusable package)
-Blueprint assignment – describing where it should happen (package deployment)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Azure Policy

A

-Designed to help with resource governance, security, compliance, cost management, etc.
-Policies focus on resource properties (RBAC focused on user actions)

Policy definition – Defines what should happen:
-Define the condition (if/else) and the effect (deny, audit, append, modify, etc.)
-Examples include allowed resource types, allowed locations, allowed SKUs, inherit resource tags

-Built-in and custom policies are supported
-Policy initiative – a group of policy definitions
-Policy assignment – assignment of a policy definition/initiative to a scope

-Scopes can be assigned to: management groups, subscriptions, resource groups, and
resources
-Policies allow for exclusions of scopes
-Checked during resource creation or updates and existing ones with remediation tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Azure Resource Lock

A

-Designed to prevent accidental deletion and/or modification
-Used in conjunction with RBAC

Two types of locks:
-Read-only (ReadOnly) – only read actions are allowed
-Delete (CanNotDelete) – all actions except delete are allowed

-Scopes are hierarchical (inherited)
–Subscriptions > Resource Groups > Resources

-Management Groups can’t be locked
-Only Owner and User Access Administrator roles can manage locks (built-in roles)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Service Trust Portal (STP)

A

Is a critical component of Microsoft’s commitment to transparency, security, and compliance in its cloud services, including Azure, Microsoft 365, and Dynamics 365.

The purpose of the Service Trust Portal is to provide customers with essential information, reports, and resources related to the security, compliance, and privacy practices of Microsoft’s cloud services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Azure AZ-900 (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions