Describe features and tools in Azure for governance and compliance

Question 1

Define ‘Microsoft Purview’

Answer 1

a family of data governance, risk, and compliance solutions that brings insights about your on-premises, multicloud, and software-as-a-service data together.

Question 2

How can Microsoft Purview inform on the data landscape?

Answer 2

1. Automated data discovery
2. Sensitive data classification
3. End-to-end data lineage

Question 3

What are the two main areas that comprise Microsoft Purview?

Answer 3

Risk and compliance and unified data governance.

Question 4

How does Microsoft Purview help with risk and compliance?

Answer 4

1. Protect sensitive data across clouds, apps, and devices.
2. Identify data risks and manage regulatory compliance requirements.
3. Get started with regulatory compliance.

Question 5

How does Microsoft Purview offer unified data governance?

Answer 5

1. Identify where sensitive data is stored in your estate.
2. Create a secure environment for data consumers to find valuable data.
3. Generate insights about how your data is stored and used.
4. Manage access to the data in your estate securely and at scale.

Question 6

Define ‘Azure Policy’

Answer 6

Service in Azure that enables you to create, assign, and manage policies that control or audit your resources.

Question 7

What is the purpose of Azure Policy?

Answer 7

Enforce different rules across your resource configurations so that those configurations stay compliant with corporate standards.

Question 8

What are the two types of Azure Policy definitions?

Answer 8

Individual policies or groups of related policies, known as initiatives.

Question 9

How does Azure Policy asses preconfigured policies?

Answer 9

Azure Policy evaluates your resources and highlights resources that aren’t compliant with the policies you’ve created.

Question 10

How does Azure Policy ensure compliance?

Answer 10

Can prevent noncompliant resources from being created.

Question 11

What objects an azure policy be assigned to?

Answer 11

A specific resource, resource group, subscription, and so on.

Question 12

Are azure policies inherent?

Answer 12

Yes; If you set an Azure Policy on a resource group, all resources created within that group will receive the same policy.

Question 13

Can Azure Policy automatically remediate noncompliant resources and configurations to ensure the integrity of the state of the resources?

Answer 13

Yes

Question 14

Define an ‘Azure Policy initiatives’

Answer 14

A way of grouping related policies together.

Question 15

Define a ‘resource lock’

Answer 15

Prevents resources from being accidentally deleted or changed.

Question 16

What objects a resource lock be assigned to?

Answer 16

Can be applied to individual resources, resource groups, or even an entire subscription.

Question 17

Are resource locks inherited?

Answer 17

Yes

Question 18

What are the two types of resource locks?

Answer 18

1. Delete
2. ReadOnly

Question 19

Define a ‘delete resource lock’

Answer 19

Authorized users can still read and modify a resource, but they can’t delete the resource.

Question 20

Define a ‘readonly resource lock’

Answer 20

Authorized users can read a resource, but they can’t delete or update the resource.

Question 21

How is a resource lock added in Azure portal?

Answer 21

Settings section of any resource’s Settings pane in the Azure portal > Locks.

Question 22

How is a locked resource deleted or modified?

Answer 22

First remove the lock. After you remove the lock, you can apply any action you have permissions to perform.

Question 23

Define the ‘Microsoft Service Trust Portal’

Answer 23

Provides access to various content, tools, and other resources about Microsoft security, privacy, and compliance practices.