Describe Security, Privacy, Compliance, and Trust Flashcards
Describe network security group
Allows filtering of network traffic to and from azure resources.
Filter by Source IP address Destination up address Port Protocol
Describe application security group
Configure network security as a extension of an application’s structure allowing you to group virtual machines and define security policies based on those groups
Describe user defined rules
Check answer
Describe azure firewall
Service that grants access based on originating up address.
Network protocol and port specific
Describe azure did protection
Ddos.
Levels
Basic - automatically enabled. Always on traffic monitoring real time mitigation of common network level attacks
Standard - additional mitigation capabilities tuned to azure virtual network resources
Standard
Volumetric attacks
Protocol attacks
Resource layer Attacks
What is authorisation
Process of establishing what level of access an authenticated person or service has.
It specifies what data they’re allowed to access and what they can do with it.
What is authentication?
Establishing the identity of a person or service looking to access a resource.
Challenging for legitimate credentials
What is azure active directory
Microsoft cloud based identity and access management service.
Helps
Employees sign in and access resources
Authentication Single sign on App Management B2b B2c Device management
Intended for
It admins
App developers
Microsoft 365, office 365, azure or cram online
What is mfa?
Multi factor authentication
Provides additional security by requiring two or
More elements for full authentication
Comes as part of
Ad premium license
Authentication subscription for office 365
Azure AD directory global adminstrators
What is azure security centre
Monitoring service provides threat
Protection to on prem and azure resources
Security recommendations Monitor Assessments Machine learning Analyse and identify inbound attacks Access control for ports
Versions
Free - azure resources only
Standard - full suite
What is azure security centre usage scenarios?
Integrate into workflows
1 use security centre for an incident response
Detect
Assess
Diagnose
2 enhance security
Security policy recommendations
What is azure key vault ?
Centralised cloud service for storing
Application secrets
Secrets management
Key management
Certificate management
Store secrets backed by HSMs
What is azure information protection (AIP)
Helps organisations classify and protect documents and email by applying labels
Manually or automatically
What is azure advanced threat protection (ATP)
Identifies, detects and helps
You investigate advances threats
License
Describe azure policy
Service to create assign and manage policies
Policies enforce different rules and effects on resources so they’d stay compliant with corporate standards and sla’s
What is role
Based access control (RBAC)
Fine grained access management enabling you to grant users only the rights they need
Define locks
Prevent accidental deletion or modification of resources
CanNotDelete
ReadInly
What are azure blueprints
Define a repeatable set of resources that implement and adhere to standards, patterns and requirements
Allow rapidly build and deploy
New environments
Role assignments
Policy assignments
Azure resource manager templates
Resource groups
Armt deploy resources but have no active relationship. By contrast azure blueprints each deployment is tied to a azure blueprint package. Hence relationship is maintained. Improves auditing and tracking.
What is azure monitor
It helps you understand how your resources are performing and proactively identifies issues affecting them and the resources they depend upon
What is azure service health
Suite of experiences that provide personalised guidance and support when issues with azure services affect you.
Azure status
Service health
Resource health
What is the Microsoft privacy statement
Explains what personnel data Microsoft processes, how it is processed and for what purpose
Describe trust center
Website resource contains details about how Microsoft implements And supports security, privacy, and transparency I
What is compliance manager
Workflow based risk assessment dashboard
Track, assign and verify your organisation regulatory compliance activities
Describe service trust portal
Stop hosts compliance manager and is the Microsoft public site for publishing audit reports and other compliance related information
Describe azure government services
Separate azure instance
Addresses security and compliance needs of us federal agencies, state and local governments and their solution providers.
Physical isolation from non-government deployments and
Provides screened us personnel.
Describe azure China 21 Vianet
Operated by 21 Vianet physical separated instance of cloud service hosted in China.
