Describe Security, Privacy, Compliance, and Trust

Question 1

Describe network security group

Answer 1

Allows filtering of network traffic to and from azure resources.

Filter by
Source IP address
Destination up address
Port
Protocol

Question 2

Describe application security group

Answer 2

Configure network security as a extension of an application’s structure allowing you to group virtual machines and define security policies based on those groups

Question 3

Describe user defined rules

Answer 3

Check answer

Question 4

Describe azure firewall

Answer 4

Service that grants access based on originating up address.

Network protocol and port specific

Question 5

Describe azure did protection

Answer 5

Ddos.
Levels
Basic - automatically enabled. Always on traffic monitoring real time mitigation of common network level attacks

Standard - additional mitigation capabilities tuned to azure virtual network resources

Standard
Volumetric attacks
Protocol attacks
Resource layer Attacks

Question 6

What is authorisation

Answer 6

Process of establishing what level of access an authenticated person or service has.
It specifies what data they’re allowed to access and what they can do with it.

Question 7

What is authentication?

Answer 7

Establishing the identity of a person or service looking to access a resource.
Challenging for legitimate credentials

Question 8

What is azure active directory

Answer 8

Microsoft cloud based identity and access management service.

Helps
Employees sign in and access resources

Authentication
Single sign on
App Management 
B2b
B2c
Device management 

Intended for
It admins
App developers
Microsoft 365, office 365, azure or cram online

Question 9

What is mfa?

Answer 9

Multi factor authentication
Provides additional security by requiring two or
More elements for full authentication

Comes as part of
Ad premium license
Authentication subscription for office 365
Azure AD directory global adminstrators

Question 10

What is azure security centre

Answer 10

Monitoring service provides threat
Protection to on prem and azure resources

Security recommendations
Monitor
Assessments 
Machine learning
Analyse and identify inbound attacks 
Access control for ports

Versions
Free - azure resources only
Standard - full suite

Question 11

What is azure security centre usage scenarios?

Answer 11

Integrate into workflows

1 use security centre for an incident response
Detect
Assess
Diagnose

2 enhance security
Security policy recommendations

Question 12

What is azure key vault ?

Answer 12

Centralised cloud service for storing
Application secrets

Secrets management
Key management
Certificate management
Store secrets backed by HSMs

Question 13

What is azure information protection (AIP)

Answer 13

Helps organisations classify and protect documents and email by applying labels

Manually or automatically

Question 14

What is azure advanced threat protection (ATP)

Answer 14

Identifies, detects and helps
You investigate advances threats

License

Question 15

Describe azure policy

Answer 15

Service to create assign and manage policies

Policies enforce different rules and effects on resources so they’d stay compliant with corporate standards and sla’s

Question 16

What is role

Based access control (RBAC)

Answer 16

Fine grained access management enabling you to grant users only the rights they need

Question 17

Define locks

Answer 17

Prevent accidental deletion or modification of resources

CanNotDelete
ReadInly

Question 18

What are azure blueprints

Answer 18

Define a repeatable set of resources that implement and adhere to standards, patterns and requirements

Allow rapidly build and deploy
New environments

Role assignments
Policy assignments
Azure resource manager templates
Resource groups

Armt deploy resources but have no active relationship. By contrast azure blueprints each deployment is tied to a azure blueprint package. Hence relationship is maintained. Improves auditing and tracking.

Question 19

What is azure monitor

Answer 19

It helps you understand how your resources are performing and proactively identifies issues affecting them and the resources they depend upon

Question 20

What is azure service health

Answer 20

Suite of experiences that provide personalised guidance and support when issues with azure services affect you.

Azure status
Service health
Resource health

Question 21

What is the Microsoft privacy statement

Answer 21

Explains what personnel data Microsoft processes, how it is processed and for what purpose

Question 22

Describe trust center

Answer 22

Website resource contains details about how Microsoft implements And supports security, privacy, and transparency I

Question 23

What is compliance manager

Answer 23

Workflow based risk assessment dashboard

Track, assign and verify your organisation regulatory compliance activities

Question 24

Describe service trust portal

Answer 24

Stop hosts compliance manager and is the Microsoft public site for publishing audit reports and other compliance related information

Question 25

Describe azure government services

Answer 25

Separate azure instance

Addresses security and compliance needs of us federal agencies, state and local governments and their solution providers.

Physical isolation from non-government deployments and
Provides screened us personnel.

Question 26

Describe azure China 21 Vianet

Answer 26

Operated by 21 Vianet physical separated instance of cloud service hosted in China.