Feature and tools in Azure for governance and compliance Flashcards
Microsoft Purview
a family of data governance, risk, and compliance solutions that help you get a single, unified view into your data
T or F
Purview brings insight about your on premises, multi cloud, and SaaS data together
True
With Microsoft Purview you can stay up to date on your data landscape thanks to:
Automated data discovery
Sensitive data classification
End to end data lineage
Microsoft Purview helps your organization to
Protect sensitive data across clouds, apps, and devices
identify data risks and manage regulatory compliance requirements
get started with regulatory compliance
Microsoft Purview’s unified data governance helps your organization to
Create an up-to-date map of your entire data estate that includes data classification and end-to-end lineage.
Identify where sensitive data is stored in your estate.
Create a secure environment for data consumers to find valuable data.
Generate insights about how your data is stored and used.
Manage access to the data in your estate securely and at scale.
Azure Policy
enables you to create, assign, and manage policies that control or audit your resources
T or F
Azure Policy enables you to define both individual policies and group policies, known as initiatives
True
T or F
if you set a policy at a high level, it will automatically be applied to all of the groupings that call within the parent
True
t or f
if you set a policy on a resource group, all resources created within that group will receive the same policy
true
T or F
Azure Policy comes with built in policy and initiative definitions for Storage, Networking, Compute, Security Center, and Monitoring
True
T or F
You can flag a resource to avoid Azure Policy automatically applying anything to a resource
True
What are Azure Policy initiatives?
A way of group related policies together
How many policy definitions does the Enable Monitoring in Azure Security Center initiative contain?
over 100
What does a resource lock do?
prevent resources from being accidentally deleted or changed
What can resource locks be applied to?
individual resources
resource groups
subscriptions
T or F
if a resource lock is placed on a resource group all of the resources will have the same lock applied
True
What are the two types of resource locks?
one that prevents users from deleting
one that prevents users from changing - such as a ReadOnly
How can you manage your resource locks?
In the Azure portal, PowerShell, the Azure CLI, or form an Azure Resource Manager template
How to make changes to a locked resource?
two step process
remove the lock then apply any action you have permission to perform
T or F
A read only lock prevents any create or update operations
True
Microsoft Service Trust Portal
provides access to various content, tools, and other resources about Microsofts security, privacy, and compliance practices.
How do you access resources on the Service Trust Portal?
By signing in as an authenticated user
How can you prevent creation of non-compliant resources, without having to manually evaluate each resource?
Azure Policy
What’s the best way to prevent inadvertent deletion of a resource?
Azure resource locks
