General Security and Network Security Flashcards

1
Q

Azure Security Center

A

A monitoring service that provides threat protection/security recommendations across both Azure and on-prem DCs

  • Detect and block malware
  • Analyze and identify potential attacks
  • Just-in-time access control for ports
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Azure Security Center Capabilities

A
  • Policy compliance - run policies across management groups, subs, or tenants
  • Continuous assessments - assess new/deployed resources to ensure proper configuration
  • Tailored recommendations - based on existing workloads w/ instructions on how to implement
  • Threat protection - analyze attempted threats thru alerts/impacted resource reports
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Azure Sentinel

A

A security information management (SIEM) and security automated response (SOAR) solution that provides security analytics and threat intelligence across an enterprise.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Azure Sentinel Connectors and Ingrations

A
  • Office 365
  • Azure Active Director
  • Azure Advanced Threat Protection
  • Microsoft Cloud App Security
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Azure Key Vault

A

Stores application secrets in a centralized cloud location in order to securely control access permissions and access logging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Azure Key Vault Storage

A
  • Secrets management.
  • Key management.
  • Certificate management.
  • Storing secrets backed by hardware security modules (HSMs).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Azure Key Vault Integration

A

• Simplified administration of application secrets.
• Key Vault makes it easier to enroll and renew certificates from public certificate authorities
• Can also scale up/replicate content within regions and use standard certificate management tools.
• Can integrate Key Vault with storage accounts, container registries, event hubs, and many more Azure services,
which can then securely reference the secrets stored in Key Vault.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Azure Dedicated Host

A

Provides physical servers that host one or more Azure virtual machines that is dedicated to a single organization’s workload.

Benefits
• Hardware isolation at the server level
• Control over maintenance event timing
• Aligned with Azure Hybrid Use Benefits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Defense in Depth

A
  • A layered approach to securing computer systems.
  • Provides multiple levels of protection.
  • Attacks against one layer are isolated from subsequent layers.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Physical security layer

A

The first line of defense to protect computing hardware in the datacenter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Identity and access layer

A

Controls access to infrastructure and change control. The identity and access layer is all about ensuring that identities are secure, access is granted only to what’s needed, and sign-in events and changes are logged.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Perimeter layer

A
  • Uses DDoS protection to filter large-scale attacks before they can cause a denial of service for users.
  • At the network perimeter, it’s about protecting from network-based attacks against your resources.
  • Identifying attacks, eliminating impact, and alerting are important ways to keep your network secure.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Network layer

A
  • Limits communication between resources through segmentation and access controls.
  • At this layer, focus is on limiting the network connectivity across all your resources to allow only what’s required.
  • By limiting this communication, you reduce the risk of an attack spreading to other systems in your network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Compute layer

A
  • Secures access to virtual machines.
  • Malware, unpatched systems, and improperly secured systems open your environment to attacks.
  • Focus is on ensuring your compute resources are secure and the proper controls are in place
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Application layer

A
  • Helps ensure applications are secure and free of security vulnerabilities.
  • Helps reduce the number of vulnerabilities introduced in code.
  • Every development team should ensure that its applications are secure by default.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Data layer

A
  • Controls access to business and customer data that you need to protect.
  • Those who store and control access to data are responsible for ensuring that it’s properly secured.
  • Reg requirements dictate the controls and processes required to ensure CIA of the data.
17
Q

Shared Security

A
  • Migrating from customer controlled to cloud-based datacenters shifts the responsibility for security.
  • Security becomes a shared concern between cloud providers and customers.
18
Q

Network Security Groups

A
  • Filter network traffic to and from Azure resources on Azure Virtual Networks.
  • Set inbound and outbound rules to filter by source and destination IP address, port, and protocol.
  • Add multiple rules, as needed, within subscription limits.
  • Azure applies default, baseline security rules to new NSGs.
  • Override default rules with new, higher priority rules.
19
Q

Azure Firewall

A

• A stateful, managed Firewall as a Service (FaaS) that grants/denies server access based on originating IP address
to protect network resources.
• Applies inbound and outbound traffic filtering rules
• Built-in high availability
• Unrestricted cloud scalability
• Uses Azure Monitor logging

20
Q

Azure Application Gateway

A

Provides a firewall, web app firewall, which provides centralized, inbound protection for web apps

21
Q

Stateful Firewall

A

Analyzes the complete context of a network connection, not just an individual packet of network traffic. Azure Firewall features high availability and unrestricted cloud scalability.

22
Q

Azure Firewall Benefits

A

• Azure Firewall provides a central location to create, enforce, and log application and network connectivity policies
across subscriptions and virtual networks.
• Uses a static (unchanging) public IP address for your virtual network resources, which enables outside firewalls to
identify traffic coming from your virtual network.
• The service is integrated with Azure Monitor to enable logging and analytics.

23
Q

Azure DDoS Protection

A
  • Sanitizes unwanted network traffic before it impacts service availability.
  • Basic service tier is automatically enabled in Azure.
  • Standard service tier adds mitigation capabilities that are tuned to protect Azure Virtual Network resources.
24
Q

Defense in Depth Order

A
Physical Security
Identity & Access
Perimeter
Network
Compute
Application
Data
25
Q

Defense in Depth Reviewed

A

• NSGs with Azure Firewall to achieve defense in depth.
• Perimeter layer protects your network boundaries with Azure DDoS Protection and Azure Firewall.
• Networking layer only permits traffic to pass between networked resources with Network Security Group (NSG)
inbound and outbound rules.