Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AZ-900 > Identity, Governance, Privacy and Compliance- 20-25% > Flashcards

Identity, Governance, Privacy and Compliance- 20-25% Flashcards

1
Q

Azure Identity Services - Objective Domain

A
  • Explain the difference between authentication and authorization
  • Define Azure Active Directory
  • Describe the functionality and usage of Azure Active Directory
  • Describe the functionality and usage of Conditional Access, Multi-Factor Authentication (MFA), and Single Sign-On (SSO)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Azure Multi-Factor Authentication?

A

Azure Multi-Factor Authentication
Provides additional security for your identities by requiring two or more elements for full authentication.
• Something you know → Something you possess → Something you are

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Azure Active Directory (AAD)?

A

Azure Active Directory (AAD)
Azure Active Directory (AAD) is Microsoft Azure’s cloud-based identity and access
management service.
• Authentication (employees sign-in to access resources).
• Single sign-on (SSO).
• Application management.
• Business to Business (B2B).
• Business to Customer (B2C) identity services.
• Device management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Conditional Access?

A 
Conditional Access
Conditional Access is used by Azure Active Directory to bring signals together, to make
decisions, and enforce organizational policies.
• User or Group Membership
• IP Location
• Device
• Application
• Risk Detection
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Walkthrough - Manage access with RBAC Assign roles?

A

Walkthrough - Manage access with RBAC Assign roles and view activity logs.

  1. View and assign roles.
  2. View the activity log and remove a role assignment.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Azure Governance Methodologies - Objective Domain

A 
Describe the functionality and the usage of:
• Role-Based Access Control (RBAC)
• Resource locks
• Tags
• Azure Policy
• Azure Blueprints
• Cloud Adoption Framework for Azure
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Explore Role-based access control (RBAC)?

A

Fine-grained accessmanagement.
• Segregatedutieswithintheteamand grant only the amount of access to users that they need to perform their jobs.
• EnablesaccesstotheAzureportaland controlling access to resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Resource locks?

A

Resource locks
• Protect your Azure resources from accidental deletion or modification.
• Manage locks at subscription, resource group, or individual resource levels within Azure Portal.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Walkthrough - Manage Resource Locks?

A

Walkthrough - Manage Resource Locks
Create a resource group add a lock and test deletion, test deleting a resource in the resource group.
1. Create a resource group.
2. Add a resource lock to prevent deletion of a resource group.
3. Test deleting a member of the resource group.
4. Remove the resource lock.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Tags??

A

Tags
• ProvidesmetadataforyourAzure resources.
• Logicallyorganizesresourcesintoa taxonomy.
• Consistsofaname-valuepair.
• Veryusefulforrollingupbilling information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Azure Policy

?

A

Azure Policy helps to enforce organizational standards and to assess compliance at- scale. Provides governance and resource consistency with regulatory compliance, security, cost, and management.
• Evaluates and identifies Azure resources that do not comply with your policies.
• Provides built-in policy and initiative definitions, under categories such as Storage, Networking, Compute, Security Center, and Monitoring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Walkthrough - Create an Azure Policy?

A

Create an Azure Policy to restrict deployment of Azure resources to a specific location.

  1. Create a policy assignment.
  2. Test the allowed location policy.
  3. Delete the policy assignment.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Azure Blueprints ?

A 
Azure Blueprints makes it possible for development teams to rapidly build and stand up new environments. Development teams can quickly build trust through organizational compliance with a set of built-in components (such as networking) in order to speed up development and delivery.
• Role Assignments
• Policy Assignments
• Azure Resource Manager Templates
• Resource Groups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Cloud Adoption Framework?

A

The One Microsoft approach to cloud adoption in Azure.
• Best practices from Microsoft employees, partners, and customers.
• Tools, guidance, and narratives for strategies and outcomes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Privacy, Compliance, and Data Protection - Objective Domain

A

Describe the purpose of the:
• Microsoft core tenants of Security, Privacy, and Compliance
• Microsoft Privacy Statement, Online Services Terms (OST) and Data Protection
Amendment (DPA)
• Trust Center
• Azure compliance documentation
• Azure Sovereign Regions (Azure Government cloud services and Azure China cloud services)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Security, Privacy, and Compliance?

A

Security, Privacy, and Compliance
Security- Secure by design. With built in intelligent security, Microsoft helps to protect against known and unknown cyberthreats, using automation and artificial intelligence.

Privacy- We are committed to ensuring the privacy of organizations through our contractual agreements, and by providing user control and transparency.

Compliance- We respect local laws and regulations and provide comprehensive coverage of compliance offerings.

17
Q

Compliance Terms and Requirements?

A

Compliance Terms and Requirements
Microsoft provides the most comprehensive set of compliance offerings (including certifications and attestations) of any cloud service provider. Some compliance offerings include.
CJIS
Criminal Justice Information Services
HIPAA
Health Insurance Portability and Accountability Act
CSA STAR Certification
ISO/IEC 27018
EU Model Clauses
NIST
National Institute of Standards and Technology

18
Q

MS Privacy Statement?*

A

Microsoft privacy statement
The Microsoft privacy statement provides openness and honesty about how Microsoft handles the user data collected from its products and services.

19
Q

Online Services Terms and Data Protection Addendum?

A

Online Services Terms and Data Protection Addendum
Online Services Terms: The licensing terms define the terms and conditions for the products and Online Services you purchase through Microsoft Volume Licensing programs.
Data Protection Addendum: The DPA sets forth the obligations, with respect to the processing and security of Customer Data and Personal Data, in connection with the Online Services.

20
Q

Trust Center?*

A

Trust Center

Learn about security, privacy, compliance, policies, features, and practices across Microsoft’s cloud products.

21
Q

Walkthrough – Exploring the Trust Center

A 
Walkthrough – Exploring the Trust Center
Access the Trust Center, Service Trust Portal (STP), and Compliance Manager.
1. Access the Trust Center.
2. Access the Service Trust Portal.
3. Access the Compliance Manager.
22
Q

Azure Compliance Documentation?*

A

Azure Compliance Documentation
Microsoft offers a comprehensive set of compliance offerings to help your organization comply with national, regional, and industry-specific requirements that govern the collection and use of data.

23
Q

Azure Sovereign Regions (US Government services)?*

A

Azure Sovereign Regions (US Government services)
Meets the security and compliance needs of US federal agencies, state and local governments, and their solution providers.

24
Q

Azure Sovereign Regions (Azure China)*

A

Azure Sovereign Regions (Azure China)

Microsoft is China’s first foreign public cloud service provider, in compliance with government regulations.

25
Q

Knowledge Check
True or False
Azure Policy is used to control per-user permissions in Azure and control the types of resources that users can deploy.

A

Answer
False
Policy focuses on resource actions. For example, through policies, you can control the types of resources that can be provisioned or restrict the locations in which the resources can be provisioned regardless of the user.
RBAC focuses on the actions a user can perform. For example, a particular user is added to the Contributor role for a Resource Group so the user can make changes to that Resource Group.

26
Q

Knowledge Check
True or False
With Infrastructure-as-a-Service you are responsible for the maintenance and patching of physical operating system hosts in Azure.

A

Answer
False
Microsoft maintains all of the physical infrastructure for Azure, including the datacenters, physical networks, and the physical hosts that host your virtual machines and other Azure services.

27
Q

Knowledge Check
What would you use if you want to avoid a resource in Azure from being modified or deleted?
A. Tag
B. Resource Lock C. Policy

A

What would you use if you want to avoid a resource in Azure from being modified or deleted?
A. Tag
B. Resource Lock C. Policy
B. Resource Lock is the answer. A Resource Lock for DoNotDelete or ReadOnly can be created to avoid modification or deletion.

AZ-900 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions