Part 4

Question 1

Azure Advisor

Answer 1

Gives advice on Azure’s best practice and provides recommendations on what to do
- Provides cost, security, performance, and reliability advice

Question 2

Routing

Answer 2

Finding a route between two connections

Question 3

User-defined routes

Answer 3

Your own routes that you decide
- you might add a firewall for a subnet or etc…
- add the route/subnet to your route table

Question 4

Azure Firewall

Answer 4

network security service
- control incoming.outgoing traffic
- from simple to complex firewalls

• Azure firewall more about configuration rather than implementing your ow nfirewall
  -PaaS
• highly scalable

Question 5

DDoS Protection

Answer 5

Filter malicious traffic and let regular users in
- you add resources to the DDoS Azure you created so it can be protected

Question 6

Network Security Groups

Answer 6

Block/allow traffic for different groups
- grouping of VNets

Question 7

Application Security Groups

Answer 7

Allows grouping of Virtual Machines
- designed to help reduce the maintenance effort by grouping VMs

Question 8

Azure AD

Answer 8

Azure Active Directory
- stores Azure accounts and what they can access
- not just Azure but all Microsoft liscenses etc…

Question 9

Azure Security Center

Answer 9

Protects and offers security recommendations
- Like Azure advisor
- gives a scoring system

Question 10

Azure Defender

Answer 10

Allows for full protection and alerts/threat protection
- only allowed in the paid premium verison

Question 11

Azure key vault

Answer 11

Holds the keys, passwords, usernames, address, other data

Question 12

Keys

Answer 12

used to encrypt and decrypt data/messages

Question 13

RBAC

Answer 13

Assign who can do what and access what resources

Question 14

What priviledge leve l should you assign people?

Answer 14

Least Priviledge

Question 15

What different scopes could you add to RBAC?

Answer 15

Could do it based on subscriptions. resource usage, etc…

Question 16

Resouce Locks

Answer 16

Prevent users from changing different things based on their roles or just in general

• highest level you can add to is subscription level

Question 17

Azure Resource Tags

Answer 17

Assign different tags to different resources so they can be assigned more effficiently
- Key value pair
- mark resources for each group/azure services

Question 18

Are Resource Tags inherited?

Answer 18

No

Question 19

How can you organize tags?

Answer 19

By function, classification, restriction, department