Part 4 Flashcards
Azure Advisor
Gives advice on Azure’s best practice and provides recommendations on what to do
- Provides cost, security, performance, and reliability advice
Routing
Finding a route between two connections
User-defined routes
Your own routes that you decide
- you might add a firewall for a subnet or etc…
- add the route/subnet to your route table
Azure Firewall
network security service
- control incoming.outgoing traffic
- from simple to complex firewalls
- Azure firewall more about configuration rather than implementing your ow nfirewall
-PaaS - highly scalable
DDoS Protection
Filter malicious traffic and let regular users in
- you add resources to the DDoS Azure you created so it can be protected
Network Security Groups
Block/allow traffic for different groups
- grouping of VNets
Application Security Groups
Allows grouping of Virtual Machines
- designed to help reduce the maintenance effort by grouping VMs
Azure AD
Azure Active Directory
- stores Azure accounts and what they can access
- not just Azure but all Microsoft liscenses etc…
Azure Security Center
Protects and offers security recommendations
- Like Azure advisor
- gives a scoring system
Azure Defender
Allows for full protection and alerts/threat protection
- only allowed in the paid premium verison
Azure key vault
Holds the keys, passwords, usernames, address, other data
Keys
used to encrypt and decrypt data/messages
RBAC
Assign who can do what and access what resources
What priviledge leve l should you assign people?
Least Priviledge
What different scopes could you add to RBAC?
Could do it based on subscriptions. resource usage, etc…
