Privacy, Compliance and Trust

Question 1

What is Azure Governance ?

Answer 1

A set of rules, policies and roles that define acceptable usage of resources.

Question 2

What is Azure Policy?

Answer 2

This is used to create policies in Azure.

Question 3

What is Governance?

Answer 3

Governance validates that your organisation can achieve its goals through effective and efficient use of IT.

Question 4

What is a Policy?

Answer 4

A series of rules to ensure compliance.

Question 5

What is RBAC?

Answer 5

Role Based Access Control.

Question 6

RBAC characteristics?

Answer 6

1) Define User Access:
* You can define specific user access to individual resources.

2) Minimum Access.
* RBAC can enable minimum access necessary to resources. This ensures only users with valid access can manage resources.

3) Target Specific Use Cases:
Be very explicit (granular) about uses and access.

Question 7

How does RBAC Work?

Answer 7

RBAC works via Role Assignment.

Question 8

What is a Security Principle?

Answer 8

An object representing an entity such as a user or group, which can access a resource.

Question 9

What is a role?

Answer 9

A collection of permissions such as read, write and delete.

Question 10

What is Scope? (In relation to RBAC)

Answer 10

The sources an access role applies to.

Question 11

What are Locks? (RBAC)

Answer 11

Locks either prohibit the deletion or manipulation of a resource group, resource or subscription.

A lock needs to be removed entirely before the locked actions can be performed again.

Question 12

What are Azure Blue Prints?

Answer 12

A template for creating a resource in Azure. It can include:

• resource templates
• RBAC
• policies
• Samples for common regulations.

Question 13

What is the Cloud Adoption Framework?

Answer 13

A collection of documents to guide you through the cloud adoption process.
* Helps define strategies for governance and best practices.

Question 14

What is the Azure Monitor?

Answer 14

A Centralised Portal that collects telemetry data from Azure resources and services.
* Services on-premise can send logs to Azure Monitor.

Question 15

What is telemetry?

Answer 15

Telemetry is the in situ collections of measurements or other data at remote points and their automatic transmission to receiving equipment (telecommunication) for monitoring.

OR Information about how services or devices are performing.

Question 16

Azure Monitor Characteristics?

Answer 16

1) Constant Telemetry Data Feed (even from On-Premise)
2) Fully Managed (centralised)
3) Full Access to an interactive query language.
4) Leverages ML to find issues.

Question 17

What is Azure Service Health?

Answer 17

These are notifications sent from Azure to you on planned and unplanned incidents.

• There is also a dashboard.
• provides real-time reports
• Free Service
• Root Cause Analysis

Question 18

What is Compliance?

Answer 18

A Regulatory or Industry Standards Framework:

Ex: GDPR , ISO Standard and NIST.

Question 19

What is Azure Compliance Manager?

Answer 19

A solution that can evaluate your Azure environment and provide recommendations to a specific Compliance Standard.

• Can provide Recommendations.
• Can Assign Tasks
• Upload Secure Storage (for uploading compliance docs)
• Reporting

Question 20

Azure Compliance Unique Requirements

Answer 20

US Government and China both have unique compliance requirements.

• US Gov has dedicated Data Centres.
• China has its own dedicated region.

Question 21

Azure Privacy module?

Answer 21

Azure has no dedicated privacy module, it is based into other services.

• Azure Information Protection - classify data
• Azure Policy - Define and Enforce privacy and external regulations.
• Guides - Use guides on Azure to respond and comply with GDPR priv. requests.
• Leverage the compliance manager when necessary.

Question 22

What is the Trust Centre?

Answer 22

This is where Microsoft centralises their information about how they protect you and your information.

Question 23

What is the Service Trust Portal?

Answer 23

A hub of independent reports and audits performed on Microsoft’s products and services.