Privacy, Compliance and Trust Flashcards

1
Q

What is Azure Governance ?

A

A set of rules, policies and roles that define acceptable usage of resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Azure Policy?

A

This is used to create policies in Azure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Governance?

A

Governance validates that your organisation can achieve its goals through effective and efficient use of IT.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a Policy?

A

A series of rules to ensure compliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is RBAC?

A

Role Based Access Control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

RBAC characteristics?

A

1) Define User Access:
* You can define specific user access to individual resources.

2) Minimum Access.
* RBAC can enable minimum access necessary to resources. This ensures only users with valid access can manage resources.

3) Target Specific Use Cases:
Be very explicit (granular) about uses and access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How does RBAC Work?

A

RBAC works via Role Assignment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a Security Principle?

A

An object representing an entity such as a user or group, which can access a resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a role?

A

A collection of permissions such as read, write and delete.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Scope? (In relation to RBAC)

A

The sources an access role applies to.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are Locks? (RBAC)

A

Locks either prohibit the deletion or manipulation of a resource group, resource or subscription.

A lock needs to be removed entirely before the locked actions can be performed again.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are Azure Blue Prints?

A

A template for creating a resource in Azure. It can include:

  • resource templates
  • RBAC
  • policies
  • Samples for common regulations.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the Cloud Adoption Framework?

A

A collection of documents to guide you through the cloud adoption process.
* Helps define strategies for governance and best practices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the Azure Monitor?

A

A Centralised Portal that collects telemetry data from Azure resources and services.
* Services on-premise can send logs to Azure Monitor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is telemetry?

A

Telemetry is the in situ collections of measurements or other data at remote points and their automatic transmission to receiving equipment (telecommunication) for monitoring.

OR Information about how services or devices are performing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Azure Monitor Characteristics?

A

1) Constant Telemetry Data Feed (even from On-Premise)
2) Fully Managed (centralised)
3) Full Access to an interactive query language.
4) Leverages ML to find issues.

17
Q

What is Azure Service Health?

A

These are notifications sent from Azure to you on planned and unplanned incidents.

  • There is also a dashboard.
  • provides real-time reports
  • Free Service
  • Root Cause Analysis
18
Q

What is Compliance?

A

A Regulatory or Industry Standards Framework:

Ex: GDPR , ISO Standard and NIST.

19
Q

What is Azure Compliance Manager?

A

A solution that can evaluate your Azure environment and provide recommendations to a specific Compliance Standard.

  • Can provide Recommendations.
  • Can Assign Tasks
  • Upload Secure Storage (for uploading compliance docs)
  • Reporting
20
Q

Azure Compliance Unique Requirements

A

US Government and China both have unique compliance requirements.

  • US Gov has dedicated Data Centres.
  • China has its own dedicated region.
21
Q

Azure Privacy module?

A

Azure has no dedicated privacy module, it is based into other services.

  • Azure Information Protection - classify data
  • Azure Policy - Define and Enforce privacy and external regulations.
  • Guides - Use guides on Azure to respond and comply with GDPR priv. requests.
  • Leverage the compliance manager when necessary.
22
Q

What is the Trust Centre?

A

This is where Microsoft centralises their information about how they protect you and your information.

23
Q

What is the Service Trust Portal?

A

A hub of independent reports and audits performed on Microsoft’s products and services.