Privacy, Compliance, Trust Flashcards
What is Azure Governance?
Ensures you remain compliant with national and international compliance rules
What is Azure Policy?
Ensures policies applies to resources are compliant
What are Azure Policies? What major topic are Azure policies part of? What entity are policies for? When is an Azure policy setup?
Are for resources and are rules applied when a resource is created and managed - for help being compliant
Part of Azure governance
What are VM tags?
Attributes displayed in the Azure invoice - can be easily filtered
How can you easily replicate network configurations for future deployments, similar to ARM?
Azure Blueprints - ARM + policies + resource groups
What are Conditional Access Policies?
Applied against users using assignments and access controls
What is Role Based Access Control? Who is it for?
Allows you to control how users and applications can interact with your Azure Resources - principle, role, scope
What are Resource Locks? Who are they for? and what entities do they lock?
Can assign a lock to a resource, subscription, or resource group. For users
What are types of Resource Locks?
Delete - can’t delete the lock object
Read-only - can’t make changes to the object
What is a security principle in RBAC?
Object representing an entity - user
How can you control a users access to resources?
Role Based Access Control - principle, role definition, scope
What is role definition?
Collection of permissions - read, write delete
What is Azure Monitor?
Helps you find the resources that aren’t performing 100% - Can also be on prem resources
Its a health check
What is Log Analytics? What is log analytics part of? Whats an example of something log analytics might check?
Stores log data for query - specific to VM health, CPU usage, VM free disk space, etc
Part of Azure Monitor
What is Application Insights? What is it part of? How is it different than Log Analytics
Performance Insights for web applications (health related insights)
Finds performance bottlenecks - and what pages are most popular
Part of Azure Monitor
Log Analytics is query data while Application Insights summarizes
What are Azure Monitor Alerts?
Notifies when something breaks - your resources, NOT general Azure health - Ex. Unresponsive VM, VM using excessive CPU
What is Azure Service Health? How much does it cost? What does it provide?
Helps monitor general Azure health - Alerts, real-time tracking, free
What is Azure Compliance Manager? What does it offer? How is it different than an Azure Policy?
Gives you recommendations based on compliance rules such as ISO, GDPR - Offers compliance scores and lets you assign tasks.
Azure policies are rules.
What is Azure Arc?
Helps you manage Azure, on prem, and other cloud resources in the same interface
Installs an agent to non-Azure resources
Manage non-Azure kubernetes clusters, deploy Azure managed database services to non-Azure locations
What is the General Data Protection Regulation?
Counties with users and customers in the EU must comply with the GDPR
What is a security policy in the Azure Security Center?
How is it different than an Azure compliance policy?
Desired configuration of your workloads and helps ensure you’re complying with the security requirements of your company or regulators.
Azure compliance policy is related to compliance only
What are the Azure services for Trust?
Service Trust Portal - Trust Center
What service tells you about Azure privacy?
There is no single service, many services do
What are the major Azure services for Complaince
Azure Governance
Azure compliance policies
Azure Compliance Manager
What are the major Azure security services?
Azure Defender new Security Center
Azure Sentinel
Azure security policies
What are the major Azure services for your resources health?
Azure Monitor
Log analytics
Application Insights
