Security Flashcards
What is a Firewall?
Set of rules that defines what kind of traffic can and cannot access the device or service behind it. Can be software or hardware.
What is a DDOS attack and how do you prevent one?
High volume attack from many different sources (computers)
Azure DDOS Protection Service - to distribute volume across VMs, eflects attack
How do we ensure network traffic from the outside is rejected, for specific networks for specific machines?
Azure Network Security Groups - allow only inbound and outbound traffic that is appropriate
How does a network security group work with a firewall in a multi-layered approach?
You can have a general firewall protecting the network and all VMs on the network.
You can have an NSG specifically for a VM with rules specific to that VM.
Difference between NSGs and Firewall?
NSGs filter out inbound traffic with rules and designated priority assignments, is specific to an individual subnet
Firewall filters out inbound traffic across subnets, more broadly
What is an Application Security Group? How is it different than a NSG?
Firewall specific to an application, the applications VMs and virtual networks
Its part of an NSG
Applies to a specific application or set of VMs within a NSG
What is the difference between a public and private endpoints?
Public is reachable via the internet - less secure
Private is not via the internet, it is via Azures hardware infrastructure
What types of endpoints are available for private endpoints?
Service endpoints and private endpoints
What is the purpose of a service? What are the pros and cons?
Service - connect subnet to a managed service (Azure backbone not the internet)
Cut access from everyone else
Option to enable access from specific IP addresses and Virtual Networks
Can’t provide access to on prem and other cloud provider resources
Provides access to the entire managed service, not just to specific instances of a service
What is a private endpoint? Why is a private endpoint better?
Private - private access to a specific instance of a service
Can share private networks with existing peered connections, on-premises networks, hybrid networks
Can completely disable public access
What is Microsoft Defender for Azure? Whats make it unique? How does it work?
Notifies you of security threats. Shows you policy and compliance scores
Ready for hybrid on prem and cloud infrastructure -
Integrate with other cloud providers
Each VM has agents that send data to Defender
What is Microsoft defender for identity?
Monitor users
Baseline behavior - any activity outside of a normal routine will be flagged as suspicious
Suggest Changes - suggest changes to conform with security best practices
What does Azure Key Vault do?
Secure storage - Stores keys ,secrets, certificates, and can store usernames and passwords in secure hardware
Application isolation - It shares access to applications without sharing the usernames and passwords themselves
Global Scaling
What is a Security Center / Defender policy?
Rules to evaluate a resource for security and compliance
What is security center hygiene?
How are you resources configured in relation to security best practices