Security Flashcards

1
Q

What is a Firewall?

A

Set of rules that defines what kind of traffic can and cannot access the device or service behind it. Can be software or hardware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a DDOS attack and how do you prevent one?

A

High volume attack from many different sources (computers)
Azure DDOS Protection Service - to distribute volume across VMs, eflects attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How do we ensure network traffic from the outside is rejected, for specific networks for specific machines?

A

Azure Network Security Groups - allow only inbound and outbound traffic that is appropriate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How does a network security group work with a firewall in a multi-layered approach?

A

You can have a general firewall protecting the network and all VMs on the network.
You can have an NSG specifically for a VM with rules specific to that VM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Difference between NSGs and Firewall?

A

NSGs filter out inbound traffic with rules and designated priority assignments, is specific to an individual subnet
Firewall filters out inbound traffic across subnets, more broadly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is an Application Security Group? How is it different than a NSG?

A

Firewall specific to an application, the applications VMs and virtual networks
Its part of an NSG
Applies to a specific application or set of VMs within a NSG

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the difference between a public and private endpoints?

A

Public is reachable via the internet - less secure
Private is not via the internet, it is via Azures hardware infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What types of endpoints are available for private endpoints?

A

Service endpoints and private endpoints

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the purpose of a service? What are the pros and cons?

A

Service - connect subnet to a managed service (Azure backbone not the internet)
Cut access from everyone else
Option to enable access from specific IP addresses and Virtual Networks
Can’t provide access to on prem and other cloud provider resources
Provides access to the entire managed service, not just to specific instances of a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a private endpoint? Why is a private endpoint better?

A

Private - private access to a specific instance of a service
Can share private networks with existing peered connections, on-premises networks, hybrid networks
Can completely disable public access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Microsoft Defender for Azure? Whats make it unique? How does it work?

A

Notifies you of security threats. Shows you policy and compliance scores

Ready for hybrid on prem and cloud infrastructure -

Integrate with other cloud providers

Each VM has agents that send data to Defender

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is Microsoft defender for identity?

A

Monitor users
Baseline behavior - any activity outside of a normal routine will be flagged as suspicious
Suggest Changes - suggest changes to conform with security best practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does Azure Key Vault do?

A

Secure storage - Stores keys ,secrets, certificates, and can store usernames and passwords in secure hardware
Application isolation - It shares access to applications without sharing the usernames and passwords themselves
Global Scaling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a Security Center / Defender policy?

A

Rules to evaluate a resource for security and compliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is security center hygiene?

A

How are you resources configured in relation to security best practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How do you use Azure Information Protection? How is it different than Azure Sentinal? What are the 4 main steps?

A

Classify Data - classify data according to how sensitive it is
Track Activities - track what is happening with shared data and revoke access as needed
Share Data - safely share data as you can control who edits, views, prints, and forwards it
Integration - controls for document access is integrated with common applications such as Office

17
Q

What is Azure Sentinel?

A

Security information and event management tool
Collects security data, aggregates and normalizes data, analysis and detects threats, and provides actions to take

18
Q

What separates Sentinel apart from other SIEMS?

A

Behavioral analytics - uses AI to find suspicious behavior
AWS integration
Cloud scale

19
Q

What does Azure Dedicated host provide?

A

Hardware control - you get control of an entire physical server on Azure
Isolation - you won’t get any foreign VMs on your server
Maintenance - Reduce impact on your systems because you get to choose when updates are installed on your dedicated hosts.

20
Q

What are the benefits of Azure Dedicated Host?

A

Operating system of your choice
Azure Infrastructure - come with scale sets, fault isolation, high availability, etc.
Stringent Azure Compliance