Try the fastest way to create flashcards

AZ-900 Microsoft Azure Fundamentals (Security)

3.0 (1 review)
Get a hint
Application Security Groups
Click the card to flip 👆
1 / 14
1 / 14

Students also viewed

Cyber
13 terms
Profile Picture
dayanara8515
ch 15 review questions from powerpoint
35 terms
Profile Picture
Goodness222
CompTIA Security+ Acronyms
182 terms
Profile Picture
Sky_Compton3
MOD 11 Quiz NET+
15 terms
Profile Picture
rsmith1979
CompTIA N10-008 Network+ 2.3
42 terms
Profile Picture
ibrahim_ali119
STudy 2.0
26 terms
Profile Picture
kevin2echevarria
Proxies and IDS/IPS
9 terms
Profile Picture
rmmccoy99
Exam 2 ACIS 2504
73 terms
Profile Picture
Katelyn_Stafford78
Terms in this set (14)
Application Security Groups
Enables you to group together similar types of servers and control traffic between those groups. Each ASG is a given a logical name and traffic is allowed or denied based on the logical name rather than IP address.

https://azure.microsoft.com/en-au/blog/applicationsecuritygroups/
Network Security Groups
Enables you to group resources together and control the flow of traffic, using firewall rules, between the groups. It's essentially a layer 3 cloud inner firewall at the network layer.

https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
Azure Security Center
Provides a series of security best practice recommendations to help improve your Azure secure score. It does this by monitoring your security settings and automating policy enforcement. It also blocks VM malware using machine learning.

https://azure.microsoft.com/en-au/services/security-center/
Azure Key Vault
Safely store your encryption keys and control access through role-based access controls (RBAC). Option to use FIPS 140-2 Level 2 HSMs for highly sensitive data. Also capable of storing tokens, passowrds, certificates, secrets and API keys. Simplify and automate tasks for SSL/TLS certificates.

https://azure.microsoft.com/en-au/pricing/details/key-vault/
Azure Information Protection
Classify and protect your data using manual labels or intelligent auto labelling. Prompt users to reclassify documents when sensitive data is detected. Protect using encryption and role-based access control both within and outside your organisation. Integrated with Office 365 data classification features.

https://azure.microsoft.com/en-au/services/information-protection/
Azure Advanced Threat Protection
Detect and investigate advanced threats in your hybrid cloud. Detect compromised identities and investigate malicious insider actions. Provides clear attack information to gain situational aware prior to, during or after a security incident.

https://azure.microsoft.com/en-au/features/azure-advanced-threat-protection/
Azure Policy
Identify resources that are not compliant with your software policy (Policy-as-Code). Remediate resources and configurations. Group together policy control items as initiatives and align to Agile initiatives. Used to automate auditing of the environment to reduce audit costs.

https://azure.microsoft.com/en-us/services/azure-policy/
Azure Advisor
Provides a range of best practice recommendations on your Azure environment covering: high availability, security, performance and cost. Security recommendations link to the Azure Security Center.

https://azure.microsoft.com/en-us/services/advisor/
Azure Multi-Factor Authentication (MFA)
Provides a second form of authentication via various methods. This can include security questions, Azure authenticator app, hardware token, voice call or SMS.

https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-howitworks
Azure Active Directory
Provides a directory service to manage authentication and authorisation of your hybrid cloud resources. Includes single-sign-on, federation, application management, b2b solutions, b2c solutions and the management of mobile devices.

https://azure.microsoft.com/en-au/services/active-directory/
Azure Application Gateway
The primary function is application-level load balancing but offers web application firewall (WAF) functionality to protect from common vulnerabilities outlined in the OWASP Top 10, i.e. SQL injection and cross-site scripting. Includes efficient SSL offload and certificate management.

https://azure.microsoft.com/en-au/services/application-gateway/
Azure Firewall
Used in tandem with security groups for perimeter protection from outside threats. It blocks traffic based on IP rules. Includes network address translation and threat intelligence-based filtering. Integrated with Azure Monitor for logging and analytics. Integrates with VPN and ExpressRoute gateways for hybrid connectivity.

https://azure.microsoft.com/en-au/services/azure-firewall/
Azure Blueprints
Automates the deployment of resources using Azure Resource Manager (ARM) templates. Includes the control of role assignments, resource groups and integrates with Azure DevOps to link together artifacts. Templates can be pre-approved by security teams and enable compliant development practices.

https://azure.microsoft.com/en-au/services/blueprints/
Azure DDoS Protection
Protect your resources from a distributed denial of service (DDoS) attack. Includes advanced intelligence to automatically configure and tune your protection. Use in concert with the Azure Application Gateway for WAF functionality to protect against the OWASP Top 10. Provides detailed attack analytics to improve situational awareness prior, during or after a security incident.

https://azure.microsoft.com/en-au/services/ddos-protection/