How can companies enforce having only certain applications run on their VMs?
Describe basic features of Azure Security Center, including policy compliance, security alerts, secure score, and resource hygiene Show
Describe the functionality and usage of Key Vault Describe the functionality and usage of Azure Sentinel Describe the functionality and usage of Azure Dedicated Hosts 2 Describe Azure network security describe the concept of defense in depth describe the functionality and usage of Network Security Groups (NSG) describe the functionality and usage of Azure Firewall describe the functionality and usage of Azure DDoS protection 3 Describe identity, governance, privacy, and compliance features (20- 25%) explain the difference between authentication and authorization define Azure Active Directory describe the functionality and usage of Azure Active Directory describe the functionality and usage of Conditional Access, Multi-Factor Authentication (MFA), and Single Sign-On (SSO) 4 Describe Azure governance features Describe the functionality and usage of Role-Based Access Control (RBAC) Describe the functionality and usage of resource locks Describe the functionality and usage of tags Describe the functionality and usage of Azure Policy Describe the functionality and usage of Azure Blueprints Describe the Cloud Adoption Framework for Azure 5 Describe privacy and compliance resources Describe the Microsoft core tenets of Security, Privacy, and Compliance Describe the purpose of the Microsoft Privacy Statement, Online Services Terms (OST) and Data Protection Amendment (DPA) Describe the purpose of the Trust Center Describe the purpose of the Azure compliance documentation Describe the purpose of Azure Sovereign Regions (Azure Government cloud services and Azure China cloud services) Having a good security strategy is essential in today's digital world. Every application and service, whether on-premises or in the cloud, needs to be designed with security in mind. Security needs to happen at the application level, at the data level, and at the network level. Below are some common Azure Security and Privacy Services0 Azure DDoS Protection 1 Azure ExpressRoute 2 Azure Firewall 3 Azure Key Vault 4 What's Azure Security Center? 5 What's Azure Security Score? 6 What's Azure Sentinel? 6 What's the easiest way to combine security data from all of your monitoring tools into a single report that it can take action on? - Azure Sentinel is Microsoft's cloud-based SIEM. A SIEM aggregates security data from many different sources to provide additional capabilities for threat detection and responding to threats. 7 How can a company enforce having only certain applications run on its VMs? - With Azure Security Center, you can define a list of allowed applications to ensure that only applications you allow can run. Azure Security Center can also detect and block malware from being installed on your VMs. 8 Which is the best way for a company to safely store its certificates so that they're accessible to cloud VMs? - Azure Key Vault enables you to store your secrets in a single, central location. Key Vault also makes it easier to enroll and renew certificates from public certificate authorities (CAs). 9 How can a company ensure that certain VM workloads are physically isolated from workloads being run by other Azure customers? - Azure Dedicated Host provides dedicated physical servers to host your Azure VMs for Windows and Linux. How can tailwind traders enforce having only certain applications run on its VMs?How can Tailwind Traders enforce having only certain applications run on its VMs? Connect your VMs to Azure Sentinel. Create an application control rule in Azure Security Center. Periodically run a script that lists the running processes on each VM.
Which is the best way for companies to ensure that they only deploy cost effective virtual machine SKU sizes?Which is the best way for companies to ensure that they only deploy cost-effective virtual machine SKU sizes? Create a policy in Azure Policy that specifies the allowed SKU sizes. Periodically inspect the deployment manually to see which SKU sizes are used.
How can we ensure that certain VM workloads are physically isolated from workloads being run by other Azure customers?How can companies ensure that certain VM workloads are physically isolated from workloads being run by other Azure customers? What's the best way for companies to limit all outbound traffic from VMs to known hosts? Create a network security group rule that prevents access from another VM on the same network.
What's the best way to ensure that the development team doesn't provision too many virtual machines at the same time?What's the best way to ensure that the development team doesn't provision too many virtual machines at the same time? - If you exceed your spending limit, active resources are deallocated. You can then decide whether to increase your limit or provision fewer resources.
|