Azure Security Best Practices Flashcards
Microsoft Azure Security Engineer Associate AZ-500 Flashcards
| Front | Back |
| How can tagging resources improve security governance? | Tags help with organizing, tracking, and implementing controls on resources. |
| How can you ensure secure communication in Azure? | Use HTTPS for web services and enable encryption for data transmission. |
| How can you limit exposure to Azure resources? | Place them in private subnets and use network isolation techniques. |
| How can you protect sensitive data in Azure storage accounts? | Enable Azure Storage encryption and use private endpoints. |
| How can you secure Azure virtual machines? | Enable endpoint protection and configure firewalls on VMs. |
| How does Azure Defender enhance security? | Azure Defender detects threats and provides automated responses to security incidents. |
| What are Azure Policies used for? | Azure Policies enforce compliance and resource governance across services. |
| What does logging and monitoring in Azure help achieve? | Provides insights into system activity for security analysis and incident response. |
| What is a recommended approach to managing Azure keys | certificates, and secrets?,Use Azure Key Vault for centralized storage and management. |
| What is Azure Secure Score? | A measurement of an organization's security posture with recommendations for improvement. |
| What is the primary purpose of Azure DDoS Protection? | To safeguard Azure resources from Distributed Denial-of-Service attacks. |
| What is the principle of least privilege in Azure? | Grant users only the access they need to perform their tasks while minimizing risks. |
| What is the purpose of Azure RBAC? | Azure Role-Based Access Control (RBAC) manages fine-grained access to resources. |
| What is the role of Network Security Groups (NSGs) in Azure? | NSGs help control network traffic to and from Azure resources. |
| What tool can be used for monitoring security vulnerabilities in Azure? | Azure Security Center helps monitor and remediate security gaps. |
| What tool should you use for secure remote access to Azure VMs? | Use Azure Bastion for secure and seamless remote connections. |
| Why is identity management critical for Azure security? | Effective identity management reduces the likelihood of unauthorized access. |
| Why is it critical to apply security patches promptly in Azure? | Timely patching mitigates known vulnerabilities and reduces security risks. |
| Why should you enable Multi-Factor Authentication (MFA) for users in Azure? | MFA adds an extra layer of security by requiring more than just a password for user authentication. |
| Why should you routinely audit Azure permissions? | Regular audits ensure no excessive or outdated access permissions are present. |
About the Flashcards
Flashcards for the Microsoft Azure Security Engineer Associate exam focus on Azure security fundamentals that frequently appear on test day. As you move through the deck, you'll revisit the principle of least privilege, role-based access control, secure score metrics, and the configuration of services such as Azure Security Center, Defender, and Key Vault that strengthen an organization's cloud posture.
Each card distills a core concept- from enabling MFA and encryption to hardening virtual machines with NSGs, Bastion, and timely patching- so you can quickly test recall and spot weak areas. Regular practice reinforces compliance policies, monitoring techniques, and network protections you must know to secure Azure resources on the exam.
Topics covered in this flashcard deck:
- Access control & RBAC
- Identity & MFA
- Encryption & Key Vault
- Network security groups
- Monitoring & Secure Score
- Threat detection tools