Bash, the Crucial Exams Chat Bot
AI Bot
Design and Implement Security Solutions Flashcards
Microsoft Azure Security Engineer Associate AZ-500 Flashcards
Study our Design and Implement Security Solutions flashcards for the Microsoft Azure Security Engineer Associate AZ-500 exam with 39+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| Access Reviews in Azure AD | Process for reviewing and ensuring the appropriateness of user access rights |
| Azure Active Directory Identity Secure Score | Assessment score for securing identities within Azure AD environment |
| Azure AD Conditional Access | A feature to enforce access controls based on compliance signals |
| Azure Backup | Solution for data protection and recovery within Azure environments |
| Azure Bastion | Service for securely accessing VMs in Azure without exposing them to the internet |
| Azure Blueprints | Templates for implementing governance and compliance policies across Azure environments |
| Azure Firewall | A managed network service providing traffic filtering and security |
| Azure Host Security Posture | Ensuring virtual machines are patched, monitored, and secured against vulnerabilities |
| Azure Identity Protection | A service for detecting and responding to identity-based risks in Azure AD |
| Azure Key Vault | A solution for securely managing keys, secrets, and certificates |
| Azure Management Groups | Hierarchical collections for managing access and compliance across subscriptions |
| Azure Monitor Logs | A tool for collecting and analyzing log data across Azure resources |
| Azure Policy | A service for implementing governance and compliance across Azure resources |
| Azure Private Link | Service for accessing Azure resources privately via a private endpoint |
| Azure Privileged Identity Management (PIM) | Service for managing, controlling, and monitoring privileged Azure AD roles |
| Azure Resource Locks | A mechanism to prevent accidental deletion or modification of critical resources |
| Azure Security Alerts | Notifications triggered by suspicious activities and potential security threats |
| Azure Security Benchmark | Industry-standard security best practices for securing Azure services and workloads |
| Azure Security Center | A tool for monitoring the security posture of Azure resources |
| Azure Sentinel | Cloud-native SIEM and SOAR service for threat detection and response |
| Compliance Manager in Microsoft Purview | Tool for tracking and managing compliance requirements and controls |
| DDoS Protection | Azure service to mitigate distributed denial-of-service attacks |
| Disk Encryption Configuration | Process of enabling encryption to secure data at rest on Azure disks |
| Encryption at Rest | Data encryption for files stored on disk, such as Azure Blob Storage |
| Endpoint Protection Integration | Integrating antivirus tools into your Azure deployments |
| Implementing Network Security Groups (NSGs) | Use rules to control inbound and outbound traffic in Azure networks |
| Implementing Service Endpoints | Limits access to Azure services from specific subnets within a virtual network |
| Managed Identity in Azure | A service for securing resource access by eliminating secrets in app code |
| Multi-Factor Authentication (MFA) | Security mechanism requiring two or more verification methods for access |
| Principle of Least Privilege | Limit access rights to users and resources to the bare minimum necessary |
| Role-Based Access Control (RBAC) | Controls access to Azure resources based on user roles |
| Secure DevOps Kit for Azure (AzSK) | Tools for integrating security into Azure DevOps processes |
| Secure Remote Access | Using VPN gateways or bastion hosts for secure connections to Azure networks |
| Secure Score in Azure | A representation of an organization's security posture with actionable recommendations |
| Securing API Management in Azure | Implementing access controls and security measures for Azure API Management |
| Shared Responsibility Model | The distribution of security responsibilities between the cloud provider and customer |
| Virtual Network Peering | Connecting two Azure virtual networks for seamless communication and enhanced security |
| Web Application Firewall (WAF) | A firewall that protects web apps from common exploits and vulnerabilities |
| Zero Trust Model | Security model emphasizing "never trust; always verify" |
About the Flashcards
Flashcards for the Microsoft Azure Security Engineer Associate exam give you a quick-hit refresher on core Azure security principles such as least privilege, Zero Trust, and the shared responsibility model. Each card pairs concise definitions with practical context, helping you remember exactly how tools like Azure Security Center, Secure Score, and Key Vault are used to protect cloud workloads.
The deck also drills into identity safeguards such as MFA, Conditional Access, and Privileged Identity Management, along with network defenses including NSGs, Azure Firewall, WAF, and DDoS Protection. Governance staples like Azure Policy, Blueprints, and Compliance Manager round out coverage, ensuring you can secure, monitor, and audit Azure resources end-to-end.
Topics covered in this flashcard deck:
- Identity and access management
- Network security controls
- Data protection & encryption
- Governance and compliance
- Threat detection & monitoring