Bash, the Crucial Exams Chat Bot
AI Bot
Cloud Security in Microsoft Azure Flashcards
Microsoft Security, Compliance, and Identity Fundamentals SC-900 Flashcards
| Front | Back |
| How can access to sensitive Azure resources be restricted | By implementing Azure Privileged Identity Management (PIM) |
| How can Azure Resource Locks improve security | By preventing accidental deletion or modification of critical resources |
| How can you enforce encrypted data transfer in Azure | By using Azure SSL certificates and configuring HTTPS endpoints |
| How can you limit access to Azure resources based on geography | Use Azure Geolocation-based policies in Azure Policy |
| How can you protect data in transit using Azure VPN Gateway | By encrypting data transmissions with IPsec protocols |
| How can you secure access to Azure Virtual Machines | By using Just-in-Time access and multifactor authentication |
| How can you secure data at rest in Azure Storage | By enabling encryption such as Azure Storage Service Encryption (SSE) |
| How do tags assist in managing Azure resources | By categorizing and identifying resources for better security and organization |
| How does Azure ExpressRoute contribute to cloud security | It offers private connections that bypass the public internet for enhanced data protection |
| How does Azure Log Analytics enhance security | It enables detailed monitoring and log analysis for better threat detection |
| How does Azure Monitor help with security | It provides insights and alerts for identifying vulnerabilities and suspicious activity |
| How does Immutable Blob Storage add security to Azure | It ensures stored data cannot be altered or deleted during a specified retention period |
| What are Azure Blueprints used for | To automate compliance and security configurations across Azure environments |
| What Azure tool helps in monitoring security threats | Microsoft Defender for Cloud |
| What do Network Security Groups (NSGs) do | They allow or deny inbound/outbound network traffic to Azure resources |
| What does DDoS Protection in Azure prevent | It minimizes downtime from malicious Distributed Denial-of-Service attacks |
| What does Secure Score in Microsoft Defender for Cloud measure | Overall security posture and provides recommendations to improve security |
| What does the term 'secure workloads' mean in Azure | Protecting applications and data running in the Azure environment |
| What is a benefit of using Azure Key Vault | Securely storing and accessing keys, secrets, and certificates |
| What is a common way to segment networks in Azure | Using Virtual Networks (VNets) for isolation and security |
| What is Azure Bastion used for | To provide secure and seamless RDP and SSH access to virtual machines directly in Azure |
| What is Azure Policy used for in terms of security | It ensures compliance with company standards and regulations |
| What is the advantage of using Private Link in Azure | It allows secure and private connections to Azure services using private endpoints |
| What is the Azure role-based access control (RBAC) used for | To manage user permissions for Azure resources |
| What is the benefit of implementing conditional access policies in Azure | It ensures access to resources is only granted under specific conditions |
| What is the best way to ensure data is securely deleted in Azure | Using Azure Storage Account features like Blob Delete Lock and data lifecycle management |
| What is the difference between a public and a private IP address in Azure | Public IP is accessible from the internet, while private IP is restricted within the virtual network |
| What is the function of Azure Sentinel | Cloud-native solution for intelligent security analytics and threat detection |
| What is the importance of Multi-Factor Authentication (MFA) in Azure security | It adds an extra layer of protection by requiring multiple verification methods |
| What is the purpose of Azure Firewall | To control and monitor network traffic to and from Azure resources |
| What is the purpose of Azure Private Endpoint | To connect securely to Azure PaaS services without exposing them to the public internet |
| What is the purpose of Azure Security Center | To provide unified security management and advanced threat protection |
| What is the purpose of Azure Traffic Manager | To control the distribution of network traffic for high availability and security |
| What is the role of Azure Active Directory in cloud security | It provides identity and access management for Azure resources |
| What is the role of managed identities in Azure | They provide a secure way for applications to access Azure services without storing credentials |
This deck introduces best practices for securing cloud environments, including Azure firewall, network security groups, and secure workloads.