This blog post is the thirteenth blog Microsoft Azure Fundamentals Certification Series(AZ-900) of Topic 3: Security Services.
If you have not gone through the previous Topic 3.2 Microsoft Azure Core Identity Services: AD & MFA read it here.
Find the full list of blogs in this series here.
In this blog post, we’ll cover Topic 3.3 Microsoft Azure Security Services which includes Azure Security Center, Azure Key Vault, Azure Information Protection(AIP), and Azure Advanced Threat Protection(ATP).
Microsoft Azure provides tools that are needed to enhance the network, secure services, and provide security at every level possible.
Azure Key Vault
- Azure Key Vault is a cloud service that provides a secure store for secrets. It is a logical group of secrets.
- It helps you securely store classified information such as keys, passwords, certificates, and other secrets.
Microsoft Azure Security Center
- Azure Security Center provides tools and services across hybrid cloud and on-premise workload to make the cloud more secure.
- It is a unified infrastructure security management system
- It strengthens the security posture, protect against threats by assessing the workloads and raising security alerts and secure faster by natively integrating and auto-provisioning Azure security services.
Azure Information Protection
- Azure Information Protection(AIP) helps the customer to classify, protect documents and emails by applying labels.
- Labels can be applied automatically by administrators, manually by users, or by a combination of users.
Azure Advanced Threat Protection
- Azure ATP is a security service that leverages on-premises Active Directory signals.
- It monitors users, entity behavior, and activities with learning-based analytics
- It protects user identities and credentials stored in Active Directory
- Identify & investigate suspicious user activities and advanced attacks
- Provide clear incident information on a simple timeline
Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that delivers intelligent security analytics and threat intelligence throughout the enterprise, creating a single solution for alert detection, threat visibility, proactive hunting, and threat response.
Azure Sentinel is your overview of the entire enterprise reducing the stress of increasingly sophisticated attacks, increasing volumes of alerts, and resolution timeframes.
- Collect data at cloud scale from all users, devices, applications, and infrastructure, both on-premises as we as on multiple clouds.
- Detect previously undetected threats, and minimize false positives using Microsoft’s analytics and advanced threat intelligence.
- Investigate threats with artificial intelligence, and survey for suspicious activities at scale.
- Respond to incidents rapidly with built-in orchestration and automation of common tasks.
AZ 900 Exam Questions
Here are a few sample questions from the Microsoft Azure Fundamentals Certification Exam[AZ-900] that you should be able to solve after reading this blog.
Q 1: Which Azure service should you use to store certificates?
A. Azure Security Center
B. an Azure Storage account
C. Azure Key Vault
D. Azure Information Protection
Correct Answer: C
Explanation: Azure Key Vault securely stores classified information such as keys, passwords, and certificates.
Q 2: Your company plans to automate the deployment of servers to Azure. Your manager is concerned that you may expose administrative credentials during the deployment. You need to recommend an Azure solution that encrypts the administrative credentials during the deployment. What should you include in the recommendation?
A. Azure Key Vault
B. Azure Information Protection
C. Azure Security Center
D. Azure Multi-Factor Authentication (MFA)
Correct Answer: A
- [AZ-900] Microsoft Azure Certification Fundamental Exam: Everything You Must Know
- Learn how to create a Free Microsoft Azure Trial Account
- [AZ-900] Microsoft Azure Fundamentals: Topic 1.1 Overview & Benefits
- Topic 2.1 Azure Architecture: Region, Availability Zone & Geography
- How to Register For [AZ-900] Microsoft Azure Fundamentals Certification Exam
- Topic 3.1 Microsoft Azure Secure Network Connectivity: Firewall, DDOS, & NSG
- Topic 3.2 Microsoft Azure Core Identity Services: AD & MFA
Begin your journey towards Azure, Getting [AZ-900] Microsoft Azure Fundamentals certified, and earning a lot more in 2020 by joining our FREE Masterclass.