Microsoft Azure SC-900 Cheat Sheet [Part 2]

Azure Encryption Data

Azure Key Vault

• These are customer managed keys stored in Key Vault. And key vault is designed to store secrets, certificates.
• This requires Authentication and Authorization to access keys which means no storing as a file in disk.
• This can remove key from storage, code, source control and can generate new keys.

Azure Security Center (Infra Security Management)

• Cloud Security Posture Management — assessments and recommendations.
• Cloud Workload Protection (firewalls).
• Supports PaaS like Application Service plans.
• Azure Defender — Cloud Workload Protector.
• Azure Sentinel [SIEM/SOAR]—Collecting data and ‘Workbooks’ create report as Sentinel is used to detect threats in organization.

Microsoft 365 Defender

• This is a united suite of enterprise defense and integrated service.
• MS 365 for Identity — Formerly called as Advanced Threat Protection (ATP) which is an Azure Directory Connected service.
• This uses Azure AD data, signals to protect identities. And also can identify behavior anomalies, security reports, user profile analytics.
• Designed to reduce general alert, provide only relevant information and important security alerts in real time attack timeline.
• MS 365 for Office — Checks for malicious activities in Office apps.
• MS 365 for Endpoint — AKA ‘devices’ (laptops, phones)
• MS 365 for Security Centre — This manages security across identities, data, devices, applications and infra. It also makes recommendation for improvements, which is similar to Azure Security Score.

MS Privacy Principles

Compliance Portal — This helps to understand, manage an organization’s compliance needs.

Retention Policies — Is applied at site or mailbox level and to multiple location. These inherit retention from containers.

Data Loss Prevention — These protect sensitive information and prevent data disclosure.

Azure Resource Locks — Apply lock at parent scope and all the resources present will inherit lock.