Microsoft Azure Security Services | Security Center | Azure Key Vault | AIP and ATP | Sentinel

This blog post is the thirteenth blog  Microsoft Azure Fundamentals Certification Series(AZ-900) of Topic 3: Security Services.

If you have not gone through the previous Topic 3.2 Microsoft Azure Core Identity Services: AD & MFA read it here.

In this blog post, we’ll cover Topic 3.3 Microsoft Azure Security Services which includes Azure Security Center, Azure Key Vault, Azure Information Protection(AIP), and Azure Advanced Threat Protection(ATP).

Microsoft Azure provides tools that are needed to enhance the network, secure services, and provide security at every level possible.

Azure Key Vault

1. Azure Key Vault is a cloud service that provides a secure store for secrets. It is a logical group of secrets.
2. It helps you securely store classified information such as keys, passwords, certificates, and other secrets.

Check out: Microsoft Azure provides governance features and services in order to implement policy-based management for all Azure services available on-cloud and on-premise. In this blog post, we’ll cover Topic 3.4 Microsoft Azure Governance which includes Azure Blueprints & Azure Policy.

Microsoft Azure Security Center

1. Azure Security Center provides tools and services across hybrid cloud and on-premise workload to make the cloud more secure.
2. It is a unified infrastructure security management system
3. It strengthens the security posture, protect against threats by assessing the workloads and raising security alerts and secure faster by natively integrating and auto-provisioning Azure security services.

Also Read: Our blog post on Azure Resource Group. Click here

Azure Information Protection

1. Azure Information Protection(AIP) helps the customer to classify, protect documents and emails by applying labels.
2. Labels can be applied automatically by administrators, manually by users, or by a combination of users.

Check Out: Our blog post on Capex Opex. Click here

Azure Advanced Threat Protection

1. Azure ATP is a security service that leverages on-premises Active Directory signals.
2. It monitors users, entity behavior, and activities with learning-based analytics
3. It protects user identities and credentials stored in Active Directory
4. Identify & investigate suspicious user activities and advanced attacks
5. Provide clear incident information on a simple timeline

Azure Sentinel

Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that delivers intelligent security analytics and threat intelligence throughout the enterprise, creating a single solution for alert detection, threat visibility, proactive hunting, and threat response.

Azure Sentinel is your overview of the entire enterprise reducing the stress of increasingly sophisticated attacks, increasing volumes of alerts, and resolution timeframes.

• Collect data at cloud scale from all users, devices, applications, and infrastructure, both on-premises as we as on multiple clouds.
• Detect previously undetected threats, and minimize false positives using Microsoft’s analytics and advanced threat intelligence.
• Investigate threats with artificial intelligence, and survey for suspicious activities at scale.
• Respond to incidents rapidly with built-in orchestration and automation of common tasks.

AZ 900 Exam Questions

Here are a few sample questions from the Microsoft Azure Fundamentals Certification Exam[AZ-900] that you should be able to solve after reading this blog.

Q 1: Which Azure service should you use to store certificates?

A. Azure Security Center
B. an Azure Storage account
C. Azure Key Vault
D. Azure Information Protection
Correct Answer: C
Explanation: Azure Key Vault securely stores classified information such as keys, passwords, and certificates.

Q 2: Your company plans to automate the deployment of servers to Azure. Your manager is concerned that you may expose administrative credentials during the deployment. You need to recommend an Azure solution that encrypts the administrative credentials during the deployment. What should you include in the recommendation?
A. Azure Key Vault
B. Azure Information Protection
C. Azure Security Center
D. Azure Multi-Factor Authentication (MFA)

Correct Answer: A

Related/References

1. [AZ-900] Microsoft Azure Certification Fundamental Exam: Everything You Must Know
2. Learn how to create a Free Microsoft Azure Trial Account
3. [AZ-900] Microsoft Azure Fundamentals: Topic 1.1 Overview & Benefits 
4. Topic 2.1 Azure Architecture: Region, Availability Zone & Geography
5. How to Register For [AZ-900] Microsoft Azure Fundamentals Certification Exam
6. Topic 3.1 Microsoft Azure Secure Network Connectivity: Firewall, DDOS, & NSG
7. Topic 3.2 Microsoft Azure Core Identity Services: AD & MFA 
8. CapEx vs OpEx Model: Understand the Difference in Cloud Computing
9. [AZ-900] Azure Subscriptions

Next Task For You

Begin your journey toward Mastering Azure Cloud and landing high-paying jobs. Just click on the register now button on the below image to register for a Free Class on Mastering Azure Cloud: How to Build In-Demand Skills and Land High-Paying Jobs. This class will help you understand better, so you can choose the right career path and get a higher paying job.