Gain insights into securing Azure workloads. Explore authentication, authorization, private, and public access restrictions, compliance, and threat monitoring using tools like Entra ID, Azure Firewall, Policy, and Sentinel.

azure.tar.gz

In this course, you’ll start your journey by understanding how to authenticate and authorize resources in Microsoft Entra ID and Azure. Next, you’ll learn how to restrict access to Azure resources using Azure Virtual Networks, Azure Firewall, and Azure network security groups. You’ll also explore how to secure private access to Azure resources. 

Furthermore, you’ll learn how to restrict public access to Azure resources with Azure Application Gateway, Azure WAF, Azure Front Door, and Azure DDoS. Moreover, you’ll also learn how to secure computing, storage, and database resources in Azure.

After completing this course, you can maintain compliance with corporate standards and regulatory requirements across the Azure environment with Azure Policy and Microsoft Defender for Cloud. You’ll also learn how to monitor and analyze metrics and logs with Azure Monitor, Azure Log Analytics, and Azure Sentinel and then automate predefined actions if a threat occurs.

Securing Azure Workloads: Principles and Practices

When we want to allow users access to applications with roles attached to them

When we want to define permissions for each application or resource with different authorization levels for specific groups of users or individual users

When the authorization decisions are based on the various attributes associated with an entity 

When we want a users to communicate with applications that have the same role as the user 

When do you use role-based access control?

When do you use role-based access control?

Control access based on device compliance.

What does Conditional Access allow you to do?

What does Conditional Access allow you to do?

What was Microsoft Entra ID previously known as?

What was Microsoft Entra ID previously known as?

Which Microsoft Entra ID feature provides time-bound access to certain resources to the Microsoft Entra ID entities?

Which Microsoft Entra ID feature provides time-bound access to certain resources to the Microsoft Entra ID entities?

Which feature is *not* provided by Microsoft Entra ID?

Which feature is not provided by Microsoft Entra ID?

Which service does Microsoft Entra ID P2 provide that the free tier does not provide?

Which service does Microsoft Entra ID P2 provide that the free tier does not provide?

Microsoft Entra ID is only used for managing on-premises applications.

Microsoft Entra ID can only be accessed by users who have a Microsoft account.

Microsoft Entra ID is a cloud-based identity and access management service.

Microsoft Entra ID only supports authentication, not authorization.

Which statement about Microsoft Entra ID is true?



Which statement about Microsoft Entra ID is true?

To limit user access to specific Azure services based on their role

To enforce security policies and access controls for Azure AD resources

To enable multi-factor authentication (MFA) for all Azure AD users

To provide reporting and analytics on Azure AD usage

What is the main purpose of Azure AD Conditional Access?

What is the main purpose of Azure AD Conditional Access?

User-assigned managed identity is an identity that can only be used with specific services like virtual machines.

Whenever the resource to whom the user-assigned managed identity is associated is deleted, the user-assigned managed identity is also deleted.

A user-assigned managed identity can only be associated with a single resource and cannot be used by any other resource.

User-assigned managed identity does not get deleted if the resource it is associated with is deleted.

Which statement is *true* about user-assigned managed identity?

Which statement is true about user-assigned managed identity?

A service that enables you to manage external users and customers in Azure AD

A feature that allows you to create custom roles for managing Azure AD resources

A tool for monitoring and analyzing Azure AD usage and performance

A service that provides network security capabilities in Azure

What are Azure AD External Identities?

Test what you’ve learned in this chapter. 

Quiz: Identity and Access Management 

Test what you’ve learned in this chapter.

Introduction to the Course

Identity and Access Management

Secure Networking

Secure Compute, Storage, and Databases

Manage Security Operations

Conclusion

Assessment I

Assessment II

Assessment III

Quiz: Identity and Access Management