Security

Question 1

what is Defense in Depth ?

Answer 1

multiple layers of security
physical, identity and access (AD), perimeter (DDOS), Network (virtual nw, filtering), Compute (VMs, DB), Gateways/Firewalls, Data (encrypted)

Question 2

How is NW Connectivity secured ?

Answer 2

vNET firewall rules (hardware or software)
DDOS - one of most common attacks
Azure Protection Service - catches and mitigates (deflects from servers)
NSGs - personal firewall - specify set of rules per VM
ASG - focus security on application via logical application groups

Question 3

What is Azure Security Center ?

Answer 3

threats portal with pre-defined set of rules (can create own)
works on hybrid cloud 
each VM has agent
policy compliance/scoring
integrates with AWS, GCP
raises alerts

Question 4

What is Key Vault ?

Answer 4

password (Secret) storage
access to KV given to other applications
hosted on secure h/w, application isolation and capable of global scaling
can create has access policies

Question 5

What is Azure Information Protection ?

Answer 5

secure data outside of company n/w
classify data (policies or manually)
track activities and safely share data
uses labels

Question 6

What is Advanced Threat Protection ? (ATP)

Answer 6

monitors users and analyses behavioural activity
creates and reports against baseline behaviour
recommends best practice

Question 7

How does ATP deal with Cyber Attack Kill Chain ?

Answer 7

deals with 3 stages :

1. Recon (searching IPs, etc)
2. Brute Force (guessing credentials)
3. Increasing user privileges

Question 8

What is Azure Sentinel ?

Answer 8

SIEM tool
data collected and aggregated, analysed to take action
behavioural analytics
Integrates with AWS 
Cloud scaling

Question 9

What are Azure Dedicated Hosts ?

Answer 9

own physical server on Azure
h/w isolation at physical layer
control over maintenance
required for Compliance
Allows OS of choice including BYOL
Global infra. features come included - e.g. scale sets and Avail. zones