Application & Data Flashcards
(13 cards)
Microsoft Defender for Cloud Apps
Defender for Cloud Apps can identify your organization’s cloud apps, IaaS service, and PaaS service. It can investigate usage patterns and assess the risk levels and business readiness of more than 31k SaaS applications against more than 80 risks.
The solution can detect unusual behavior across cloud apps to identify ransomware, compromised users, or rogue apps, analyze high-risk usage, and remediate automatically to limit risks to the organization.
You need to protect against an attacker attempting to exfiltrate data to external websites. Which service would you use for that?
Microsoft Defender for Cloud Apps
Microsoft Defender for App Services
It can identify any DNS entries remaining in the DNS registrar when an app service website is decommissioned. These are known as dangling DNS entries. When you remove a website and you do not remove its custom domian from the DNS registrar, the DNS entry points to a non-existent resource, and the subdomain is vulnerable to a takeover
Microsoft Defender 365:
Safe Attachments
Microsoft Defender 365 Safe Attachments for SharePoint, OneDrive and Teams provide an additional layer of protection against malware. Safe Attachments also help detect and block existing files that are identified as malicious in teams sites and document libraries.
Privileged Access Workstation (PAW)
The PAW profile includes security controls and policies that restrict local administrative access and only permits applications needed to perform specific tasks to minimize the attack surface, also restrict web traffic to a limited set of destinations.
What are Privileged Access Devices?
Secure workstations used to access sensitive resources.
Devices designated for accessing sensitive resources.
Azure App Service Environment (ASE)
Azure App Service Environment provides a fully isolated and dedicated environment for running App Service Apps. It allows you to create a virtual network and configure network security groups (NSGs) to control traffic flow.
This isolation ensures that the compute components are protected from potential threats and unauthorized access.
Application Proxy
Enables secure remote access to on-prem web applications. It allows users to access these applications from outside the corporate network, while maintaining secure access control and authentication policies.
Azure Application Insights
An application performance management service designed to help developers and DevOps teams to detect, triage and diagnose issues in live web applications and services. You embed a lightweight SDK or agent extension into your application and Application Insights automatically collects telemetry data that you can explore in the Azure portal.
Azure Application Gateway
Web traffic load balancer that manages traffic for web apps within Azure. Works at the application layer (layer 7) and uses advanced routing rules based on factors like URL paths and host headers, allowing for intelligent traffic distributionto different backend pools.
Service Endpoints
Service Endpoints allow Azure resources to access other Azure resources without exposing them to the public internet.
Azure Network Watcher
Azure Network Watcher provides a range of network monitoring and diagnostic tools that help you monitor and troubleshoot your Azure network infrastructure.
These tools include packet capture, connection monitoring, flow logs, IP flow verify, and next hop.
