Features and Tools for Governance and Compliance Flashcards
(20 cards)
What is the primary purpose of governance in Azure?
Governance in Azure pertains to the decision-making model around how Azure resources are managed and accessed, structuring Azure environments, and implementing policies to enforce organizational requirements.
How does effective organization of resources within Azure relate to governance?
Effective organization promotes effective governance by enabling better control over resources and services within Azure. An organized structure is needed for granular control.
What is the significance of inheritance in the Azure hierarchy in the context of governance?
Resources inherit governance policies and settings applied at higher levels in the hierarchy. This means policies set at a broader scope will apply to all resources within that scope unless overridden.
What is the main Azure service emphasized for enforcing and implementing governance and compliance?
Azure Policy is emphasized as the primary Azure service and component portal for enforcing and implementing governance and compliance.
Describe the two primary types of resource locks and their typical use cases.
The two primary types of resource locks are Read-Only and Delete. Read-Only locks are used for resources where changes could be disruptive (like a production database), while Delete locks prevent deletion but allow for modifications (like a virtual network or virtual machine).
If a Delete lock is applied to a virtual network, can the virtual machines within that network be modified? Explain why or why not.
Yes, the virtual machines within a virtual network with a Delete lock can be modified. The Delete lock prevents the deletion of the virtual network itself, but it does not prevent modifications to the resources contained within it.
What is the benefit of applying governance policies at the highest appropriate level?
Applying governance at the highest appropriate level ensures that the policies and controls are applied broadly across the relevant scope, leveraging the inheritance model and preventing the need to apply them individually to each resource.
What types of reports are relevant to governance and compliance in Azure?
Reports relevant to governance and compliance include compliance status, resource utilization, and audit logs.
What is the purpose of Microsoft Purview?
Microsoft Purview is a comprehensive data governance solution designed to provide visibility, data discovery, and governance across various data sources, both within and outside of Azure.
How does Microsoft Defender for Cloud contribute to securing resources in Azure?
Microsoft Defender for Cloud contributes to securing resources by assessing and strengthening their security posture, managing compliance against industry standards, enabling threat protection, and detecting vulnerabilities.
What is Governance?
The decision-making model and framework for managing and accessing Azure resources, structuring environments, and enforcing organizational requirements.
What is Compliance?
Ensuring that services and products meet external and internal standards.
What is Azure Hierarchy?
The layered structure in Azure that provides granular control over governance management, with resources inheriting settings from higher levels.
What is Azure Policy?
An Azure service for creating, assigning, and managing policies to enforce rules and effects over Azure resources and services.
What are Resource Locks?
Mechanisms in Azure to restrict access to resources, specifically preventing modification (Read-Only) or deletion (Delete).
What is a Read-Only Lock?
A type of resource lock that prevents any modifications to a resource.
What is a Delete Lock?
A type of resource lock that prevents the deletion of a resource but allows for modifications.
What is Microsoft Purview?
A comprehensive data governance solution for visibility, data discovery, and governance across various data sources.
What is Microsoft Defender for Cloud?
An Azure service that assesses and strengthens the security posture of resources, manages compliance, enables threat protection, and detects vulnerabilities.
What is Inheritance?
The principle in the Azure hierarchy where resources adopt governance settings and policies applied at higher levels in the scope.
