SC-100: Security Best Practices

Question 1

What are the guiding principles of Zero Trust?

Answer 1

Verify Explicitly
Use Least Priviledge Access
Assume Breach

Question 2

Azure Well-Architected Framework

Answer 2

A framework designed to help customers build secure, high-performing, resilient, and efficient infrastructure for their applications and workloads in Azure.

Five Pillars:
Cost Optimization
Operational Excellence
Performance Efficiency
Reliability
Security

Question 3

Azure Well-Architected Framework’s
Five Pillars!

Answer 3

Cost Optimization
Operational Excellence
Performance Efficiency
Reliability
Security

Question 4

Which of the following is a key principle of Azure’s Well-Architected Framework?

Answer 4

Plan for failure!

Planning for potential problems and creating resilient systems that can withstand failures without significant downtime or data loss.

Question 5

Azure’s Well Architected Framework pillars of IoT!

Answer 5

Strong Identity
Least Privilege
Device Health
Device Update
Monitor System Security/Plan Incident response

Question 6

Microsoft Cloud Adoption Framework

Answer 6

A documentation and implementation framework for best practices throughout the cloud adoption lifecycle, providing a step-by-step approach to cloud migration and management using Azure.

Question 7

Microsoft Cloud Adoption Framework Steps!

Answer 7

Define Strategy
Plan

Ready

Adopt (Migrate, modernize, innovate)
Secure

Manage
Govern

Question 8

What is the purpose of the Cloud Adoption Framework?

Answer 8

To help organizations build secure applications and infrastructure in the cloud.

The Cloud Adoption Framework helps organizations to design, deploy, and operate workloads that are consistent with their business objectives and meet security and compliance requirements.

Question 9

What are Azure Landing Zones?

Answer 9

Azure Landing Zones provide an automated and prescriptive reference implementation to rapidly set up a comprehensive secure cloud baseline

A well-defined, structured environment within Azure that serves as a starting point for migrating, modernizing, and innovating applications at scale.

Question 10

Microsoft Cybersecurity Reference Architectures (MCRA)

Answer 10

A set of technical diagrams that describes Microsoft’s cybersecurity capabilities. Show how Microsoft security capabilities integrate with the following:

-Microsft platforms like Microspft 365 and Azure
-Third party apps like ServiceNow and Salesforce
-Third part platforms like AWS and Google Cloud Platform (GCP)

Question 11

Microsoft Cybersecurity Reference Architectures (MCRA) contain diagrams on the following:

Answer 11

Microsoft cybersecurity capabilities
Zero Trust and Zero Trust Rapid Modernization Plan (RaMP)
Zero Trust User Access
Security Operations
Operational Technology (OT)
Multicloud and cross-platform capabilities
Attack chain coverage
Azure native security controls
Security organizational functions

Question 12

Which of the following best defines the objective of a cloud reference architecture like Microsoft Cybersecurity Reference Architecture (MCRA) from Microsoft?

Answer 12

MCRA is designed to provide security-focuses reference architecture guidance that can apply almost anywhere no matter what underlying technologies, workloads, or data types are involved.

Question 13

What is a key benfit of using best practices, such as those found in the Microsoft Cybersecurity Reference Architecture (MCRA) when addressing cloud security concerns?

Answer 13

Using best practices can reduce staffing needs, complexity, and risk exposure, bringing financial benefits that arise from economies of reuse and simplification rather than reducing the number of platforms, components or architectures alone.

Question 14

Microsoft Cloud Security Benchmark (MCSB)

Answer 14

A framework for assessing the security posture of an organization;s cloud environment against industry standards and best practices

Question 15

Microsoft Cloud Security Benchmark (MCSB) domains/control families

Answer 15

Network Security
Identity Management
Privileged Access
Data Protection
Asset Management
Logging and Threat Detection
Incident Response
Posture and Vulnerability Management
Endpoint Security
Backup and Recovery
DevOps Security
Governance and Strategy

Question 16

Control

Answer 16

A control is a high-level description of a feature or activity that needs to be addressed and isn’t specific to a technology or implementation

Example: Data Protection is one of the security control families. Data Protection contains specific actions that must be addressed to help ensure data is protected

Question 17

Baseline

Answer 17

The implementation of the Control on the individual Azure services. Each organization dictates a benchmark recommendation and corresponding configuration needed in Azure.

Example: The Contoso Company looks to enable Azure SQL security features by following the configuration recommendation in the Azure SQL security baseline

Question 18

What is the purpose of the Microsoft Cloud Security Benchmark (MCSB)?

Answer 18

It is designed to provide a set of recommended security configurations and best practices for Microsoft cloud services.

Question 19

What is the difference between defensive and detective security controls, as discussed in the Microsoft Cloud Security Benchmark (MCSB)?

Answer 19

Defensive controls proactively prevent security incidents while Detective controls detect and respond to these incidents after they occur.

Question 20

What are attack vectors?

Answer 20

An attack vector is an entry point or route for an attacker to gain access to a system.

Examples include: Email, social media, insiders, removable devices, browsers, cloud services, devices, wifi

Question 21

What is a security breach?

Answer 21

Any attack that results in someone gaining unauthorized access to devices, services, or networks.

Question 22

What are data breaches?

Answer 22

A data breach is when an attacker successfully gains access or control of data.

Question 23

Attack Chain Modeling

Answer 23

An attack chain describes the typical chain of events uring an attack that leads to organizational damage. This includes technical and non-technical steps taken by adversaries or insiders during the attack.

Question 24

Microsoft’s best practices for ransomware protection

Answer 24

1. Prepare your recovery plan
2. Limit the scope of the damage
3. Make it hard to get in

Question 25

Azure Backup

Answer 25

Azure Backup provides security to your backup environment, both when your data is in transit and at rest. With Azure Backup you can back up: On-prem files, folders, and system states Entire Windows/Linux VMs Azure managed disks Azure file shares to a storage account SQL Server databases running on Azure VMs

Question 26

What is the primary method for mitigating against ransomware attacks?

Answer 26

Backing up data regularly and testing restore procedures. Regular backups are essential for restoring any lost or encrypted data after a ransomware attack. Testing restore procedures ensure that the backups can actually perform the desired restore.

Question 27

What is a critical component of business resiliency planning?

Answer 27

Performing regular risk assessments. Understanding potential risk is key to developing effective resiliency plans. Regular risk assessments help identify these risks and allow for appropriate mitigation strategies to be developed.

Question 28

Update Manager

Answer 28

A unified services to help manage and govern updates for all your machines. You can use Update Manager in Azure to: Oversee update compliance for your entire fleet of machines in Azure, on-prem, and other clouds. Instantly deploy critical updates to help secure your machines. Use flexible patching options such as automatic virtual machine guest patching in Azure, hotpatching, and customer-defined maintenance schedules.

Question 29

How can update management automation help mitigate against security threats?

Answer 29

Facilitating quicker deployment of critical security patches across infrastructure. Update management automation helps quickly deploy critical security patches, reducing the time attackers have to exploit vulnerabilities

Question 30

NIST Cybersecurity Framework

Answer 30

Framework for improving the cybersecurity posture of an organization

Question 31

OWASP

Answer 31

Reference for web app security best practices

Question 32

STRIDE

Answer 32

A methodology widely used approach for Threat Modeling that helps identify and classify threats based on their nature and impact.

Question 33

DREAD

Answer 33

A scoring system for Threat prioritization.

Question 34

What is the Enterprise Access model?

Answer 34

It is a security architecture that leverages multiple layers to protect privileged assets. The Enterprise access model helps organizations control access to resources and minimize security risks by relying on layer security principles and role-based access control.