Secure data and applications (30-35%)

Configure security policies to manage data

Read the whitepaper: Achieving Compliant Data Residency and Security with Azure

Topic Link
configure data classification What is data classification?
configure data retention Explore data recovery, retention, and disposal
configure data sovereignty Custom Data Sovereignty & Data Gravity Requirements

Configure security for data infrastructure

Topic Link
enable database authentication Playbook for Addressing Common Security Requirements with Azure SQL Database
enable database auditing Azure SQL Auditing
configure Microsoft Azure SQL Database threat detection Azure SQL Database Advanced Threat Protection for single or pooled databases
configure access control for storage accounts Control access to account data
  Security recommendations for Blob storage
configure key management for storage accounts What is Azure Key Vault?
  Quickstart: Set and retrieve a secret from Azure Key Vault using Azure CLI
  Set up Azure Key Vault with key rotation and auditing
  Best practices to use Key Vault
  Configure customer-managed keys with Azure Key Vault by using the Azure portal
create and manage Shared Access Signatures (SAS) Grant limited access to Azure Storage resources using shared access signatures (SAS)
  Create a user delegation SAS for a container or blob with PowerShell
configure security for HDInsights Overview of enterprise security in Azure HDInsight
  Azure Security Baseline for HDInsight
configure security for Cosmos DB Security in Azure Cosmos DB - overview
  Azure Security Baseline for Cosmos DB
  Secure access to data in Azure Cosmos DB
configure security for Microsoft Azure Data Lake Security in Azure Data Lake Storage Gen1
  Virtual network integration for Azure Data Lake Storage Gen1
  Securing data stored in Azure Data Lake Storage Gen1
  Access control in Azure Data Lake Storage Gen2

Configure encryption for data at rest

Topic Link
implement Microsoft Azure SQL Database Always Encrypted Always Encrypted
  Always Encrypted: Protect sensitive data and store encryption keys in the Windows certificate store
  Always Encrypted: Protect sensitive data and store encryption keys in Azure Key Vault
implement database encryption Azure data security and encryption best practices
implement Storage Service Encryption Azure Storage encryption for data at rest
implement disk encryption Azure Disk Encryption for virtual machines and virtual machine scale sets
implement backup encryption Back up and restore encrypted Azure VM

Implement security for application delivery

Topic Link
implement security validations for application development Develop secure applications on Azure
  Design secure applications on Azure
  Deploy secure applications on Azure
  Secure development best practices on Azure
configure synthetic security transactions Synthetic Web Test for Microsoft OMS

Configure application security

Topic Link
configure SSL/TLS certs Certificates overview for Azure Cloud Services
  Configuring TLS for an application in Azure
configure Microsoft Azure services to protect web apps Threat Modeling Fundamentals
create an application security baseline Create security baselines

Configure and manage Key Vault

Topic Link
manage access to Key Vault Secure access to a key vault
  Configure Azure Key Vault firewalls and virtual networks
manage permissions to secrets, certificates, and keys Provide Key Vault authentication with an access control policy
  Identity and access management
manage certificates Monitor and manage certificate creation
manage secrets About keys, secrets, and certificates
configure key rotation Set up Azure Key Vault with key rotation and auditing
Experiential Learning Configure and manage secrets in Azure Key Vault
  Manage secrets in your server apps with Azure Key Vault

Back

Privacy & Cookies | Terms of Use | © Microsoft 2020 | This site is hosted for Microsoft by GitHub, also known as Microsoft. | Generated on 2021-02-12 23:24:14 +0000