Azure Fundamentals part 4: Describe general security and network security features
Protect against security threats on Azure
Below is the knowledge check from the end of this module:
Tailwind Traders faces a number of security challenges. In today’s digital world, its needs aren’t unique.
Azure provides tools and services that can help you detect and act on important security events. It also provides ways to help keep your data safe, which can prevent security incidents from happening to begin with.
In this module, you learned about Azure services that relate to security. Here’s a brief summary:
- Azure Security Center provides visibility of your security posture across all of your services, both on Azure and on-premises.
- Azure Sentinel aggregates security data from many different sources, and provides additional capabilities for threat detection and response.
- Azure Key Vault stores your applications’ secrets, such as passwords, encryption keys, and certificates, in a single, central location.
- Azure Dedicated Host provides dedicated physical servers to host your Azure VMs for Windows and Linux.
Learn more
Here are more resources to help you go further.
Azure Security Center
Take the Resolve security threats with Azure Security Center module to use the alert capabilities of Azure Security Center to watch for and respond to threats.
Then review the planning and operations guide to optimize your use of Security Center based on your organization’s security requirements and cloud management model.
Azure Sentinel
Design a holistic monitoring strategy on Azure goes into greater depth on how Azure Sentinel can help monitor and respond to security threats across your organization.
Also learn how to connect data sources to Azure Sentinel.
Azure Key Vault
Gain additional hands-on experience with Azure Key Vault in Manage secrets in your server apps with Azure Key Vault and Configure and manage secrets in Azure Key Vault.
Secure network connectivity on Azure
Below is the knowledge check from the end of this module:
- 1 minute
In this module, you learned about some of the ways you can secure network traffic both on Azure and in your on-premises datacenter.
Defense in depth is the overriding theme. Think about security as a multiple-layer, multiple-vector concern. Threats come from places we don’t expect, and they can come with surprising strength.
Tailwind Traders now has a few tools and services that it can use to secure its networks. Here’s a brief summary:
- Azure Firewall is a managed, cloud-based network security service that helps protect resources in Azure virtual networks.
- An Azure virtual network is similar to a traditional network that you’d operate in your own datacenter. It enables virtual machines and other compute resources to securely communicate with each other, the internet, and on-premises networks.
- A network security group (NSG) enables you to filter network traffic to and from Azure resources within a virtual network.
- Azure DDoS Protection helps protect Azure resources from DDoS attacks.
Azure Fundamentals learning path
This module is part of the Azure Fundamentals part 4: Describe general security and network security features learning path, which is one of six learning paths for Azure Fundamentals.
Here are the learning paths in this series:
- Azure Fundamentals part 1: Describe core Azure concepts
- Azure Fundamentals part 2: Describe core Azure services
- Azure Fundamentals part 3: Describe core solutions and management tools on Azure
- Azure Fundamentals part 4: Describe general security and network security features
- Azure Fundamentals part 5: Describe identity, governance, privacy, and compliance features
- Azure Fundamentals part 6: Describe Azure cost management and service-level agreements