Azure Security Services

Home » Azure Cheat Sheets » Azure Security Services

Microsoft Compliance Offerings


Microsoft Compliance Offerings Cheat Sheet Microsoft Trust Center provides access to security, privacy, and compliance information. Security - provides information about identity & access management, threat & information protection, and cloud security. Privacy - provides information on how you can secure your data at rest and in transit. Compliance - provides information about industry-specific requirements, audit reports, and shared responsibility. Microsoft Privacy Statement explains how Microsoft collects personal data, how they use it, and the reasons why they need to share personal data. The terms and conditions when you purchase licenses for products and online services through Microsoft Volume Licensing [...]

Microsoft Compliance Offerings2023-03-09T05:47:36+00:00

Microsoft Sentinel


Microsoft Sentinel Cheat Sheet A cloud-native SIEM and SOAR solution. It offers a birds-eye view across your enterprise. Sentinel is an intelligent security analytics and threat intelligence service that provides alert detection, threat visibility, proactive hunting, and threat response. Data connection methods in Sentinel: Service to service integration, External solutions via API, and External solutions via an agent. Microsoft Sentinel roles: Reader, Responder, and Contributor. Threat Management Sentinel provides the following features: Collect, Detect, Investigate, and Respond. Quickly gain insights across your data with Azure Sentinel Workbooks. Investigate and resolve possible threats with incidents (groups of related alerts). You can [...]

Microsoft Sentinel2023-03-10T01:45:08+00:00

Azure DDoS Protection


Azure DDoS Protection Cheat Sheet Allows you to protect your Azure resources from denial of service (DoS) attacks. DDoS protection (layers 3 and 4) offers two service tiers: Basic and Standard. Features Basic Enabled by default (free). It mitigates common network attacks. Both basic and standard protects IPv4 and IPv6 public IP addresses. Standard It has advanced capabilities to protect you against network attacks such as logging, alerting, and telemetry. Mitigates the following attacks: Volumetric attacks - flood the network layer with attacks. Protocol attacks - exploit a weakness in layers 3 and 4. Resource layer attacks - a layer [...]

Azure DDoS Protection2023-03-08T03:20:41+00:00

Azure Firewall


Azure Firewall Cheat Sheet A service that uses a static public IP address to protect your VNet resources. Azure Firewall is PCI, SOC, ISO, ICSA Labs, and HITRUST compliant. Features A stateful firewall service. You can enable forced tunneling to route Internet-bound traffic to an additional firewall or virtual network appliance. Limit outbound traffic to a given FQDN list, including wild cards. Filter any TCP/UDP protocol outbound traffic. To use FQDNs in your rules, you must enable DNS proxy. Deny the traffic of a malicious IP address with threat intelligence-based filtering. It has the highest priority rules and will always [...]

Azure Firewall2023-03-09T05:36:53+00:00

Azure Key Vault


Azure Key Vault Cheat Sheet A service that allows you to store tokens, passwords, certificates, and other secrets. You can also create and manage the keys used to encrypt your data. Features Soft delete allows a deleted key vault and its objects to be retrieved during the retention time you designate. The retention period of a deleted vault is between 7 to 90 days. With soft-delete and purge protection enabled, it will not purge a vault or object in the deleted state until the retention period has expired. You may connect to a key vault via A public endpoint in [...]

Azure Key Vault2023-03-09T05:43:46+00:00

Microsoft Defender for Cloud


Microsoft Defender for Cloud Cheat Sheet Manages all the security features of Azure. Detect vulnerabilities, restrict your exposure to threats, and quickly detect and respond to attacks. Secure Score allows you to get continuous assessment and security recommendations. It helps you to detect unusual activities and prevent threats in your PaaS workloads. Protect your virtual machines with configuration and vulnerability management, workload hardening, and server EDR. It also supports advanced monitoring to track and manage compliance & governance. Allows you to protect your resources using free or standard tiers. Concepts Defender for Cloud displays the overall secure score of your [...]

Microsoft Defender for Cloud2023-03-09T05:50:38+00:00

Microsoft Defender for Identity


Microsoft Defender for Identity Cheat Sheet Enables you to identify, detect, and investigate advanced threats in your organization. Allows you to monitor user activities and information. Identify and investigate advanced threats throughout the entire cyber-attack kill chain: Reconnaissance - identify attempts by attackers to gain information. Compromised credentials - any attempts that compromise user credentials shall be detected. Lateral movements - attacks to gain access to sensitive accounts. Domain dominance - the attacker has the credentials to access your domain controller. Exfiltration - unauthorized data transfer.   Microsoft Defender for Identity Cheat Sheet References: [...]

Microsoft Defender for Identity2023-03-09T05:54:07+00:00

Azure Active Directory (Azure AD)


Bookmarks Features Concepts Monitoring Security Authentication Fundamentals: The Basics Validate Your Knowledge Azure Active Directory Cheat Sheet An identity and access management service that helps you access internal and external resources. Azure AD licenses: Free, Premium P1, Premium P2 and Pay as you go Free - user and group management in your on-premises directory Premium P1 - allows access to both on-premises and cloud resources. Premium P2 - provides an additional feature called Azure AD Identity Protection. Pay as you go - offers a feature called Azure AD B2C. Features You [...]

Azure Active Directory (Azure AD)2023-03-08T03:18:36+00:00

Azure Information Protection (AIP)


Azure Information Protection Cheat Sheet You can protect your documents and emails by applying labels. Labels can be applied: Automatically - administrators Manually - users By combination - recommendations Allows you to track your shared data and revoke access if needed. Configure policies based on the sensitivity of your data. Sharing data with others will be safe, and you are in control of who can edit, view, and print. Labeling content includes: Classification Visual Markings Metadata You can use default labels or custom labels. The default classification labels are: Personal General Confidential Highly Confidential Want to learn more about Azure? [...]

Azure Information Protection (AIP)2023-03-09T05:40:45+00:00

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!