You're reading from Microsoft Azure Security Technologies Certification and Beyond Gain practical skills to secure your Azure environment and pass the AZ-500 exam

Product type Paperback

Published in Nov 2021

Publisher Packt

ISBN-13 9781800562653

Length 526 pages

Edition 1st Edition

Tools

Azure

Concepts

Cybersecurity

Author (1):

David Okeyode

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Implement Identity and Access Security for Azure

2. Chapter 1: Introduction to Azure Security FREE CHAPTER

3. Chapter 2: Understanding Azure AD

4. Chapter 3: Azure AD Hybrid Identity

5. Chapter 4: Azure AD Identity Security

6. Chapter 5: Azure AD Identity Governance

7. Section 2: Implement Azure Platform Protection

8. Chapter 6: Implementing Perimeter Security

9. Chapter 7: Implementing Network Security

10. Chapter 8: Implementing Host Security

11. Chapter 9: Implementing Container Security

12. Section 3: Secure Storage, Applications, and Data

13. Chapter 10: Implementing Storage Security

14. Chapter 11: Implementing Database Security

15. Chapter 12: Implementing Secrets, Keys, and Certificate Management with Key Vault

16. Chapter 13: Azure Cloud Governance and Security Operations

17. Assessments

18. Other Books You May Enjoy

Implementing Azure Distributed Denial of Service (DDoS) Protection

A DDoS attack is a collection of attack types aimed at disrupting the availability of a target by overwhelming it with malicious traffic. The Azure DDoS protection service enables us to protect our internet-facing virtual network workloads from DDoS attacks before the availability of our service is impacted (Figure 6.1).

The service identifies malicious attempts to overwhelm the network and blocks them before they reach our Azure resources. Legitimate traffic from customers still flows into Azure without any interruption (Figure 6.1). It uses the scale and elasticity of Microsoft's global network to mitigate DDoS attacks at the Azure network edge.

Before we get into more details on this service, let's review the different categories of DDoS attacks so that we are clear on what this service protects against and what it does not. There are three main categories of common DDoS attacks: