You're reading from Exam Ref AZ-304 Microsoft Azure Architect Design Certification and Beyond Design secure and reliable solutions for the real world in Microsoft Azure

Product type Paperback

Published in Jul 2021

Publisher Packt

ISBN-13 9781800566934

Length 520 pages

Edition 1st Edition

Languages

SQL

Tools

Azure

Concepts

Cloud Computing

Author (1):

Brett Hargreaves

View More author details

Table of Contents (30) Chapters

Preface

1. Section 1: Exploring Modern Architecture

2. Chapter 1: Architecture for the Cloud FREE CHAPTER

3. Chapter 2: Principles of Modern Architecture

4. Section 2: Identity and Security

5. Chapter 3: Understanding User Authentication

6. Chapter 4: Managing User Authorization

7. Chapter 5: Ensuring Platform Governance

8. Chapter 6: Building Application Security

9. Section 3: Infrastructure and Storage Components

10. Chapter 7: Designing Compute Solutions

11. Chapter 8: Network Connectivity and Security

12. Chapter 9: Exploring Storage Solutions

13. Chapter 10: Migrating Workloads to Azure

14. Section 4: Applications and Databases

15. Chapter 11: Comparing Application Components

16. Chapter 12: Creating Scalable and Secure Databases

17. Chapter 13: Options for Data Integration

18. Chapter 14: High Availability and Redundancy Concepts

19. Section 5: Operations and Monitoring

20. Chapter 15: Designing for Logging and Monitoring

21. Chapter 16: Developing Business Continuity

22. Chapter 17: Scripted Deployments and DevOps Automation

23. Section 6: Beyond the Exam

24. Chapter 18: Engaging with Real-World Customers

25. Chapter 19: Enterprise Design Considerations

26. Mock Exam

27. Mock Answers

28. Assessments

29. Other Books You May Enjoy

Introducing Azure Key Vault

Encrypting data in some form is a core requirement for many solutions; however, there are different ways we can encrypt data.

The most basic is encryption at rest. Storage services in Azure use encryption at rest by default – this includes Virtual Machine disks, storage accounts, and even SQL Server. To encrypt data, Azure uses Microsoft-managed keys; however, there is the option to use keys managed by yourself. When using customer-managed keys, you need to store them in a safe place that your services can access in a tightly controlled manner – because if you can get access to the keys, you can decrypt the data.

Important note

Data encryption at rest uses a key, a randomly generated set of bits used with a mathematical algorithm to scramble data. The same key is then used to decrypt (unscramble) the data. Much like a password, the length and complexity of the key determine its strength.

As well as encrypting data at rest, virtual machines...