You're reading from Microsoft Azure Security Technologies Certification and Beyond Gain practical skills to secure your Azure environment and pass the AZ-500 exam

Product type Paperback

Published in Nov 2021

Publisher Packt

ISBN-13 9781800562653

Length 526 pages

Edition 1st Edition

Tools

Azure

Concepts

Cybersecurity

Author (1):

David Okeyode

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Implement Identity and Access Security for Azure

2. Chapter 1: Introduction to Azure Security FREE CHAPTER

3. Chapter 2: Understanding Azure AD

4. Chapter 3: Azure AD Hybrid Identity

5. Chapter 4: Azure AD Identity Security

6. Chapter 5: Azure AD Identity Governance

7. Section 2: Implement Azure Platform Protection

8. Chapter 6: Implementing Perimeter Security

9. Chapter 7: Implementing Network Security

10. Chapter 8: Implementing Host Security

11. Chapter 9: Implementing Container Security

12. Section 3: Secure Storage, Applications, and Data

13. Chapter 10: Implementing Storage Security

14. Chapter 11: Implementing Database Security

15. Chapter 12: Implementing Secrets, Keys, and Certificate Management with Key Vault

16. Chapter 13: Azure Cloud Governance and Security Operations

17. Assessments

18. Other Books You May Enjoy

Chapter 1: Introduction to Azure Security

Security is a core component of any well-architected environment, and this is no different for Azure. Every workload that your organization implements in Azure needs to be implemented with security in mind. The risk associated with not doing this could range from an attacker being able to use your Azure resources to mine cryptocurrency at your expense to an attacker being able to gain access to sensitive customer data that could result in massive fines or sanctions against your company. It could also lead to reputation damage that may lead to customers moving to a competitor.

But how does cloud security work? Is it different from traditional security? Do you have to unlearn everything that you know about managing on-premises security and start from the beginning? You'll be glad that the answer to that latter question is "No." The principles of digital security are the same whether your workload sits in a traditional on-premises data center or in a cloud environment such as Microsoft Azure. The way you apply those principles, however, is quite different. Some of those differences are due to the dynamic and elastic nature of cloud environments. The ability to rapidly provision and release resources introduces new challenges that traditional security models struggle to address effectively, but we'll be covering how to solve this in this book – that is, we'll focus on how we apply security principles to secure dynamic Azure environments.

In any discussion on Azure security, it is critical to understand the "shared responsibility model," that is, which security tasks are handled by the cloud provider (Microsoft in this case) and which tasks are handled by the cloud consumers (us). In this chapter, I will introduce this concept and show how cloud security responsibilities vary depending on the type of service that you are using in Azure – Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS). I will also walk you through how to set up an Azure subscription that you can use to follow along with the hands-on sections of this book.

In this chapter, we're going to cover the following topics; however, feel free to skip to the next chapter if the information covered is already familiar to you: