AZ‐500 Microsoft Azure Security Technologies Study Guide_11 - itnett/FTD02H-N GitHub Wiki

🔐 Azure Security Best Practices for AZ-500

🔑 Identity Management Best Practices

  • Use Conditional Access: Enforce Multi-Factor Authentication (MFA) for all users, particularly for high-risk and privileged accounts.
  • 🔑 Enable Privileged Identity Management (PIM): Ensure privileged roles are activated only when necessary and for a limited time.
  • 🚫 Block Legacy Authentication: Reduce risk by blocking legacy protocols like POP and IMAP that don’t support MFA.

🖥️ VM Security Best Practices

  • 🔒 Enable Just-in-Time (JIT) Access: Restrict access to virtual machines by enabling JIT to limit access based on time windows and IPs.
  • 🔐 Enable Disk Encryption: Use Azure Disk Encryption with BitLocker (Windows) or DM-Crypt (Linux) for all virtual machines.
  • 🛡️ Enable Anti-Malware Extensions: Install and configure anti-malware extensions for Windows and Linux VMs.

🏢 Platform Protection Best Practices

  • 🛑 Use Network Security Groups (NSGs): Apply NSGs to restrict traffic to and from Azure resources.
  • 🌐 Enable DDoS Protection: Protect public-facing applications by enabling Azure DDoS Protection Standard.
  • 🔥 Configure Azure Firewall: Use Azure Firewall to control traffic between Azure subnets and external networks.

🔐 Azure Key Vault Best Practices

  • 🔑 Enable Soft Delete & Purge Protection: Enable these features to safeguard against accidental deletion and ensure data recovery.
  • 🔐 Use Managed Identities: Avoid hardcoding secrets by leveraging managed identities for secure, token-based access to Key Vault.

🌍 Network Security Best Practices

  • 🛡️ Enable Azure Firewall Logging: Enable logging on your Azure Firewall to monitor and detect suspicious network traffic.
  • Use Application Security Groups (ASGs): Simplify network management by grouping VMs and applying NSG rules to the groups.

📊 Monitoring & Compliance Best Practices

  • 🔍 Set Alerts in Azure Monitor: Configure metric-based alerts for CPU usage, memory consumption, and network anomalies.
  • ⚙️ Monitor Azure Security Center Recommendations: Ensure your Secure Score is optimized by regularly reviewing Security Center's recommendations.
  • 📈 Log Analytics Queries: Run Kusto queries to detect failed sign-ins, suspicious activities, and compliance drifts.