AZ‐500 Microsoft Azure Security Technologies Study Guide_12 - itnett/FTD02H-N GitHub Wiki
📊 Common AZ-500 Exam Scenarios & Solutions
Scenario 1: Securing Virtual Machines with Limited Access
Problem: Your organization has several VMs running mission-critical apps. You need to minimize exposure to these VMs, but users still require access for maintenance.
Solution:
🛡️ Enable Just-in-Time (JIT) VM Access: This restricts access to the VMs by requiring users to request access, limiting exposure windows to a few hours.
🔐 Enable Azure Disk Encryption: Encrypt all VM disks to ensure data at rest is secure.
Scenario 2: Implementing MFA for High-Risk Users
Problem: Your security team has identified high-risk users with multiple failed sign-in attempts. These users don’t have MFA enabled.
Solution:
✅ Enable Conditional Access Policy: Create a Conditional Access policy to require MFA for all sign-ins by these users.
🔍 Use Azure AD Identity Protection: Configure risk-based sign-in detection to automatically block risky sign-ins and enforce MFA.
Scenario 3: Restricting Public Internet Access to a SQL Database
Problem: Your SQL Database is accessible over the internet, and you need to lock down access to trusted subnets.
Solution:
🚫 Implement a Virtual Network Service Endpoint: Use a VNet Service Endpoint to restrict SQL database traffic to trusted Azure subnets.
🔐 Enable Firewall Rules: Configure SQL database-level firewall rules to restrict incoming connections from public IP addresses.
Scenario 4: Monitoring Azure Security Center Recommendations
Problem: Your Secure Score in Azure Security Center is low, and you need to improve your organization’s security posture.
Solution:
📈 Follow Security Recommendations: Review Azure Security Center’s recommendations and implement them (e.g., enabling JIT VM access, MFA, and disk encryption).
📊 Set Up Alerts in Security Center: Configure security alerts for high-risk events, like multiple failed sign-ins or potential DDoS attacks.