4-Secure data and applications (30-35%).md

AZ-500: Secure data and applications (30-35%)

Configure Security Policies to Manage Data

• Configure Data Classification
• Configure Data Retention
• Configure Data Sovereignty
• Azure customer data protection

Configure Security for Data Infrastructure

• Enable Database Authentication
• Enable Database Auditing
• Configure Azure SQL Database Advanced Threat Protection | Overview
• Configure Access Control for Storage Accounts
• Configure Key Management for Storage Accounts
• Configure Azure AD Authentication for Azure Storage
• Configure Azure AD Domain Services Authentication for Azure Files
• Create and manage Shared Access Signatures (SAS)
• Configure security for HDInsights
• Configure security for Cosmos DB
• Configure security for Azure Data Lake | Gen1

Configure Encryption for Data at Rest

• Implement Azure SQL Database Always Encrypted
• Implement Database Encryption - Transparent Data Encryption (TDE)
• Implement Storage Service Encryption
• Implement Disk Encryption

Configure Application Security

• Configure SSL/TLS certs | Configure TLS mutual authentication for Azure App Service
• Configure Azure services to protect web apps
• Create an application security baseline

Configure and Manage Key Vault

• Manage access to Key Vault
• Manage permissions to:
  • Secrets
  • Certificates
  • Keys
• Configure RBAC usage in Azure Key Vault
• Manage Certificates
• Manage Secrets
• Configure Key Rotation

Return to Table of Contents