AZ-500: Microsoft Azure Security Technologies – EXAM PASSED!!!

AZ-500: Microsoft Azure Security Technologies

EXAM PASSED!!!

#Azure #Security #AzureSecurity #CertifiedProfessional #CloudSecurity #CloudFamily #CyberSecurity #MicrosoftAzure #MicrosoftCloud #Microsoft #alwaysbelearning #AZ500 #EXAM #PASSED 

Azure – Setup Azure Blueprints

Challenge: Separate subscriptions for multiple disciplines under the same Azure Active Directory Tenancy.

Required : Each subscription to have the same role assignments

Solution : Azure Blueprints to define a repeatable set of Azure resources

How ?

Azure Blueprints provides

  • Role & Policy Assignments
  • ARM templates
  • And Resource Groups

Reference guides

Getting Started Azure Blueprints (PREVIEW)

Creating Blueprint Guide – Focused on Roles

Create a blue print, if your new, start with a sample predefined Blueprint.

For this example I have selected Resource Groups with RBAC (Role-based Access Control)

Create blueprint> Enter Name, Description and Definition Location

Next : Artifacts

Click Save Draft


How to Publish Blueprint

Click Blueprints > Blueprint Definitions > Select the version to publish


Click Publish blueprint.

Enter version and change notes > Click Publish

Azure – Advisor

Sample screen shots of Azure Advisor

Recommendations : Cost , Security, High Availability, Performance, Operational Excellence

Example Recommendations report export, output as a PDF or CSV

Azure – Auto Shutdown “Save” Greyed Out

I recently tried to enable auto shutdown on a virtual machine. I wanted to receive a notification before auto-shutdown. But the option was greyed out.

It would appear if send notification is set to yes, then the Save option is greyed out. Set Notification to No and you can save the settings > Set the time and Save.

Is it a feature or a bug, this was my work around.. After you have enabled and set a time. Now edit again and set notifications, add and email address and Save is available.

Azure – Install and Configure Antimalware On A Virtual Machine

A Virtual machine must be running.

If a virtual machine is stopped your deployment will fail

Note a Charge

Steps to Install Extension for Microsoft Antimalware

Select Virtual Machine > Extensions > New Resource > Microsoft Antimalware > Install Extension

  • Set date and Scan time is set in minutes from midnight 60 = 1am, 120 = 2am etc

Deployment in progress

Installed and Configuration completed

Azure – Log Analytics Workspace and AzureVirtual Machine Agent Install

How to prepare to collect security log data from your Azure Windows virtual machines. You require two things:

  1. Log Analystics Workspace to be created
  2. The agent to be installed on the Virtual machine.

This guide shows how to setup the workspace and install the agents on the virtual machine.

Create a Log Analytics Workspace

Pricing is Pay as you go

Next you connect to the data source

Click Virtual Machines > Select Virtual Machine and click Connect.

The Agent is then automatically installed and ready to configure for the log analytics workspace

Next Configure workspace under advanced settings. See MS Doc Quick Start Guide

Windows event log collect from Windows VM

  • Click Data > Windows Event Logs.
  • Add an event log. Example type System and then select “+”.
  • In the table, check the options Error and Warning.
  • Select Save at the top of the page to save the configuration.

Azure – Access Control and Role Assignment

This example shows how to assign a user/group a role to admin virtual machines in a resource group.

How to steps..

Select “Resource Group” > IAM > Add > Select user or group and select a role – Ok

Azure – Configure Management Locks – Prevent Accidental Deletion Of Core Resources

Locking prevents the accidental deletion or modifying of critical resources. Example Azure Subscription, Resource Group, Network, Files, VMs.

How to configure Management locks to prevent the accidental deletion of core networks?

In this example we will put a “Delete” lock on a virtual network.

Virtual Network > Select the network > Locks > Add > Name + Set lock type to delete > Ok

Configured

To remove a lock / delete the lock