Index
A
Access control
Access tokens
Active Directory Federation Service
authentication and authorization
authentication methods
on-premises
secured identity federation
Ad Hoc configuration protocols (AHCP)
Advanced security information model (ASIM)
Advanced threat protection (ATP)
Application development team
Application insight
Application layer principles
Application proxy connector
Application security
availability
Azure AD multifactor authentication
BYOD
confidentiality
identity management
integrity
layered security approach
security layers
zero trust cloud security
Application security group (ASG)
Architecture roots
ARM template deployment
Asynchronous/synchronous communication
Authentication flow
Authorization server
Azure active directory
Azure Active directory security model
Azure AD application proxy
components
with conditional access
features
on-premises web applications
remote users access
secure and remote access
use cases
workflow
Azure AD Business 2 Business collaboration (Azure AD B2B)
Azure AD business to customers (Azure AD B2C)
Azure AD federated authentication
Azure AD federation service
Azure AD multifactor authentication
Azure AD password protection
Azure AD PIM roles
Azure AD security defaults
Azure AD security model
hybrid identity
identity assessment score
secure organizations checklist
Azure Advisor
Azure AD with password hash sync
Azure Application Gateway
Azure app service environment
Azure cloud platform
Azure dashboards
Azure DDOS protection
Azure disk encryption
Azure firewall
Azure governance visualizer
Azure key vault (AKV)
Azure logic app
Azure monitor
alerts
application insights
applications
auto-scaling
container insights
events
information
logs
metrics
VM insights
Azure PaaS/SaaS responsibility
Azure platform security
Azure policy initiative
Azure privileged identity management
Azure Resource Manager (ARM)
Azure Rights Management
Azure’s defense-in-depth security architecture
application gateway
cloud computing
data
identity and access
network
OSI model
perimeter
physical security
security implementation
security risk management approach
Azure Sentinel
connectors
enabling
microsoft defender
regional availability
Azure services
Azure’s key management parameters
Azure’s public cloud infrastructure
Azure’s services and resources
checklist
data storage
disk encryption with SSE
identity and access management
RBAC
Azure storage analytics
Azure subscription
Azure tenant security (AzTS)
activities
Azure active directory
Azure functions
Azure services
deployment script
layered security architecture
process
Azure virtual network
Azure web application firewall
Azure workbook
B
Banned password
Border Gateway Protocol (BGP)
Bring Your Own Device (BYOD)
Brute force attack
Built-in Azure security controls
application insight
ARM template deployment
Azure Advisor
Azure Advisor security recommendations
Azure app service environment
Azure Monitor Logs
Azure platform
Azure Resource Manager
Azure’s public cloud infrastructure
Azure web application firewall
end customer/cloud consumer
layered security architecture
public cloud service
shared responsibility
traditional vs. cloud
WAF
Built-in storage encryption
Business risk assessment
Bus topology
C
Carrier sense multiple access (CSMA)
Centralized integration layer
Certificate management
Change-management process
Client encryption model
Client-server database
Cloud adoption
Cloud authentication
Cloud-based technologies
Cloud computing
model
network security risks
security breaches
security controls
security policies
shared resources
virtual workloads
Cloud consumers
Cloud data security
Cloud dematerialized zone (DMZ)
Cloud, Microsoft defender
Cloud-native architecture
Cloud-ready applications
boundaries
cultural change
definition
infrastructure
principles
resilience patterns
security practices
Cloud-ready environment
Cloud security
boundaries
challenges
configurations
considerations
measures
organization’s consideration
pillars
risk assessment
Cloud solutions
Cloud storage
Collision detection (CD)
Command and Query Responsibility Segregation (CQRS)
Common configuration enumeration (CCE)
Common platform enumeration (CPE)
Common vulnerabilities and exposure (CVE)
Common vulnerability scoring system (CVSS)
Confidentiality, integrity, and availability (CIA)
Consumer layer
Container security
K8 network isolation
K8 security checklist
Kubelet
Kubernetes cluster
node, pod, volume and node process
RBAC
whitelisting
Continuous integration/continuous deployment pipelines (CI/CD)
Controlling routing behavior
BGP
custom routes
default routing rules
optional default routes
system routes
user-defined routes
virtual network
VPN gateway route propagation
Cross-site scripting (XSS)
Cybersecurity
D
Database Administrators (DBAs)
Data bearing devices
Data classification
confidential
general
highly confidential
linking metadata process
Microsoft Azure SQL DB
dashboards
data discovery and classification
discovery and recommendations
export option
information protection policy labels
lables
recommendations
SQL information protection policy
Microsoft standard
non-business
public
Data discovery and classification
Data encryption
Data encryption patterns
Azure services
Azure’s key management parameters
client encryption model
cloud
data protection and security
features
Microsoft Azure
server-side encryption
Data protection
access control
data types
monitoring
network security, data access
principles
Data security
Data storage
Decoupling
Deployment script
Development, test, acceptance, and production (DTAP)
Digital identities
Disaster recovery (DR)
automated testing
Azure availability zones
Azure PaaS services
Azure regional pairs
creation
definition
design and implementation
management
RLO
RPO
RTO
Distribution
Dynamic host configuration protocol (DHCP)
E
Enterprise organizations
cybersecurity
execution steps
initiatives
security culture
Enterprises
Enterprise security model
Ethical hacking
Express route (ER)
F
Federated authentication
Firewall features
Firewalls
G
Games
Gap analysis
Granular IAM and authentication controls
H
Hardware security modules (HSMs)
Hub and spoke model
Human machine interface (HMI)
Hybrid cloud model
Hybrid identity
Hybrid topology
Hybrid virtual network
I, J
Identity and access management (IAM)
application types
Azure AD security model
definition
identity platform
Identity assessment score
definition
make strong credentials
resisting common attacks
Identity based access control
Identity management
ID tokens
Infrastructure and application deployment
application deployment governance
automate security releases
data movement
IaC
least privilege
pipeline secrets
security vulnerability management
security vulnerability scans
Infrastructure as a Code (IaC)
Infrastructure platform
Integration layer
Integration testing
IT resiliency
K
K8 security checklist
Key management
AKV
asymmetric encryption
cryptographic keys
data security
definition
HSM
lifecycle
practices
symmetric/asymmetric keys
symmetric encryption
Kubernetes cluster
L
Labels
Layered security architecture
Leadership support
security awareness
security culture
Log analytics
M
Malware issues
Mesh topology
Microsoft Azure
Microsoft Azure SQL DB
ATP
dashboards
data discovery and classification
discovery and recommendations
export option
information protection policy labels
lables
Microsoft defender, cloud
Microsoft information policy
recommendations
SQL Information Protection Policy
Microsoft cyber security
Microsoft defender
best practices
cloud
goal
security initiatives
Microsoft identity platform
Microsoft information policy
Microsoft Sentinel
connectors
data
features
hunting dashboards
hunting queries
incident management and response process
integration
logs
parsers
playbooks
prerequisites and resources
workbooks
Modern web applications
Monitoring
Monitor security
Monolithic vs. microservice architecture
Multifactor authentication (MFA)
Multiple consumer layers
Multiple provider layers
Multiple VNET with VNET peering
N
Network security
data access
Network security group (NSG)
Network segmentation
Network topologies
bus
hybrid
mesh
ring
star
tree
Nonfunctional requirements (NFRs)
O
Observability
On-premises applications
On-premises Azure AD federation service
Open authentication (OAuth)
OpenID Connect (OIDC)
Open systems interconnection (OSI) model
P, Q
Passthrough authentication
Password expiration policy
Password hashes
Patching
Pattern-based security
compartmentalization
consumer layer
dimensions
holistic approach
integration layer
modernized architecture
provider layer
scalability
service-oriented architecture
software layers
threats
Penetration testing
Physical security
Azure regions
compliance
data bearing devices
data centers and resources
Microsoft Azure team
reviews
Power BI
Privileged identity management (PIM)
access control
access reviewers
admin
approvers
Azure AD and Azure roles management
definition
features
role activation
Provider layer
Public cloud architectures
Public cloud platforms
Public cloud providers
Public cloud service
Public key infrastructure (PKI)
R
Ransomware
Recovery level objective (RLO)
Recovery point objective (RPO)
Recovery time objective (RTO)
Refresh tokens
Region-based controls
Resource owner
Resource server
Restrict successful attacks
Ring topology
Risk assessment
Role-based access control (RBAC)
S
Scalable architecture
Secure socket layer (SSL)
Security Assertion Markup Language (SAML)
Security attacks
Security auditing
Security competence
Security controls
Security culture
Security dimensions
Security information event management (SIEM)
Security monitoring
Security operations team (SOC)
Security policies
overview
score
security initiatives
security posture details
security recommendations
Security risks
Security scanning
Security testing
attackers
cloud security attacks
cloud security testing
design
ethical hacking
goal
integration testing
penetration scanning
requirements
risk assessment
security auditing
security scanning
system testing
types
unit testing
vulnerability testing
Security training
employee’s behavioral changes
frequency
phishing
security culture
tackle security issues
validation
Security vulnerabilities
Security zones
Segmenting subnets
advantages
ASG
Azure firewall
Azure subscription
Azure virtual network
create software-defined perimeters
enterprises
multiple VNET with VNET peering
NSGs
single VNET
Server-side encryption
Server-side web application
Service-oriented approaches
Shared access signature (SAS)
Shared responsibility
Sign-in method
Single sided page applications (SPA)
Azure AD
definition
page app configuration
Single sign-on (SSO)
configuration
password hash synchronization/passthrough authentication
SAML 2.0
users
Single VNET
Software-defined networks (SDNs)
cloud-based networks
create cloud-based virtual networks
networking decision guide
types of virtual networking architectures
Software development lifecycle process
Software layering
Software updates
Spokes
SQL information protection policy
SSO SAML protocol
Standard automatic configuration (SAC)
Star topology
System testing
T
Technology architecture
Threat intelligence
Threat modeling process
applications and services
brainstorm/prioritize threats
definition
design phase
developers
enterprises
form team
pattern-based security
phases
potential security risk
resiliency and fault isolation
risk mitigation
scope
security controls
security layers
security threats
security zones
software security
steps
STRIDE model
Traditional application security
Traditional security architectures
Traditional security controls
Transformations
Transparent data encryption (TDE)
Transport layer security (TLS)
Tree topology
Trojan horse
Types of data
data at rest
data in transit
in use
Types of virtual networking architectures
cloud-native
DMZ
hub and spoke model
hybrid
PaaS
U
Unit testing
V
Virtual machines
Virtual network
Virtual private network (VPN)
VNET peering
Vulnerability management
components
definition
lifecycle
report
steps
Vulnerability testing
W, X, Y
Web APIs
Web application firewall (WAF)
Web Apps
access tokens
Azure AD application
Azure AD app registration
OAuth 2.0 authorization code
OAuth flow
refresh tokens
sign in
Web firewall
Whitelisting
Worms
Z
Zero trust cloud security
Zero-trust network security control
Zero trust security
Zero trust segmentation
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.