Day 17: Microsoft Module Apply and monitor infrastructure standards with Azure Policy

Important points:

• Azure Policy is a default allow and explicit deny system. It focuses on resource properties during deployment and for already existing resources. While RBAC focuses on user actions at different scopes. RBAC is explicit allow and default deny system.
• The Microsoft privacy statement explains what personal data Microsoft processes, how Microsoft processes it, and for what purposes.
• Trust Center is a website resource containing information and details about how Microsoft implements and supports security, privacy, compliance, and transparency in all Microsoft cloud products and services.
• The Service Trust Portal (STP) hosts the Compliance Manager service, and is the Microsoft public site for publishing audit reports and other compliance-related information relevant to Microsoft’s cloud services.
• Compliance Manager is a workflow-based risk assessment dashboard within the Trust Portal that enables you to track, assign, and verify your organization's regulatory compliance activities related to Microsoft professional services and Microsoft cloud services such as Office 365, Dynamics 365, and Azure.

Knowledge check:

1. True or false: You can download published audit reports and other compliance-related information related to Microsoft’s cloud service from the Service Trust Portal

• True

You can download published audit reports and other compliance-related information related to Microsoft’s cloud service from the Service Trust Portal.

• False

2. Which Azure service allows you to configure fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs?

• Locks
• Policy
• Initiatives
• Role-based Access Control

Role-based access control (RBAC) provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs. RBAC is provided at no additional cost to all Azure subscriber.

3. Which Azure service allows you to create, assign, and, manage policies to enforce different rules and effects over your resources and stay compliant with your corporate standards and service-level agreements (SLAs)?

• Azure Policy

Azure Policy is a service in Azure that you use to create, assign, and, manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service-level agreements (SLAs).

• Azure Blueprints
• Azure Security Center
• Role-based Access Control

4. Which of the following services provides up-to-date status information about the health of Azure services?

• Compliance Manager
• Azure Monitor
• Service Trust Portal
• Azure Service Health

Azure Service Health is the correct answer, because it provides you with a global view of the health of Azure services. With Azure Status, a component of Azure Service Health, you can get up-to-the-minute information on service availability.

5. Where can you obtain details about the personal data Microsoft processes, how Microsoft processes it, and for what purposes?

• Microsoft Privacy Statement

You can obtain the details about how Microsoft uses personal data in the Microsoft Privacy Statement.

• Compliance Manager
• Azure Service Health
• Trust Center