Thursday, January 25, 2018

Microsoft Exam 70-535 (Architecting Microsoft Azure Solutions) in a nutshell!- Key topics Secure Resources

These are the sub-topics that you have to cover in the Secure Resources topic of exam Exam 70-535 (Architecting Microsoft Azure Solutions). This sub-topic should cover 20%-25% of the exam.
For the complete list of the seven topics, please refer to the first post of this series :

That is entitled: Microsoft Exam 70-535 (Architecting Microsoft Azure Solutions) in a nutshell!
       Design an identity solution
       Design AD Connect synchronization; design federated identities using Active Directory Federation Services (AD FS); design solutions for Multi-Factor Authentication (MFA); design an architecture using Active Directory on-premises and Azure Active Directory (AAD); determine when to use Azure AD Domain Services; design security for Mobile Apps using AAD
       Secure resources by using identity providers
       Design solutions that use external or consumer identity providers such as Microsoft account, Facebook, Google, and Yahoo; determine when to use Azure AD B2C and Azure AD B2B; design mobile apps using AAD B2C or AAD B2B
       Design a data security solution
       Design data security solutions for Azure services; determine when to use Azure Storage encryption, Azure Disk Encryption, Azure SQL Database security capabilities, and Azure Key Vault; design for protecting secrets in ARM templates using Azure Key Vault; design for protecting application secrets using Azure Key Vault; design a solution for managing certificates using Azure Key Vault; design solutions that use Azure AD Managed Service Identity
       Design a mechanism of governance and policies for administering Azure resources
       Determine when to use Azure RBAC standard roles and custom roles; define an Azure RBAC strategy; determine when to use Azure resource policies; determine when to use Azure AD Privileged Identity Management; design solutions that use Azure AD Managed Service Identity; determine when to use HSM-backed keys
       Manage security risks by using an appropriate security solution

       Identify, assess, and mitigate security risks by using Azure Security Center, Operations Management Suite Security and Audit solutions, and other services; determine when to use Azure AD Identity Protection; determine when to use Advanced Threat Detection; determine an appropriate endpoint protection strategy 

No comments: