eigene sc100 fragen

You need a solution that collects logs from multiple sources and allows querying and correlation

Security Information and Event Management (SIEM)

You need automated playbooks to respond to security incidents

Security Orchestration, Automation and Response (SOAR)

You need unified detection across identity, endpoint, email, and apps

Extended Detection and Response (XDR)

You want Microsoft’s integrated cross-domain detection and response platform

Microsoft Defender XDR (XDR)

You need a central platform combining SIEM and SOAR capabilities

Microsoft Sentinel (SIEM + SOAR)

You need to assess security posture and detect threats in Azure resources

Microsoft Defender for Cloud (CSPM + CWPP)

You need to identify misconfigurations in your cloud environment

Cloud Security Posture Management (CSPM)

You need to protect running workloads like VMs and containers

Cloud Workload Protection Platform (CWPP)

You want recommendations to improve your cloud security configuration

Cloud Security Posture Management (CSPM)

You need runtime protection for workloads against attacks

Cloud Workload Protection Platform (CWPP)

You must verify identity, device, and context before granting access

Verify Explicitly (Zero Trust Principle)

Users should only have access to what they need and nothing more

Least Privilege (Zero Trust Principle)

Your design assumes attackers may already be inside your environment

Assume Breach (Zero Trust Principle)

You need a structured plan to implement Zero Trust

Zero Trust Rapid Modernization Plan (RAMP)

You need Microsoft guidance for adopting and operating in the cloud

Microsoft Cloud Adoption Framework (CAF)

You want to evaluate the quality and best practices of your architecture

Microsoft Well-Architected Framework (WAF)

You need a preconfigured and secure cloud environment baseline

Landing Zone (LZ)

You need a structured way of thinking about architecture decisions

Framework

You want to integrate security into your CI/CD pipeline

Development, Security, and Operations (DevSecOps)

You need to analyze source code without executing it

Static Application Security Testing (SAST)

You need to test a running application from an attacker perspective

Dynamic Application Security Testing (DAST)

You want a quick validation that core security controls are working

Security Smoke Test

You want to systematically identify threats in a system design

STRIDE Threat Modeling Framework (STRIDE)

An attacker pretends to be another user

Spoofing (STRIDE)

Data is modified without authorization

Tampering (STRIDE)

A user denies performing an action

Repudiation (STRIDE)

Sensitive data is exposed to unauthorized users

Information Disclosure (STRIDE)

A system is made unavailable

Denial of Service (DoS)

A user gains higher permissions than intended

Elevation of Privilege (EoP)

You analyze systems by thinking like an attacker

MITRE ATT&CK Thinking (MITRE)

You need a private network in Azure to host resources

Azure Virtual Network (VNet)

You need to logically separate resources within a network

Subnet

You want to reduce attack surface by separating network areas

Network Segmentation

You need very granular communication control between workloads

Microsegmentation

You want centralized security and shared services with isolated workloads

Hub-and-Spoke Architecture

You need private access to Azure services without using the public internet

Private Endpoint

You want to control traffic inside a VNet using allow/deny rules

Network Security Group (NSG)

You need to filter malicious HTTP/HTTPS traffic before it reaches your app

Azure Web Application Firewall (WAF)

You need a global entry point with load balancing and routing

Azure Front Door

You want to cache and deliver content globally with low latency

Azure Content Delivery Network (CDN)

You need guidance on web application security best practices

Open Worldwide Application Security Project (OWASP)

You need to host a web application without managing infrastructure

Azure App Service

You need the compute resources behind your app hosting

App Service Plan (ASP)

You want a portable and isolated application package

Docker Container

You need a machine that runs containers

Node

You need the environment where code executes

Runtime Environment

You need to run containers without managing servers

Azure Container Instances (ACI)

You need orchestration for many containers

Azure Kubernetes Service (AKS)

You need the smallest deployable unit in Kubernetes

Pod

You need a group of nodes managed together

Cluster

You want to control what containers are allowed to do

Pod Security

You want simplified serverless containers without Kubernetes complexity

Azure Container Apps (ACA)

You need a cloud-based solution to secure access to apps from anywhere

Security Service Edge (SSE)

You need an intermediary that forwards requests between client and server

Proxy Server

You need advanced endpoint protection with behavioral detection

Microsoft Defender for Endpoint (MDE)

You need to discover all internet-facing assets of your organization

Microsoft Defender External Attack Surface Management (EASM)

You need to monitor and protect IoT and industrial devices without agents

Microsoft Defender for IoT

You need a managed relational database in Azure

Azure SQL Database

You need to analyze large-scale data

Azure Synapse Analytics

You need storage for raw, unstructured big data

Azure Data Lake Storage (ADLS)

You need temporary, limited access to storage resources

Shared Access Signature (SAS)

You need to manage on-prem and multi-cloud resources from Azure

Azure Arc

You need secure RDP/SSH access without exposing public IPs

Azure Bastion

You need a browser-based CLI for Azure management

Azure Cloud Shell