Episode Details
Back to Episodes
Course 29 - AZ-500 Microsoft Azure Security Technologies | Episode 14: Securing Data and Applications in Microsoft Azure
Published 1 month, 2 weeks ago
Description
Overview
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
- Focus: Protecting cloud data and applications using Azure-native tools.
- Balance of theory (security principles, SDLC) and hands-on labs for exam readiness.
- Defense-in-Depth:
- Network: Firewalls, Virtual Networks
- Encryption: At rest & in transit
- Authorization:
- Master Keys (full access, high risk)
- Resource Tokens (time-bound, limited access for untrusted clients)
- Hierarchical Namespace: Supports structured, fine-grained access
- POSIX-style ACLs: Manage permissions on files & directories
- Azure AD Authentication: Ensures secure query execution for services like Data Lake Analytics
- Threat modeling during design phase
- Static and dynamic code analysis for vulnerabilities (e.g., SQL injection)
- Security champions embedded in agile teams
- Authentication & Access Control: OAuth 2.0, RBAC
- Secrets Management: Azure Key Vault integration
- Infrastructure Protection:
- Web Application Firewall (WAF)
- Azure DDoS Protection (Basic & Standard tiers) for layer 7 and volumetric attacks
- Cosmos DB Labs: SQL queries, diagnostic logging, SAS token management
- App Service Labs: Custom domain setup, SSL/TLS binding
- Exam-Style Scenarios:
- Revoking compromised SAS tokens
- Assigning database roles to Azure AD users
- Ensuring proper access segregation and secure network configuration
- Apply defense-in-depth at database, storage, and application layers
- Prefer resource-limited access over full-access keys for security
- Integrate SDLC security practices and Azure-native protection services
- Practice hands-on labs to reinforce exam-relevant configurations
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy