Loopus Labs
LOOPUSLABS
Loopus

Pro Content

This lesson requires Loopus Pro access. Upgrade to unlock all courses, labs, and challenges.

← Back to course
Cloud Security & MonitoringAzure Security

Azure Security Center

30 min
theory
+40 XP

Learning Objectives

  • Understand Azure security architecture
  • Configure identity and access management securely
  • Implement network security controls in Azure

Azure Security Fundamentals

Azure security builds on identity, network controls, and native security services. Understanding these foundations enables secure Azure deployments.

Identity Foundation

Azure Active Directory (Azure AD) provides identity and access management for Azure and Microsoft 365. All Azure access flows through Azure AD.

Conditional Access policies evaluate login context—user, device, location, risk—and apply appropriate controls. Require MFA for risky sign-ins, block legacy authentication, restrict access by location.

Privileged Identity Management (PIM) enables just-in-time access to privileged roles. Admins request elevation, provide justification, and receive temporary access rather than standing privileges.

Identity Protection detects risky sign-ins and users. Anomalous logins, impossible travel, and leaked credential detection trigger investigation or automated response.

Network Security

Network Security Groups (NSGs) filter traffic with allow/deny rules based on source, destination, port, and protocol. Apply to subnets or individual NICs.

Azure Firewall provides managed, stateful firewall with threat intelligence integration. Centralize egress control and logging.

Application Gateway with WAF protects web applications from common attacks like SQL injection and XSS.

Private Endpoints keep traffic on the Azure backbone rather than traversing the internet.

Resource Security

Role-Based Access Control (RBAC) grants permissions to Azure resources. Built-in roles cover common patterns; custom roles address specific needs.

Resource locks prevent accidental deletion or modification of critical resources.

Azure Policy enforces organizational standards. Require encryption, mandate approved regions, enforce tagging standards.

Management Groups organize subscriptions hierarchically. Apply policies and access controls across subscription collections.

Encryption

Azure Key Vault manages secrets, keys, and certificates. Applications retrieve secrets from Key Vault rather than storing in code.

Disk encryption protects data at rest using platform-managed or customer-managed keys.

TLS enforcement secures data in transit for Azure services.

Answer the Questions0 / 4 completed

📚 KnowledgeQuestion 1

What is Azure Security Center?

Format: ********(8 chars)
Exact match required
⌨️ Hands-OnQuestion 2

What is the Azure security tool?

Format: ********(8 chars)
Exact match required
📚 KnowledgeQuestion 3

What is Azure secure score?

Format: ***********(11 chars)
Exact match required
⌨️ Hands-OnQuestion 4

What metric ranks Azure posture?

Format: *****(5 chars)
Exact match required
Answer all questions correctly to unlock the next lesson
Previous
Answer all questions to continue