Section 4: Data & Applications
Secure Data and Applications (30-35%)
Configure Security Policies to Manage Data
Configure data classification; configure data retention; configure data sovereignty
Configure Security for Data Infrastructure
Enable database authentication; enable database auditing; configure Microsoft Azure SQL Database threat detection; configure access control for storage accounts; configure key management for storage accounts; create and manage Shared Access Signature (SAS); configure security for HDInsights; configure security for Cosmos DB; configure security for Microsoft Azure Data Lake
Implement Security for Application Delivery
Implement security validations for application development; configure synthetic security transactions
Configure Application Security
Configure SSL/TLS certs; configure Microsoft Azure services to protect web apps; create and application security baseline
Configure and Manage Key Vault
Manage access to Key Vault; manage permissions to secrets, certificates, and keys; manage certificates; manage secrets; configure key rotation