Section 4: Data & Applications

Secure Data and Applications (30-35%)
Configure Security Policies to Manage Data

Configure data classification; configure data retention; configure data sovereignty

Configure Security for Data Infrastructure

Enable database authentication; enable database auditing; configure Microsoft Azure SQL Database threat detection; configure access control for storage accounts; configure key management for storage accounts; create and manage Shared Access Signature (SAS); configure security for HDInsights; configure security for Cosmos DB; configure security for Microsoft Azure Data Lake

Implement Security for Application Delivery

Implement security validations for application development; configure synthetic security transactions

Configure Application Security

Configure SSL/TLS certs; configure Microsoft Azure services to protect web apps; create and application security baseline

Configure and Manage Key Vault

Manage access to Key Vault; manage permissions to secrets, certificates, and keys; manage certificates; manage secrets; configure key rotation

Download the pdf here