Understand Azure application endpoints
- Azure AD supports application integration
- Integration requires registering an application in Azure AD, including:
- Application type:
- Native
- Web app/API app
- Sign-in URL (for web app/API apps)
- Redirect URL (for native apps)
- Application type:
Understand Azure Web App for Containers
Primary characteristics of Azure Web App for Containers:
- Facilitates running Linux and Windows containers in the Web Apps feature of Azure App Service
- Provides Web App features for Docker-based workloads
Understand Application Insights
- Primary characteristics of Application Insights:
- Offers an extensible application performance monitoring (APM) service to web developers
- Provides instrumentation and analytics
- Collects telemetry data including performance counters, Azure diagnostics, and Docker logs
- Supports a wide variety of development platforms
- Application Insights operational model:
- Developers set up an Application Insights resource in their Azure subscription
- Developers configure Application Insights–specific instrumentation in their apps
- Instrumentation collects apps telemetry and sends it to the Application Insights resource
- Developers can view and analyze information derived from telemetry data in the Azure portal
Understand API Management
- Primary characteristics of APIM:
- Facilitates publishing APIs to external, partner, and internal developers
- Offers analytics, security, and authentication capabilities
- APIM operational model:
- APIM Administrator publishes APIs and offers their collections as products
- APIM Administrator defines API usage policies
- Developers subscribe to products
- Developers call API’s operations
- APIM components:
- API gateway: the endpoint accepting API calls, routing them to APIM, enforcing usage policies, providing API protection, and handling logging
- The Azure portal: the primary administrative interface for APIM
- Developer portal: the primary interface for developers using APIM
Understand certificates
- Primary characteristics of certificates:
- Facilitate a wide range of cryptographic operations, such as:
- Authentication
- Encryption
- Rely on signing to provide validation of a public key:
- Signed by a CA (recommended)
- Self-signed
- Facilitate a wide range of cryptographic operations, such as:
- Creating certificates by using Key Vault:
- An admin for a CA provider creates credentials for use by the key vault to enroll and renew certificates
- An app creates a key in a key vault
- The key vault sends a signing request to a CA
- CA responds to the request with a certificate
- The app polls for certificate request completion
Understand security considerations for application lifecycle management solutions
Microsoft Security Development Lifecycle (SDL) introduces security and privacy considerations throughout the whole development process:
- Provides training
- Defines security requirements
- Defines metrics and compliance reporting
- Performs threat modeling
- Establishes design requirements
- Defines and uses cryptography standards
- Manages security risks from using non-Microsoft components
- Uses approved tools
- Performs static analysis security testing
- Performs dynamic analysis security testing
- Performs penetration testing
- Establishes a standard incident response system
Top comments (0)