Azurecloud~30 mins

Why security posture matters in Azure - See It in Action

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Why security posture matters

📖 Scenario: You are working as a cloud administrator for a small company that uses Microsoft Azure. Your manager wants you to create a simple setup to understand how security posture works in Azure. This will help the company keep its cloud resources safe from threats.

🎯 Goal: Build a basic Azure security posture setup by creating a resource group, enabling Azure Security Center standard tier, and configuring a security policy to monitor the resources.

📋 What You'll Learn

Create an Azure resource group named SecurityDemoRG in the eastus region.

Enable Azure Security Center standard tier for the subscription.

Create a security policy assignment named SecurityDemoPolicy targeting the SecurityDemoRG resource group.

Configure the security policy to monitor and enforce security best practices.

💡 Why This Matters

🌍 Real World

Companies use Azure Security Center and security policies to protect their cloud resources from threats and vulnerabilities.

💼 Career

Cloud administrators and security engineers must understand how to configure and manage security posture to keep cloud environments safe.

Progress0 / 4 steps

Create the Azure resource group

Write an Azure CLI command to create a resource group named SecurityDemoRG in the eastus region.

Azure

# Your Azure CLI command here to create the resource group

Need a hint?

Use az group create with --name and --location parameters.

Enable Azure Security Center standard tier

Write an Azure CLI command to enable Azure Security Center standard tier for your subscription.

Azure

az group create --name SecurityDemoRG --location eastus
# Your Azure CLI command here to enable Security Center standard tier

Need a hint?

Use az security pricing create with --tier Standard to enable the standard tier.

Create a security policy assignment

Write an Azure CLI command to create a security policy assignment named SecurityDemoPolicy targeting the resource group SecurityDemoRG.

Azure

az group create --name SecurityDemoRG --location eastus
az security pricing create --name VirtualMachines --tier Standard
# Your Azure CLI command here to create security policy assignment

Need a hint?

Use az policy assignment create with --name SecurityDemoPolicy and --scope set to the resource group.

Configure security policy to monitor resources

Write an Azure CLI command to update the security policy assignment SecurityDemoPolicy to enable monitoring and enforcement of security best practices.

Azure

az group create --name SecurityDemoRG --location eastus
az security pricing create --name VirtualMachines --tier Standard
az policy assignment create --name SecurityDemoPolicy --scope /subscriptions/$(az account show --query id -o tsv)/resourceGroups/SecurityDemoRG --policy-set "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-8f41-cbb1694ed0c5"
# Your Azure CLI command here to update security policy assignment

Need a hint?

Use az policy assignment update with --parameters to set effect to Deny.