Open navigation menu
Close suggestions
Search
Search
en
Change Language
Upload
Sign in
Sign in
Download free for days
0 ratings
0% found this document useful (0 votes)
28 views
Lab05 SecuringAzureSQLDatabase
AZ500- Lab05
Uploaded by
sale kate
AI-enhanced title
Copyright
© © All Rights Reserved
Available Formats
Download as PDF or read online on Scribd
Download now
Download
Save Lab05_SecuringAzureSQLDatabase For Later
Download
Save
Save Lab05_SecuringAzureSQLDatabase For Later
0%
0% found this document useful, undefined
0%
, undefined
Embed
Share
Print
Report
0 ratings
0% found this document useful (0 votes)
28 views
Lab05 SecuringAzureSQLDatabase
AZ500- Lab05
Uploaded by
sale kate
AI-enhanced title
Copyright
© © All Rights Reserved
Available Formats
Download as PDF or read online on Scribd
Download now
Download
Save Lab05_SecuringAzureSQLDatabase For Later
Carousel Previous
Carousel Next
Save
Save Lab05_SecuringAzureSQLDatabase For Later
0%
0% found this document useful, undefined
0%
, undefined
Embed
Share
Print
Report
Download now
Download
You are on page 1
/ 7
Search
Fullscreen
5119/24, 10:49PM —_AZS00-AzureSecuriyTechnologies/istnictionsLabs/LAB_O5_SecuringhzureSQLDatabase.MD at master Microsoft. eamingiAZ. MicrosoftLearning / - = ‘AZ500-AzureSecurityTechnologies a 8 <> Code © Issues 11 Pullrequests © Actions © Security [~ Insights AZS00-AzureSecurityTechnologies / Instructions / Labs a / LAB_O5_SecuringAzureSQLDatabase.MD (0 ‘© serling1962 Update LAB_OS_SecuringAzureSQLDatabaseMD ~ Smonths ago 4191 Lines (104 loc) 9.08 KB Preview Code Blame Rw Oe 2 ~ lab title mo 05 - Securing Azure SQL Database Module 02 - Plan and implement security for Azu —EEEEEEEEEee > Lab 05: Securing Azure SQL Database Student lab manual Lab scenario You have been asked to review security features for Azure SQL database. Specifically, you are interested in: * Protection against attacks such as SQL injection and data exfiltration, * Ability to discover and classify database information into categories such as Confidential * Ability to audit database server and database queries and log events ‘ntpsigthub.comlcrosofeaming/AZS00-AzureSecury Technolog ws/biob/masterinsructions/LabsiLAB_0§_SecuringAzureSQLDatabase. MO wn571324, 1049 PM —_AZ500-ArureSccuriyTochnoogiosinsrutnslLabs/LAB_05_SecrngAzureSOLDatabase MO at master: MicrosofierringAZ For all the resources in this lab, we are using the East US region. Verify with your instructor this is the region to use for class. Lab objectives In this lab, you will complete the following exercise: * Exercise 1: Implement SQL Database security features Securing Azure SQL Database diagram Exercise1, Task1 (4) AzsooLaBi1 Exercise2, Task3 AZ500LabDb Data Discovery & Classification a Exercise2, Task2 25001119000 0 Azure Defender for SQL Exercise2, Task4 Auditing Instructions Lab files: © \Allfiles\Labs\11\azuredeploy,json ‘ntpsigthub.comMlcrosot_eaming/AZ500-AzureSecury Technolog es/biob/masterinsructionsiLabsiLAB_0§_SecuringAzureSQLDatabase. MO an5113/24, 1049 PM —__-AZ500-AzureSecuriyTechnologis/instnuctionsiLabs/L AB_05_SecuringAzureSQL Database MD al master Microsoft earingiAZ Exercise 1: Implement SQL Database security features Estimated timing: 30 minutes In this exercise, you will complete the following tasks: * Task 1: Deploy an Azure SQL Database * Task 2: Configure Advanced Data Protection # Task 3: Configure Data Classification * Task 4: Configure Auditing Task 1: Deploy an Azure SQL Database In this task, you will use a template to deploy the lab infrastructure. 1. Sign-in to the Azure portal https://portal.azure.com/ . Note: Sign in to the Azure portal using an account that has the Owner or Contributor role in the Azure subscription you are using for this lab. 2. In the Azure portal, in the Search resources, services, and docs text box at the top of the Azure portal page, type Deploy a custom template and press the Enter key. 3. On the Custom deployment blade, click the Build your own template in the editor option. 4, On the Edit template blade, click Load file, locate the \Alifiles\Labs\11\azuredeploy,json file and click Open Note: Review the content of the template and note that it deploys an Azure SQL database, 5. On the Edit template blade, click Save. 6. On the Custom deployment blade, ensure that the following settings are configured (leave any others with their default values): Setting Value Subscription the name of the Azure subscription you will be using in this lab Resource group click Create new and type the name AZSOOLAB11 Location (US) East US hitpsigthub.convMicrosoftearning/AZS00-AzuSecurtyTechnologiesblob/masternstructionsiLabsiLAB_0S _SecuringAzureSQLDatabase MD a5113/24, 10:49PM —_AZS00-AzureSecuriyTechnologies/nstnictions/Labs/LAB_O5_SecuringhzureSQLDatabase.MD at master Microsoft. earringiAZ. 7. Click Review + Create and then click Create. Note: Wait for the deployment to complete. Task 2: Configure Advanced Data Protection 1. In the Azure portal, in the Search resources, services, and docs text box at the top of the Azure portal page, type Resource groups and press the Enter key. 2. On the Resource groups blade, in the list of resource group, click the AZSOOLAB11 entry. 3. On the AZSOOLAB11 blade, click the entry representing the newly created SQL Server. 4. On the SQL server blade, in the Security section, click Microsoft Defender for Cloud, select Enable Microsoft Defender for SQL. Note: Wait until notification indicates Azure Defender for SQL has been successfully enabled, 5. On the SQL server blade, in the Security section, on the Microsoft Defender for Cloud page, in the Microsoft Defender for SQL: Enabled at the subscription-level (Configure) parameter, click (configure) Note: Refresh the browser if (configure) is not displaying. 6. On the Server Settings blade, review the information about pricing and the trial period, VULNERABILITY ASSESSMENT SETTINGS and ADVANCED THREAT PROTECTION SETTINGS. 7. Back to Microsoft Defender for Cloud blade, review Recommendations and Security alerts. Note: It may take 10-15 minutes for recommendations to appear on the Microsoft Defender for Cloud blade. Rather than waiting, proceed to the next task but consider returning to this blade once you complete all the remaining tasks. Task 3: Configure Data Classification In this task, you will discover and classify information in SQL database for GPDR and data protection compliance. 1. On the SQL server blade, in the Set \gs section, click SQL Databases hitpsigthub.convMicrosoftearning/AZS00-AzuSecurtyTechnologiesblob/masternstructionsiLabsiLAB_0S _SecuringAzureSQLDatabase MD an5113/24, 1049 PM —_AZS00-AzureSecuriyTechnologies/nstnuctions/Labs/LAB_O5_SecuringhzureSQLDatabase.MD at master Microsoft. earringiAZ. 2. In the list of databases, select the AZSOOLabDb entry. 3. On the AZ50OLabDb SQL database blade, in the Security section, click Data Discovery & Classification. 4, On the Data Discovery & Classification blade, click the Classification tab. Note: The classification engine scans your database for columns containing potentially sensitive data and provides a list of recommended column classifications. 5. Click the text message We have found 15 columns with classification recommendations displayed on blue bar at the top of the blade. 6. Review the listed columns and the recommended sensitivity label. 7. Enable the Select all checkbox and then click Accept Selected Recommendations Note: Alternatively, you could select only certain columns and dismiss others. Note: You have the option to change the information type and sensitivity label. 8, Once you have completed your review click Save. Note: This will complete the classification and persistently label the database columns with the new classification metadata. 9. Back on the Data Discovery & Classification blade Overview tab, note that it has been updated to account for the latest classification information. Task 4: Configure auditing In this task, you will first configure server level auditing and then configure database level auditing 1. In the Azure portal, navigate back to the SQL Server blade. 2. On the SQL Server blade, in the Security section, click Auditing Note: This is server level auditing. The default auditing settings include all the queries and stored procedures executed against the database, as well as successful and failed logins. 3, Set the Enable Azure SQL Auditing switch to ON to enable auditing. hips igthub.conyMicrosoftearning/AZS00-AzureSecurty Technologiesiblob/masternstuctionsiLabsiLAB_0S_SecuringAzureSQLDatabase MD sr571324, 1049 PM —_AZ500-ArureSccuriyTochnologosinsrutnslLabs/LAB_05_SecrngAzureSOLDatabase MO at master: MicrosofierringAZ 4, Select the Storage checkbox and entry boxes for Subscription and Storage Account will display. 5. Choose your Subscription from the dropdown list. 6. Click Storage account and choose Create new. 7. On the Create storage account blade, in the Name box, type a globally unique name consisting of between 3 and 24 lower case letters and digits, click OK, Note: You may need to refresh the browser before the storage account becomes available, 8. Back on the Auditing blade, under Advanced properties set Retention (days) to 5 9. On the Auditing blade, click Save to save the auditing settings. Note: If you receive an error message regarding invalid storage container path then the storage account may not have have been provisioned yet. Wait a few minutes, click Storage account, on the Choose storage account blade, select the newly created storage account and back on the Auditing blade, click Save. 10. On the server blade, in the Settings section, click SQL Databases. 1. In the list of databases, select the AZSO0LabDb entry, 12. On the AZS00LabDb SQL database blade, in the Security section, click Auditing. Note: This is database level auditing. Server-level auditing is already enabled. Note: Audits can be written to an Azure storage account, to a Log Analytics workspace, or to the Event Hub. You can configure any combination of these options. Note: If storage-based auditing is enabled on the server, it will always apply to the database, regardless of the database settings 13. On your SQL database Overview page in the Azure portal, select Query editor (preview) from the left menu. Try to sign in, you might fail on password, firewall rule for your IP address, everything gets audited. Try successfull login as well, run query and you might find more detials in audit logs 14, switch back to DB, Auditing and Click View Audit Logs. 15. On the Audit records blade, note that you can switch between Server audit and Database audit. ‘ntpsigthub.comlcrosofeaming/AZS00-AzureSecury Technolog ws/biob/masterinsructions/LabsiLAB_0§_SecuringAzureSQLDatabase. MO er571924, 1049PM —_AZ5O0-AcureSecuryTechnologislnsnconslLabsLAB_O6_SectringAzueSQLDatabase MO al master Mirosoft.earinglAZ Results: You have created a SQL server and database, configured data classification, and auditing. Clean up resources Remember to remove any newly created Azure resources that you no longer use. Removing unused resources ensures you will not incur unexpected costs. 1. In the Azure portal, open the Cloud Shell by clicking the first icon in the top right of the Azure Portal. If prompted, click PowerShell and Create storage 2. Ensure PowerShell is selected in the drop-down menu in the upper-left corner of the Cloud Shell pane. 3. In the PowerShell session within the Cloud Shell pane, run the following to remove the resource group you created in this lab: o Remove-AzResourceGroup -Name "AZS@0LAB11" -Force -AsJob 4, Close the Cloud Shell pane. ‘ntpsigthub.comMlcrosofeaming/AZ500-AzureSecurty Technolog es/blob/masterinsructionsiLabsiLAB_0§_SecuringAzureSQLDatabase. MD uw
You might also like
DP900 ExamTopic Questions - 70 To 200
PDF
No ratings yet
DP900 ExamTopic Questions - 70 To 200
49 pages
DP 203
PDF
100% (1)
DP 203
87 pages
Microsoft SQL Database
PDF
50% (4)
Microsoft SQL Database
401 pages
Planning and Implementing Data Services
PDF
No ratings yet
Planning and Implementing Data Services
33 pages
Lab 061582234917173
PDF
No ratings yet
Lab 061582234917173
3 pages
TP01 - DP-900 - Explore Azure SQL Database
PDF
No ratings yet
TP01 - DP-900 - Explore Azure SQL Database
4 pages
Azure SQL Database Administration-Overview
PDF
No ratings yet
Azure SQL Database Administration-Overview
7 pages
Azure SQL
PDF
No ratings yet
Azure SQL
3,323 pages
Azure Database Administration
PDF
No ratings yet
Azure Database Administration
8 pages
Azure SQL
PDF
No ratings yet
Azure SQL
3,064 pages
3_Implement_a_secure_environment
PDF
No ratings yet
3_Implement_a_secure_environment
29 pages
Smartknower Major Project
PDF
No ratings yet
Smartknower Major Project
23 pages
MIE1628 Big Data Analytics Lecture8
PDF
No ratings yet
MIE1628 Big Data Analytics Lecture8
82 pages
Lab Getting Started
PDF
No ratings yet
Lab Getting Started
11 pages
Azure_Practice assignment 01
PDF
No ratings yet
Azure_Practice assignment 01
97 pages
Adding Users To Azure SQL Databases
PDF
No ratings yet
Adding Users To Azure SQL Databases
4 pages
4 Monitor and optimize operational resources
PDF
No ratings yet
4 Monitor and optimize operational resources
23 pages
DBI-B306
PDF
No ratings yet
DBI-B306
29 pages
Protecting Data With Encryption and Auditing
PDF
No ratings yet
Protecting Data With Encryption and Auditing
35 pages
Big Data Orientation: Lab 2 - Working With A Relational Database in Microsoft Azure
PDF
No ratings yet
Big Data Orientation: Lab 2 - Working With A Relational Database in Microsoft Azure
6 pages
Protecting Data With Encryption and Auditing
PDF
No ratings yet
Protecting Data With Encryption and Auditing
38 pages
Azure SQL Course Summary
PDF
No ratings yet
Azure SQL Course Summary
5 pages
Querying With Transact-SQL: Getti NG Started
PDF
No ratings yet
Querying With Transact-SQL: Getti NG Started
11 pages
DA DataArchitect PDF
PDF
No ratings yet
DA DataArchitect PDF
28 pages
AZ204 MS Learn LABS
PDF
No ratings yet
AZ204 MS Learn LABS
21 pages
Database Administration On Microsoft Azure - Step by Step Activity Guide
PDF
No ratings yet
Database Administration On Microsoft Azure - Step by Step Activity Guide
24 pages
Migrate Existing Databases To Azure SQL Database
PDF
No ratings yet
Migrate Existing Databases To Azure SQL Database
7 pages
Getting Started With DAT201x
PDF
No ratings yet
Getting Started With DAT201x
11 pages
Data Sync
PDF
No ratings yet
Data Sync
1,342 pages
Developing SQL Databases: Getting Started
PDF
No ratings yet
Developing SQL Databases: Getting Started
11 pages
Getting Started With DS
PDF
No ratings yet
Getting Started With DS
12 pages
9 and 10 Experiment
PDF
No ratings yet
9 and 10 Experiment
20 pages
Microsoft® Azure™ SQL Database Step by Step PDF
PDF
No ratings yet
Microsoft® Azure™ SQL Database Step by Step PDF
48 pages
MicrosoftAzureDataProtection Aug2014A
PDF
No ratings yet
MicrosoftAzureDataProtection Aug2014A
39 pages
SQL Database Azure
PDF
No ratings yet
SQL Database Azure
800 pages
Relational Databases
PDF
No ratings yet
Relational Databases
374 pages
Azure SQL Database Step by Step
PDF
100% (1)
Azure SQL Database Step by Step
487 pages
Who Manages What?: Figure 1.1 Lists The Tasks That You (The Dba) and Microsoft Manage For Azure SQL Paas
PDF
No ratings yet
Who Manages What?: Figure 1.1 Lists The Tasks That You (The Dba) and Microsoft Manage For Azure SQL Paas
24 pages
HandleAzureSQLAuditingWithEase Passsummit
PDF
No ratings yet
HandleAzureSQLAuditingWithEase Passsummit
45 pages
Lab 1 - Getting Started With Azure Data Factory
PDF
No ratings yet
Lab 1 - Getting Started With Azure Data Factory
5 pages
Monitoring & Tuning Azure SQL Database: Presenting Sponsors
PDF
100% (1)
Monitoring & Tuning Azure SQL Database: Presenting Sponsors
38 pages
04-Walkthrough-Create A SQL Database
PDF
No ratings yet
04-Walkthrough-Create A SQL Database
7 pages
8 DBA Tasks For Azure SQL: What's Different From On-Prem
PDF
100% (1)
8 DBA Tasks For Azure SQL: What's Different From On-Prem
33 pages
Immediate Download Azure SQL Revealed: A Guide To The Cloud For SQL Server Professionals 1st Edition Bob Ward Ebooks 2024
PDF
100% (1)
Immediate Download Azure SQL Revealed: A Guide To The Cloud For SQL Server Professionals 1st Edition Bob Ward Ebooks 2024
62 pages
DP-900 Handwritten Notes
PDF
No ratings yet
DP-900 Handwritten Notes
31 pages
Complete Guide For SQL Database Audit
PDF
No ratings yet
Complete Guide For SQL Database Audit
13 pages
Module 9 Lecture
PDF
No ratings yet
Module 9 Lecture
24 pages
Lab 8 - Securing Azure Data Platforms
PDF
No ratings yet
Lab 8 - Securing Azure Data Platforms
8 pages
Azure Data Engineer Guide
PDF
No ratings yet
Azure Data Engineer Guide
87 pages
Session 4 XP
PDF
No ratings yet
Session 4 XP
16 pages
Azure Backup & Migration
PDF
No ratings yet
Azure Backup & Migration
12 pages
Lab2-SQL Database Migration and Maintenance
PDF
No ratings yet
Lab2-SQL Database Migration and Maintenance
32 pages
Implementing An Azure SQL Data Warehouse
PDF
No ratings yet
Implementing An Azure SQL Data Warehouse
41 pages
Dp203 Notes
PDF
No ratings yet
Dp203 Notes
87 pages
SQL Server Documentation
PDF
No ratings yet
SQL Server Documentation
477 pages
1734242335718
PDF
No ratings yet
1734242335718
84 pages
Lab Answer Key - Module 7 - Planning and Implementing Azure SQL Database
PDF
No ratings yet
Lab Answer Key - Module 7 - Planning and Implementing Azure SQL Database
11 pages
2 Describe Microsoft Intelligent Data Platform roles - Training _ Microsoft Learn
PDF
No ratings yet
2 Describe Microsoft Intelligent Data Platform roles - Training _ Microsoft Learn
1 page
SQL Server Ground To Cloud
PDF
No ratings yet
SQL Server Ground To Cloud
167 pages
Comptia Pentest Plus pt0 002 2 4 1 Web and Cloud Discovery and Enumeration
PDF
No ratings yet
Comptia Pentest Plus pt0 002 2 4 1 Web and Cloud Discovery and Enumeration
1 page
Lab03 AzureFirewall
PDF
No ratings yet
Lab03 AzureFirewall
11 pages
Lab03 ConfiguringandSecuringACRandAKS
PDF
No ratings yet
Lab03 ConfiguringandSecuringACRandAKS
12 pages
Sy0 601 14
PDF
No ratings yet
Sy0 601 14
50 pages
Compapre HPM880z
PDF
No ratings yet
Compapre HPM880z
1 page
Sy0 601 12
PDF
No ratings yet
Sy0 601 12
34 pages