microsoft
/
MCW-Securing-PaaS
зеркало из https://github.com/microsoft/MCW-Securing-PaaS.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Update HOL unguided - Securing PaaS.md 

August test/fix QC.
This commit is contained in:
DDesJardins2 2018-10-08 14:44:55 -07:00 коммит произвёл GitHub
Родитель 45d59c9e2d
Коммит cc6da31e0d
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
1 изменённых файлов: 62 добавлений и 62 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

124
Hands-on lab/HOL unguided - Securing PaaS.md
Просмотреть файл

@ -33,105 +33,105 @@ Microsoft and the trademarks listed at <https://www.microsoft.com/en-us/legal/in
- [Requirements](#requirements)
- [Exercise 1: Creating and securing Azure Active Directory accounts](#exercise-1-creating-and-securing-azure-active-directory-accounts)
- [Task 1: Create Azure Active Directory groups](#task-1-create-azure-active-directory-groups)
- [Tasks to Complete:](#tasks-to-complete)
- [Exit Criteria:](#exit-criteria)
- [Tasks to Complete](#tasks-to-complete)
- [Exit Criteria](#exit-criteria)
- [Task 2: Create Azure Active Directory accounts](#task-2-create-azure-active-directory-accounts)
- [Tasks to Complete:](#tasks-to-complete-1)
- [Exit Criteria:](#exit-criteria-1)
- [Tasks to Complete](#tasks-to-complete-1)
- [Exit Criteria](#exit-criteria-1)
- [Task 3: Enable Azure Identity Protection features](#task-3-enable-azure-identity-protection-features)
- [Tasks to Complete:](#tasks-to-complete-2)
- [Exit Criteria:](#exit-criteria-2)
- [Tasks to Complete](#tasks-to-complete-2)
- [Exit Criteria](#exit-criteria-2)
- [Exercise 2: Securing Azure Key Vault with Azure IAM](#exercise-2-securing-azure-key-vault-with-azure-iam)
- [Task 1: Create a new Azure Key Vault](#task-1-create-a-new-azure-key-vault)
- [Tasks to Complete:](#tasks-to-complete-3)
- [Exit Criteria:](#exit-criteria-3)
- [Tasks to Complete](#tasks-to-complete-3)
- [Exit Criteria](#exit-criteria-3)
- [Task 2: Assign IAM based Azure Key Vault permissions](#task-2-assign-iam-based-azure-key-vault-permissions)
- [Tasks to Complete:](#tasks-to-complete-4)
- [Exit Criteria:](#exit-criteria-4)
- [Tasks to Complete](#tasks-to-complete-4)
- [Exit Criteria](#exit-criteria-4)
- [Task 3: Assign access policy based Azure Key Vault permissions](#task-3-assign-access-policy-based-azure-key-vault-permissions)
- [Tasks to Complete:](#tasks-to-complete-5)
- [Exit Criteria:](#exit-criteria-5)
- [Tasks to Complete](#tasks-to-complete-5)
- [Exit Criteria](#exit-criteria-5)
- [Task 4: Verify Azure Key Vault permissions](#task-4-verify-azure-key-vault-permissions)
- [Tasks to Complete:](#tasks-to-complete-6)
- [Exit Criteria:](#exit-criteria-6)
- [Tasks to Complete](#tasks-to-complete-6)
- [Exit Criteria](#exit-criteria-6)
- [Exercise 3: Azure deployments using Azure Key Vault](#exercise-3-azure-deployments-using-azure-key-vault)
- [Task 1: Create new secrets](#task-1-create-new-secrets)
- [Tasks to Complete:](#tasks-to-complete-7)
- [Exit Criteria:](#exit-criteria-7)
- [Tasks to Complete](#tasks-to-complete-7)
- [Exit Criteria](#exit-criteria-7)
- [Task 2: Deploy an ARM Template using Azure Key Vault resources](#task-2-deploy-an-arm-template-using-azure-key-vault-resources)
- [Tasks to Complete:](#tasks-to-complete-8)
- [Exit Criteria:](#exit-criteria-8)
- [Tasks to Complete](#tasks-to-complete-8)
- [Exit Criteria](#exit-criteria-8)
- [Exercise 4: Securing the web application and database](#exercise-4-securing-the-web-application-and-database)
- [Task 1: Setup the database](#task-1-setup-the-database)
- [Tasks to Complete:](#tasks-to-complete-9)
- [Exit Criteria:](#exit-criteria-9)
- [Tasks to Complete](#tasks-to-complete-9)
- [Exit Criteria](#exit-criteria-9)
- [Task 2: Test the web application solution](#task-2-test-the-web-application-solution)
- [Tasks to Complete:](#tasks-to-complete-10)
- [Exit Criteria:](#exit-criteria-10)
- [Tasks to Complete](#tasks-to-complete-10)
- [Exit Criteria](#exit-criteria-10)
- [Task 3: Utilize data masking](#task-3-utilize-data-masking)
- [Tasks to Complete:](#tasks-to-complete-11)
- [Exit Criteria:](#exit-criteria-11)
- [Tasks to Complete](#tasks-to-complete-11)
- [Exit Criteria](#exit-criteria-11)
- [Task 4: Utilize column encryption with Azure Key Vault](#task-4-utilize-column-encryption-with-azure-key-vault)
- [Tasks to Complete:](#tasks-to-complete-12)
- [Exit Criteria:](#exit-criteria-12)
- [Tasks to Complete](#tasks-to-complete-12)
- [Exit Criteria](#exit-criteria-12)
- [Task 5: Enable SQL Azure Auditing & Threat Detection](#task-5-enable-sql-azure-auditing--threat-detection)
- [Tasks to Complete:](#tasks-to-complete-13)
- [Exit Criteria:](#exit-criteria-13)
- [Tasks to Complete](#tasks-to-complete-13)
- [Exit Criteria](#exit-criteria-13)
- [Task 6: Ensure SQL Azure Transparent Data Encryption (TDE) is enabled](#task-6-ensure-sql-azure-transparent-data-encryption-tde-is-enabled)
- [Tasks to Complete:](#tasks-to-complete-14)
- [Exit Criteria:](#exit-criteria-14)
- [Tasks to Complete](#tasks-to-complete-14)
- [Exit Criteria](#exit-criteria-14)
- [Exercise 5: Migrating web.config settings to azure key vault](#exercise-5-migrating-webconfig-settings-to-azure-key-vault)
- [Task 1: Create an Azure Key Vault secret](#task-1-create-an-azure-key-vault-secret)
- [Tasks to Complete:](#tasks-to-complete-15)
- [Exit Criteria:](#exit-criteria-15)
- [Tasks to Complete](#tasks-to-complete-15)
- [Exit Criteria](#exit-criteria-15)
- [Task 2: Create an Azure Active Directory application](#task-2-create-an-azure-active-directory-application)
- [Tasks to Complete:](#tasks-to-complete-16)
- [Exit Criteria:](#exit-criteria-16)
- [Tasks to Complete](#tasks-to-complete-16)
- [Exit Criteria](#exit-criteria-16)
- [Task 3: Assign the new Application Azure Key Vault Permissions](#task-3-assign-the-new-application-azure-key-vault-permissions)
- [Tasks to Complete:](#tasks-to-complete-17)
- [Exit Criteria:](#exit-criteria-17)
- [Tasks to Complete](#tasks-to-complete-17)
- [Exit Criteria](#exit-criteria-17)
- [Task 4: Install NuGet packages](#task-4-install-nuget-packages)
- [Tasks to Complete:](#tasks-to-complete-18)
- [Exit Criteria:](#exit-criteria-18)
- [Tasks to Complete](#tasks-to-complete-18)
- [Exit Criteria](#exit-criteria-18)
- [Task 5: Test the solution](#task-5-test-the-solution)
- [Tasks to Complete:](#tasks-to-complete-19)
- [Exit Criteria:](#exit-criteria-19)
- [Tasks to Complete](#tasks-to-complete-19)
- [Exit Criteria](#exit-criteria-19)
- [Exercise 6: Securing PaaS web applications with App Service Environment and Web Application Firewall](#exercise-6-securing-paas-web-applications-with-app-service-environment-and-web-application-firewall)
- [Task 1: Deploy web application to app service environment](#task-1-deploy-web-application-to-app-service-environment)
- [Tasks to Complete:](#tasks-to-complete-20)
- [Exit Criteria:](#exit-criteria-20)
- [Tasks to Complete](#tasks-to-complete-20)
- [Exit Criteria](#exit-criteria-20)
- [Task 2: Configure the Web Application Firewall](#task-2-configure-the-web-application-firewall)
- [Tasks to Complete:](#tasks-to-complete-21)
- [Exit Criteria:](#exit-criteria-21)
- [Tasks to Complete](#tasks-to-complete-21)
- [Exit Criteria](#exit-criteria-21)
- [Task 3: Enable Application Gateway logging](#task-3-enable-application-gateway-logging)
- [Tasks to Complete:](#tasks-to-complete-22)
- [Exit Criteria:](#exit-criteria-22)
- [Tasks to Complete](#tasks-to-complete-22)
- [Exit Criteria](#exit-criteria-22)
- [Task 4: Attack a ASE Web Application with Detection Only](#task-4-attack-a-ase-web-application-with-detection-only)
- [Tasks to Complete:](#tasks-to-complete-23)
- [Exit Criteria:](#exit-criteria-23)
- [Tasks to Complete](#tasks-to-complete-23)
- [Exit Criteria](#exit-criteria-23)
- [Task 5: Enable Web Application Firewall Prevention](#task-5-enable-web-application-firewall-prevention)
- [Tasks to Complete:](#tasks-to-complete-24)
- [Exit Criteria:](#exit-criteria-24)
- [Tasks to Complete](#tasks-to-complete-24)
- [Exit Criteria](#exit-criteria-24)
- [Task 6: Reattack an ASE Web Application with Prevention enabled](#task-6-reattack-an-ase-web-application-with-prevention-enabled)
- [Tasks to Complete:](#tasks-to-complete-25)
- [Exit Criteria:](#exit-criteria-25)
- [Tasks to Complete](#tasks-to-complete-25)
- [Exit Criteria](#exit-criteria-25)
- [Exercise 7: Securing Azure Functions with Managed Service Identities](#exercise-7-securing-azure-functions-with-managed-service-identities)
- [Task 1: Create an Azure Function](#task-1-create-an-azure-function)
- [Tasks to Complete:](#tasks-to-complete-26)
- [Exit Criteria:](#exit-criteria-26)
- [Tasks to Complete](#tasks-to-complete-26)
- [Exit Criteria](#exit-criteria-26)
- [Task 2: Create a Managed Service Identity](#task-2-create-a-managed-service-identity)
- [Tasks to Complete:](#tasks-to-complete-27)
- [Exit Criteria:](#exit-criteria-27)
- [Tasks to Complete](#tasks-to-complete-27)
- [Exit Criteria](#exit-criteria-27)
- [Task 3: Assign Managed Service Identity Azure Key Vault Permissions](#task-3-assign-managed-service-identity-azure-key-vault-permissions)
- [Tasks to Complete:](#tasks-to-complete-28)
- [Exit Criteria:](#exit-criteria-28)
- [Tasks to Complete](#tasks-to-complete-28)
- [Exit Criteria](#exit-criteria-28)
- [Task 4: Test your Azure Function](#task-4-test-your-azure-function)
- [Tasks to Complete:](#tasks-to-complete-29)
- [Exit Criteria:](#exit-criteria-29)
- [Tasks to Complete](#tasks-to-complete-29)
- [Exit Criteria](#exit-criteria-29)
- [Exercise 8: Creating PaaS Audit and Compliance Power BI Reports](#exercise-8-creating-paas-audit-and-compliance-power-bi-reports)
- [Task 1: Export a Power Query formula from Log Analytics](#task-1-export-a-power-query-formula-from-log-analytics)
- [Tasks to Complete:](#tasks-to-complete-30)
- [Exit Criteria:](#exit-criteria-30)
- [Tasks to Complete](#tasks-to-complete-30)
- [Exit Criteria](#exit-criteria-30)
- [After the hands-on lab](#after-the-hands-on-lab)
- [Task 1: Delete resource group](#task-1-delete-resource-group)
- [Task 2: Delete Azure AD objects](#task-2-delete-azure-ad-objects)