Microsoft
Azure
General
Secure Storage for Azure Files and Azure Blob Storage (AZ-1003)
In this learning path, you practice storing business data securely by using Azure Blob Storage and Azure Files. The skills validated include creating storage accounts, storage containers, and file shares. Also, configuring encryption and networking to improve the security posture.
About the course
Skills Covered
- Decide how many storage accounts you need for your project
- Determine the appropriate settings for each storage account
- Create a storage account using the Azure portal
- Understand the purpose and benefits of Azure Blob Storage.
- Create and configure Azure Blob Storage accounts.
- Manage containers and blobs within Azure Blob Storage.
- Optimize blob storage performance and scalability.
- Implement lifecycle management policies to automate data movement and deletion.
- Determine the best pricing plans for your Azure Blob Storage.
- Configure a shared access signature (SAS), including the uniform resource identifier (URI) and SAS parameters.
- Configure Azure Storage encryption.
- Implement customer-managed keys.
- Recommend opportunities to improve Azure Storage security.
- Identify the capabilities and features of network security groups.
- Identify the capabilities and features of virtual network service endpoints.
- Use network security groups to restrict network connectivity.
- Use virtual network service endpoints to control network traffic to and from Azure services.
- Create and configure a storage account.
- Create and configure blob storage.
- Create and configure Azure Files.
- Configure encryption for storage.
- Configure networking for storage.
Prerequisites:
- Experience using the Azure portal to create resources.
- Basic knowledge of unstructured data like blobs and files.
- Basic knowledge of security concepts like identities, permissions, and encryption.
- Basic knowledge of networking concepts like virtual networks and subnetting.
Course content
Create an Azure Storage account
- Decide how many storage accounts you need
- Choose your account settings
- Choose an account creation tool
Configure Azure Blob Storage
- Implement Azure Blob Storage
- Create blob containers
- Assign blob access tiers
- Add blob lifecycle management rules
- Determine blob object replication
- Upload blobs
- Determine Blob Storage pricing
- Interactive lab simulation
Configure Azure Storage security
- Review Azure Storage security strategies
- Create shared access signatures
- Identify URI and SAS parameters
- Determine Azure Storage encryption
- Create customer-managed keys
- Apply Azure Storage security best practices
- Interactive lab simulation
Secure and isolate access to Azure resources by using network security groups and service endpoints
- Use network security groups to control network access
- Secure network access to PaaS services with virtual network service endpoints