Q1: What is the difference between authentication and
authorization
** What Is Authentication?**
Authentication is the act of validating that users are whom they claim to be. This is the first step in any security process.
_
Complete an authentication process with:
_Passwords. Usernames and passwords are the most common authentication factors. If a user enters the correct data, the system assumes the identity is valid and grants access.
One-time pins. Grant access for only one session or transaction.
Authentication apps. Generate security codes via an outside party that grants access.
Biometrics. A user presents a fingerprint or eye scan to gain access to the system. _
What Is Authorization?
_Authorization in system security is the process of giving the user permission to access a specific resource or function. This term is often used interchangeably with access control or client privilege.
_Giving someone permission to download a particular file on a server or providing individual users with administrative access to an application are good examples of authorization.
In secure environments, authorization must always follow authentication. Users should first prove that their identities are genuine before an organization’s administrators grant them access to the requested resources. _
Q2: What is a security policy in security center?
security policy defines the set of controls that are recommended for resources within the specified subscription. In Azure Security Center, you define policies for your Azure subscriptions according to your company's security requirements and the type of applications or sensitivity of the data in each subscription.
The security policies enabled in Azure Security Center drive security recommendations and monitoring.
Q3: What are the types of locks you have in Azure?
As an administrator, you can lock an Azure subscription, resource group, or resource to protect them from accidental user deletions and modifications. The lock overrides any user permissions.
You can set locks that prevent either deletions or modifications. In the portal, these locks are called Delete and Read-only. In the command line, these locks are called CanNotDelete and ReadOnly.
CanNotDelete means authorized users can read and modify a resource, but they can't delete it.
ReadOnly means authorized users can read a resource, but they can't delete or update it. Applying this lock is similar to restricting all authorized users to the permissions that the Reader role provides.
Top comments (0)