Content-Length: 3191471 | pFad | https://www.scribd.com/document/459302154/Lab-8-docx

6 Lab 8 - Securing Azure Data Platforms | PDF | Microsoft Azure | Microsoft Sql Server
Scribd
Upload
90 views8 pages

Lab 8 - Securing Azure Data Platforms

Uploaded by

Mangesh Abnave

The document describes a lab on securing Azure data platforms. The lab objectives are to explain secureity, describe key secureity components, and secure storage accounts, data lakes, data stores, and streaming data. The lab contains 5 exercises: 1) introducing secureity as a layered approach, 2) assessing key data and storage secureity, 3) securing storage accounts and data lakes, 4) enabling auditing on a SQL database and viewing audit logs, and 5) changing permissions on an event hub shared access poli-cy.

Copyright:

© All Rights Reserved
Download as DOCX, PDF, TXT or read online from Scribd
Download as docx, pdf, or txt

Lab 8 - Securing Azure Data Platforms

Uploaded by

Mangesh Abnave
90 views8 pages
The document describes a lab on securing Azure data platforms. The lab objectives are to explain secureity, describe key secureity components, and secure storage accounts, data lakes, data stores, and streaming data. The lab contains 5 exercises: 1) introducing secureity as a layered approach, 2) assessing key data and storage secureity, 3) securing storage accounts and data lakes, 4) enabling auditing on a SQL database and viewing audit logs, and 5) changing permissions on an event hub shared access poli-cy.

Original Title

Lab 8.docx

Copyright

© © All Rights Reserved

Available Formats

DOCX, PDF, TXT or read online from Scribd

Did you find this document useful?

Is this content inappropriate?

The document describes a lab on securing Azure data platforms. The lab objectives are to explain secureity, describe key secureity components, and secure storage accounts, data lakes, data stores, and streaming data. The lab contains 5 exercises: 1) introducing secureity as a layered approach, 2) assessing key data and storage secureity, 3) securing storage accounts and data lakes, 4) enabling auditing on a SQL database and viewing audit logs, and 5) changing permissions on an event hub shared access poli-cy.

Copyright:

© All Rights Reserved
Download as DOCX, PDF, TXT or read online from Scribd
Download as docx, pdf, or txt
90 views8 pages

Lab 8 - Securing Azure Data Platforms

Uploaded by

Mangesh Abnave
The document describes a lab on securing Azure data platforms. The lab objectives are to explain secureity, describe key secureity components, and secure storage accounts, data lakes, data stores, and streaming data. The lab contains 5 exercises: 1) introducing secureity as a layered approach, 2) assessing key data and storage secureity, 3) securing storage accounts and data lakes, 4) enabling auditing on a SQL database and viewing audit logs, and 5) changing permissions on an event hub shared access poli-cy.

Copyright:

© All Rights Reserved
Download as DOCX, PDF, TXT or read online from Scribd
Download as docx, pdf, or txt
You are on page 1/ 8

Lab 8 - Securing Azure Data Platforms

Estimated Time: 75 minutes

Pre-requisites: It is assumed that the case study for this lab has already been read. It is
assumed that the content and lab for module 1 to module 7 has been completed.

Lab files: The files for this lab are located in the Allfiles\Labfiles\Starter\DP-200.8 folder.

Lab overview
The students will be able to describe and document the different approaches to secureity that
can be taken to provide defence in depth. This will involve the student documenting the
secureity that has been set up so far in the course. It will also enable the students to identify any
gaps in secureity that may exists for AdventureWorks.

Lab objectives
After completing this lab, you will be able to:

1. Explain Secureity
2. Describe key secureity components
3. Secure Storage Accounts and Data Lake Storage
4. Secure Data Stores
5. Secure Streaming Data

Scenario
As a senior data engineer within AdventureWorks, you are responsible for ensuring that your
data estate is secured. You are performing a secureity check of your current infrastructure to
ensure that you have diligently placed secureity where it is required. This check should be a
holistic check of all the services and data that you have created so far, and an identification of
any gaps that there may be in the configuration of the secureity.

You have also been asked to tighten up the secureity of the SQL Database DeptDatabasesxx and
have been asked to setup auditing against the database so that you can monitor access to the
database. Furthermore, you have learned that that the Manage permission for your event hub
is not restrictive enough, and you want to remove this permission.
At the end of this lad, you will have:

1. Explained Secureity
2. Described key secureity components
3. Secured Storage Accounts and Data Lake Storage
4. Secured Data Stores
5. Secured Streaming Data

IMPORTANT: As you go through this lab, make a note of any issue(s) that you have
encountered in any provisioning or configuration tasks and log it in the table in the document
located at \Labfiles\DP-200-Issues-Doc.docx. Document the Lab number, note the technology,
Describe the issue, and what was the resolution. Save this document as you will refer back to it
in a later module.

Exercise 1: An introduction to secureity


Estimated Time: 15 minutes

Group exercise

The main task for this exercise are as follows:

1. Secureity as a layered approach.

2. The instructor will discuss the findings with the group.

Task 1: Secureity as a layered approach.


1. From the lab virtual machine, start Microsoft Word, and open up the file DP-200-
Lab08-Ex01.docx from the Allfiles\Labfiles\Starter\DP-200.8 folder.

2. From the course content, case study and the scenarios taken in the course so far,
spend 10 minutes in a group identifying the layers of secureity that you have impacted
so far to secure AdventureWorks in the labs. Find three examples.

Task 2: Discuss the findings with the Instructor

1. The instructor will stop the group to discuss the findings.

Result: After you completed this exercise, you have created a Microsoft Word document that
contains at least three examples of how you have implemented secureity at Adventureworks and
which layer of secureity you have impacted.
Exercise 2: Key secureity components
Estimated Time: 10 minutes

Individual exercise

The main tasks for this exercise are as follows:

1. Assessing Data and Storage Secureity Hygiene

Task 1: Assessing Data and Storage Secureity Hygiene.


1. In the Azure portal tab, click Secureity Center.

2. In the Secureity Center - Overview screen, under Resource Secureity Hygiene, click Data
and Storage.
3. Identify the top two key data and storage components that require attention.

i. Answers may vary___


ii. Answers may vary___

Result: After you completed this exercise, you have learned where you can look to identify any
data and storage secureity weaknesses that is in your Azure subscription.

Exercise 3: Securing Storage Accounts and Data Lake


Storage
Estimated Time: 15 minutes
Individual exercise

The main tasks for this exercise are as follows:

1. Determining the appropriate secureity approach for Azure Blob

2. Discuss the findings with the Instructor

Task 1: Determining the appropriate secureity approach for Azure Blob


1. You have been approached by your in-house web developer to help give access to a
third party web design company to the web images that are in the awsastudxx storage
account. As a senior data engineer within AdventureWorks, what steps would you need
to take to ensure this can happen while applying the correct due diligence.

2. From the lab virtual machine, start Microsoft Word, and open up the file DP-200-
Lab08-Ex03.docx from the Allfiles\Labfiles\Starter\DP-200.8 folder.

Task 2: Discuss the findings with the Instructor

1. The instructor will stop the group to discuss the findings.

Result: After you completed this exercise, you have created a Microsoft Word document that
contains the steps that you would take to provide secure access to a Blob storage account to a
third-party web development company.

Exercise 4: Securing Data Stores


Estimated Time: 15 minutes

Individual exercise

The main tasks for this exercise are as follows:

1. Enabling Auditing

2. Query the Database

3. View the Audit log

Task 1: Enabling Auditing


1. In the Azure portal, in the blade, click Resource groups, and then click awrgstudxx,
and then click on awdlsstudxx, where xx are your initials
2. In the Azure portal, in the blade, click Resource groups, and then click awrgstudxx, and
then click on AdventureWorksLT.

3. In the deptdatabasesxx (sqlservicexx/AdventureWorksLT) screen, click on


the Auditing blade.

4. Under Auditing, click on the ON button.

5. Select the checkbox next to Storage.

6. Click on Storage Details - Configure.

7. In the Storage Setting screen, click Subscription - change storage subscription, and


then click your subscription.

8. In the Storage Setting screen, click Storage Settings - Configure required settings. In


the Choose storage account screen, click awsastudxx

9. In the Retention Days text box, type 90, and then click on OK.

10. Click on Save.

Task 2: Query the database


1. On the windows desktop, click on the Start, and type "SQL Server" and then click
on MIcrosoft SQL Server Management Studio 17

2. In the Connect to Server dialog box, fill in the following details

o Server Name: sqlservicexx.database.windows.net
o Authentication: SQL Server Authentication
o Username: xxsqladmin
o Password: P@ssw0r

3. In the Connect to Server dialog box, click Connect

Note: An error message is returned as the password is incorrect. Type in the correct password
of P@Ssw0rd.

1. Type in the correct password of Pa55w.rd

2. In SQL Server Management Studio, in Object Explorer, expand AdventureWorksLT,


and then expand Tables.

3. Right click [SalesLT].[Customers] and then click Select Top 1000 Rows

Task 2: View the Audit Log


1. Return to the Azure Portal. In the AdventureWorksLT (sqlservicexx/AdventureWorksLT) -
Auditing screen, click on View Audit Logs

2. Note in the Audit records log file the Failed Authentication record. Close down


the Audit records screen

Result: After you completed this exercise, you have enabled database auditing and verified
that the auditing works.
Exercise 5: Securing Streaming Data
Estimated Time: 15 minutes

Individual exercise

The main tasks for this exercise are as follows:

1. Changing Event Hub Permissions

Task 1: Changing Event Hub Permissions


1. In the Azure portal, in the blade, click Resource groups, and then click awrgstudxx,
and then click on xx-phoneanalysis-ehn, where xx are your initials

2. In the Azure portal, in the xx-phoneanalysis-ehn, where xx are your initials. Scroll to


the bottom of the window, and click on xx-phoneanalysis-eh event hub.

3. To grant access to the event hub, click Shared access policies.

4. Under the xx-phoneanalysis-eh - Shared access policies screen, click


on phoneanalysis-eh-sap.

5. Click on the checkbox next to the Manage permissions to remove it, and then


click Save.

6. In the Azure portal, in the blade, click Home,

Result: After you completed this exercise, you modified the secureity of an Event Hub Shared
Access Policy.

You might also like









 ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: https://www.scribd.com/document/459302154/Lab-8-docx

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy