Differences

This shows you the differences between two versions of the page.

--- azure:az-500:platform_protection [2022/06/27 20:12] – [Front Door] mmuze
+++ azure:az-500:platform_protection [2022/07/22 00:42] (current) – mmuze
@@ Line 92: / Line 92: @@
       * The Service Endpoint route takes a higher precedence than the default route.
+{{ :azure:az-500:service-endpoints.png |}}
 ===== Private Endpoint =====
   * **Private Endpoint** allows you to connect your virtual network to services in Azure without a public IP address at the source or destination.
   * The key difference between Private Link and Service Endpoints is that with Private Link you are injecting the multi-tenant PaaS resource into your virtual network.
-  * With Service Endpoints, traffic still left you Vnet and hit the public endpoint of the PaaS resource, with Private Link the PaaS resource sits within your Vnet and gets a private IP on your Vnet. When you send traffic to the PaaS resource, it does not leave the virtual network.
+  * With Service Endpoints, traffic still leaves your Vnet and hits the public endpoint of the PaaS resource, with Private Link the PaaS resource sits within your Vnet and gets a private IP on your Vnet. When you send traffic to the PaaS resource, it does not leave the virtual network.
 {{ :azure:az-500:private-endpoint.png }}
@@ Line 104: / Line 105: @@
 This is sometimes referred to as back hauling.
+====== Disk Encryption ======
+  * Windows uses BitLock for disk encryption
+  * Linux uses DM-Crypt for disk encryption
+  * Disks are stored as page blobs in storage accounts
+  * Customer managed keys can be used and kept in Azure Key Vault
+====== Container Security ======
+  * ACR = Azure Container Registry
+  * [[https://docs.microsoft.com/en-us/azure/container-registry/container-registry-roles|ACR Roles]]