I hope you've enjoyed learning about managing data protection and security compliance in Microsoft Azure. Let's review what you've learned. 

The Azure Key Vault allows you to create encryption keys and to also import existing keys. Using the add Azure Key Vault key power cell command allows you to perform both functions. You learned how to create a new software protected key in the Vault as well as how to import an existing PFX file from your workstation into the Vault using the add Azure Key Vault key power cell command. Although Security Center automatically creates a default security policy for each of your Azure subscriptions, you'll often find that you need to specially configure certain aspects of your policy. Through the Azure Security Center you can define and assess security policies that help protect your Azure resources. You can manage conditional access to VMs with access policies and harden them against malware with application policies. 

You also learned how to provision just in time virtual machine access to reduce attack exposure of your VMs by denying persistent access to VMs via policies. In addition to configuring security options to protect your VMs you also learned how to triage security alerts and how to investigate alerts and incidents using the security center. In addition to robust security features, Azure also offers the ability to provide access to applications via single sign-on using federation or password-based authentication. You learned how to configure both options. 

In addition to learning how to configure single sign-on, you also learned how to assign users and groups to applications as an administrator using the Azure portal. Additionally, you learned how to provision self-serve application access to allow end users to discover applications. As an extension to the single sign-on capabilities that Azure offers, a key feature of Azure security is the ability to configure federation with public consumer identity providers such as Facebook. You learned in this course how to configure Facebook as an identity provider for an Azure application. This allows you to leverage Facebook authentication for access to applications. 

The topics covered in this course map very closely to those covered in the 70-533 exam. Mastering the concepts in this course is critical to preparing for this exam. To learn more about managing data protection and security compliance in Azure, you can read Microsoft's documentation. Be sure to also watch for new Microsoft Azure courses on CloudAcademy because we're always publishing new ones. Please give this course a rating and if you have any questions or comments, please let us know. Thanks for watching and happy learning.