This course provides IT Security Professionals with the knowledge and skills needed to implement security controls, maintain an organization’s security posture, and identify and remediate security vulnerabilities. This course includes security for identity and access, platform protection, data and applications, and security operations.

Målgrupp

This course is for Azure Security Engineers who are planning to take the associated certification exam, or who are performing security tasks in their day-to-day job. This course would also be helpful to an engineer that wants to specialise in providing security for Azure-based digital platforms and play an integral role in protecting an organization's data.

Förkunskaper

Security best practises and industry security requirements such as defence in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model.

Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods.

Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.

Have experience with Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI.

Utbildningsmål

• Secure identities with Azure Active Directory and users and groups.
  Configure and manage hybrid identity.
• Deploy and maintain identity protection and privileged identity in Azure.
• Design and manage an enterprise governance strategy for your security profile.
• Configure and manage network and perimeter security solutions to protect your Azure environment.
• Manage the security of any hosts and containers running in your environment.
• Deploy and configure Azure Key Vault.
  Implement and manage application security features to lock down application access and functionality.
• Implement and maintain storage and database security.
  Configure Azure Monitor and Microsoft Defender for Clouds to protect and monitor security operations.
• Analyse your security with Microsoft Sentinel.

Innehåll

Module 1: Manage Identity and Access

• Manage Identities in Microsoft Entra ID
• Manage authentication by using Microsoft Entra ID
• Manage authorisation by using Microsoft Entra ID
• Manage application access in Microsoft Entra ID

Module 2: Secure Networking

• Plan and Implement Security for Virtual Networks
• Plan and Implement Security for Private Access to Azure Resources
• Plan and Implement Security for Public Access to Azure Resources

Module 3: Secure Compute, Storage, and Databases

• Plan and Implement Advanced Security for Compute
• Plan and Implement Security for Storage
• Plan and Implement Security for Azure SQL Database and Azure SQL Managed Instance

Module 4: Manage Security Operations

• Plan, Implement, and Manage Governance for Security
• Configure Data Collection in Azure Monitor
• Manage Security Posture by Using Microsoft Defender for Cloud
• Configure and Manage Threat Protection by Using Microsoft Defender for Cloud
• Configure and Manage Security Monitoring and Automation Solutions