About this course
In this course students will gain the knowledge and skills needed to implement security controls, maintain the security posture, and identify and remediate vulnerabilities by using a variety of security tools. The course covers scripting and automation, virtualization, and cloud N-tier architecture.
Audience profile
Students should have at least one year of hands-on experience securing Azure workloads and experience with security controls for workloads on Azure.
At course completion
After completing this course, students will be able to:
- Describe specialized data classifications on Azure
- Identify Azure data protection mechanisms
- Implement Azure data encryption methods
- Secure Internet protocols and how to implement them on Azure
- Describe Azure security services and features
Module 1: Manage Identity and Access
This module covers Azure Active Directory, Azure Identity Protection, Enterprise Governance, Azure AD PIM, and Hybrid Identity.
Lessons
- Azure Active Directory
- Azure Identity Protection
- Enterprise Governance
- Azure AD Privileged Identity Management
- Hybrid Identity
Lab : Role-Based Access Control
Lab : Azure Policy
Lab : Resource Manager Locks
Lab : MFA, Conditional Access and AAD Identity Protection
Lab : Azure AD Privileged Identity Management
Lab : Implement Directory Synchronization
After completing this module, students will be able to:
- Implement enterprise governance strategies including role-based access control, Azure policies, and resource locks.
- Implement an Azure AD infrastructure including users, groups, and multi-factor authentication.
- Implement Azure AD Identity Protection including risk policies, conditional access, and access reviews.
- Implement Azure AD Privileged Identity Management including Azure AD roles and Azure resources.
- Implement Azure AD Connect including authentication methods and on-premises directory synchronization.
Module 2: Implement Platform Protection
This module covers perimeter, network, host, and container security.
Lessons
- Perimeter Security
- Network Security
- Host Security
- Container Security
Lab : Network Security Groups and Application Security Groups
Lab : Azure Firewall
Lab : Configuring and Securing ACR and AKS
After completing this module, students will be able to:
- Implement perimeter security strategies including Azure Firewall.
- Implement network security strategies including Network Security Groups and Application Security Groups.
- Implement host security strategies including endpoint protection, remote access management, update management, and disk encryption.
- Implement container security strategies including Azure Container Instances, Azure Container Registry, and Azure Kubernetes.
Module 3: Secure Data and Applications
This module covers Azure Key Vault, application security, storage security, and SQL database security.
Lessons
- Azure Key Vault
- Application Security
- Storage Security
- SQL Database Security
Lab : Key Vault (Implementing Secure Data by setting up Always Encrypted)
Lab : Securing Azure SQL Database
Lab : Service Endpoints and Securing Storage
After completing this module, students will be able to:
- Implement Azure Key Vault including certificates, keys, and secretes.
- Implement application security strategies including app registration, managed identities, and service endpoints.
- Implement storage security strategies including shared access signatures, blob retention policies, and Azure Files authentication.
- Implement database security strategies including authentication, data classification, dynamic data masking, and always encrypted.
Module 4: Manage Security Operations
This module covers Azure Monitor, Azure Security Center, and Azure Sentinel.
Lessons
- Azure Monitor
- Azure Security Center
- Azure Sentinel
Lab : Azure Monitor
Lab : Azure Security Center
Lab : Azure Sentinel
After completing this module, students will be able to:
- Implement Azure Monitor including connected sources, log analytics, and alerts.
- Implement Azure Security Center including policies, recommendations, and just in time virtual machine access.
- Implement Azure Sentinel including workbooks, incidents, and playbooks.
Successful learners will have prior knowledge and understanding of:
- Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model.
- Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods.
- Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.
- Have experience with Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI.
Prerequisite courses (or equivalent knowledge and hands-on experience):
This free online training will give you the experience you need to be successful in this course.
- AZ-104: Manage identities and governance in Azure – Learn | Microsoft Docs
- AZ-104: Implement and manage storage in Azure – Learn | Microsoft Docs
- AZ-104: Configure and manage virtual networks for Azure administrators – Learn | Microsoft Docs
- AZ-104: Monitor and back up Azure resources – Learn | Microsoft Docs
- AZ-104: Deploy and manage Azure compute resources – Learn | Microsoft Docs
Pradžios data | Trukmė, d. | Kurso pavadinimas | Kaina, € | Statusas |
Užklausti | 2 | AZ-900T00: Microsoft Azure Fundamentals | 1000 | Organizuojamas |
Užklausti | 1 | DP-900T00: Microsoft Azure Data Fundamentals | 1100 | Organizuojamas |
Užklausti | 4 | AZ-104T00: Microsoft Azure Administrator | 1400 | Organizuojamas |
Užklausti | 2 | AZ-010T00: Azure Administration for AWS SysOps | 1000 | Organizuojamas |
Užklausti | 5 | AZ-204T00: Developing solutions for Microsoft Azure | 1500 | Organizuojamas |
Užklausti | 3 | AZ-020T00: Microsoft Azure solutions for AWS developers | 1200 | Organizuojamas |
Užklausti | 4 | AZ-500T00: Microsoft Azure Security Technologies | 1400 | Organizuojamas |
Užklausti | 5 | AZ-400T00: Designing and Implementing Microsoft DevOps solutions | 1500 | Organizuojamas |
Užklausti | 5 | AZ-303T00: Microsoft Azure Architect Technologies | 1500 | Organizuojamas |
Užklausti | 4 | AZ-304T00: Microsoft Azure Architect Design | 1400 | Organizuojamas |
Užklausti | 4 | AZ-030T00: Microsoft Azure technologies for AWS architects | 1400 | Organizuojamas |
Užklausti | 4 | DP-203T00: Data Engineering on Microsoft Azure | 1400 | Organizuojamas |
Užklausti | 4 | AI-102T00: Designing and Implementing a Microsoft Azure AI Solution | 1400 | Organizuojamas |
Užklausti | 3 | DP-100T01: Designing and Implementing a Data Science Solution on Azure | 1200 | Organizuojamas |
Užklausti | 4 | DP-300T00: Administering Relational Databases on Microsoft Azure | 1400 | Organizuojamas |