Module 1: Build an overall security strategy and architecture
Learn how to build an overall security strategy and architecture.
Lessons:
- Introduction.
- Zero Trust overview.
- Develop Integration points in an architecture.
- Develop security requirements based on business goals.
- Translate security requirements into technical capabilities.
- Design security for a resiliency strategy.
- Design a security strategy for hybrid and multi-tenant environments.
- Design technical and governance strategies for traffic filtering and segmentation.
- Understand security for protocols.
- Exercise: Build an overall security strategy and architecture.
- Knowledge check.
- Summary.
After completing this module, students will be able to:
- Develop Integration points in an architecture.
- Develop security requirements based on business goals.
- Translate security requirements into technical capabilities.
- Design security for a resiliency strategy.
- Design security strategy for hybrid and multi-tenant environments.
- Design technical and governance strategies for traffic filtering and segmentation.
Module 2: Design a security operations strategy
Learn how to design a security operations strategy.
Lessons:
- Introduction.
- Understand security operations frameworks, processes, and procedures.
- Design a logging and auditing security strategy.
- Develop security operations for hybrid and multi-cloud environments.
- Design a strategy for Security Information and Event Management (SIEM) and Security Orchestration.
- Evaluate security workflows.
- Review security strategies for incident management.
- Evaluate security operations strategy for sharing technical threat intelligence.
- Monitor sources for insights on threats and mitigations.
After completing this module, students will be able to:
- Design a logging and auditing security strategy.
- Develop security operations for hybrid and multi-cloud environments.
- Design a strategy for Security Information and Event Management (SIEM) and Security Orchestration, A.
- Evaluate security workflows.
- Review security strategies for incident management.
- Evaluate security operations for technical threat intelligence.
- Monitor sources for insights on threats and mitigations.
Module 3: Design an identity security strategy
Learn how to design an identity security strategy.
Lessons:
- Introduction.
- Secure access to cloud resources.
- Recommend an identity store for security.
- Recommend secure authentication and security authorization strategies.
- Secure conditional access.
- Design a strategy for role assignment and delegation.
- Define Identity governance for access reviews and entitlement management.
- Design a security strategy for privileged role access to infrastructure.
- Design a security strategy for privileged activities.
- Understand security for protocols.
After completing this module, students will be able to:
- Recommend an identity store for security.
- Recommend secure authentication and security authorization strategies.
- Secure conditional access.
- Design a strategy for role assignment and delegation.
- Define Identity governance for access reviews and entitlement management.
- Design a security strategy for privileged role access to infrastructure.
- Design a security strategy for privileged access.
Module 4: Evaluate a regulatory compliance strategy
Learn how to evaluate a regulatory compliance strategy.
Lessons:
- Introduction.
- Interpret compliance requirements and their technical capabilities.
- Evaluate infrastructure compliance by using Microsoft Defender for Cloud.
- Interpret compliance scores and recommend actions to resolve issues or improve security.
- Design and validate implementation of Azure Policy.
- Design for data residency Requirements.
- Translate privacy requirements into requirements for security solutions.
After completing this module, students will be able to:
- Interpret compliance requirements and their technical capabilities.
- Evaluate infrastructure compliance by using Microsoft Defender for Cloud.
- Interpret compliance scores and recommend actions to resolve issues or improve security.
- Design and validate implementation of Azure Policy.
- Design for data residency requirements.
- Translate privacy requirements into requirements for security solutions.
Module 5: Evaluate security posture and recommend technical strategies to manage risk
Learn how to evaluate security posture and recommend technical strategies to manage risk.
Lessons:
- Introduction.
- Evaluate security postures by using benchmarks.
- Evaluate security postures by using Microsoft Defender for Cloud.
- Evaluate security postures by using Secure Scores.
- Evaluate security hygiene of Cloud Workloads.
- Design security for an Azure Landing Zone.
- Interpret technical threat intelligence and recommend risk mitigations.
- Recommend security capabilities or controls to mitigate identified risks.
After completing this module, students will be able to:
- Evaluate security postures by using benchmarks.
- Evaluate security postures by using Microsoft Defender for Cloud.
- Evaluate security postures by using Secure Scores.
- Evaluate security hygiene of Cloud Workloads.
- Design security for an Azure Landing Zone.
- Interpret technical threat intelligence and recommend risk mitigations.
- Recommend security capabilities or controls to mitigate identified risks.
Module 6: Understand architecture best practices and how they are changing with the Cloud
Learn about architecture best practices and how they are changing with the Cloud.
Lessons:
- Introduction.
- Plan and implement a security strategy across teams.
- Establish a strategy and process for proactive and continuous evolution of a security strategy.
- Understand network protocols and best practices for network segmentation and traffic filtering.
After completing this module, students will be able to:
- Describe best practices for network segmentation and traffic filtering.
- Plan and implement a security strategy across teams.
- Establish a strategy and process for proactive and continuous evaluation of security strategy.
Module 7: Design a strategy for securing server and client endpoints
Learn how to design a strategy for securing server and client endpoints.
Lessons:
- Introduction.
- Specify security baselines for server and client endpoints.
- Specify security requirements for servers.
- Specify security requirements for mobile devices and clients.
- Specify requirements for securing Active Directory Domain Services.
- Design a strategy to manage secrets, keys, and certificates.
- Design a strategy for secure remote access.
- Understand security operations frameworks, processes, and procedures.
- Understand deep forensics procedures by resource type.
After completing this module, students will be able to:
- Specify security baselines for server and client endpoints.
- Specify security requirements for servers.
- Specify security requirements for mobile devices and clients.
- Specify requirements for securing Active Directory Domain Services.
- Design a strategy to manage secrets, keys, and certificates.
- Design a strategy for secure remote access.
- Understand security operations frameworks, processes, and procedures.
- Understand deep forensics procedures by resource type.
Module 8: Design a strategy for securing PaaS, IaaS, and SaaS services
Learn how to design a strategy for securing PaaS, IaaS, and SaaS services.
Lessons:
- Introduction.
- Specify security baselines for PaaS services.
- Specify security baselines for IaaS services.
- Specify security baselines for SaaS services.
- Specify security requirements for IoT workloads.
- Specify security requirements for data workloads.
- Specify security requirements for web workloads.
- Specify security requirements for storage workloads.
- Specify security requirements for containers.
- Specify security requirements for container orchestration.
After completing this module, students will be able to:
- Specify security baselines for PaaS, SaaS and IaaS services.
- Specify security requirements for IoT, data, storage, and web workloads.
- Specify security requirements for containers and container orchestration.
Module 9: Specify security requirements for applications
Learn how to specify security requirements for applications.
Lessons:
- Introduction.
- Understand application threat modeling.
- Specify priorities for mitigating threats to applications.
- Specify a security standard for onboarding a new application.
- Specify a security strategy for applications and APIs.
After completing this module, students will be able to:
- Specify priorities for mitigating threats to applications.
- Specify a security standard for onboarding a new application.
- Specify a security strategy for applications and APIs.
Module 10: Design a strategy for securing data
Learn how to design a strategy for securing data.
Lessons:
- Introduction.
- Prioritize mitigating threats to data.
- Design a strategy to identify and protect sensitive data.
- Specify an encryption standard for data at rest and in motion.
After completing this module, students will be able to:
- Prioritize mitigating threats to data.
- Design a strategy to identify and protect sensitive data.
- Specify an encryption standard for data at rest and in motion.