In this course the student will learn about the capabilities of the Azure platform for protecting public cloud and hybrid workloads. From there the student will explore the tools and services available to them to protect and lock down their own services and protect their identities. This course will also focus on general best practices for security.
This course is a mixture of:
40% Hands-On Labs
25% Architectural Case Studies
What You Will Learn
MODULE 1:Introduction to Azure Platform Security
In this module, students will learn how Microsoft Azure is architecture and what protections are put in place to protect customers from attacks.
MODULE 2:Managing Identities with Azure AD
In this module, students will learn the different cloud identity solutions that are provided by Azure Active Directory, and how to integrate them in a hybrid environment with your on-premises identity solution.
Students will first be introduced to the issues with identity in today’s cloud-first world. Then there will be a thorough examination of several Azure Active Directory features, across the different service tiers available today. Starting from the Azure AD Connect synchronization tool, we move to providing knowledge around the differences between Azure AD B2B/B2C and how to deploy them. Azure Active Directory Domain Services will be explored, after which we detail the integration with Office 365. The course is ended with an extensive mapping of Azure AD connect with ADFS Federation and the newest Azure AD Pass-through authentication.
MODULE 3:Azure Network Security
In this module, students will learn how to use features such as Network Security Groups and Azure routing to deploy secure networking solutions in Azure. Topics will include deploying firewall solutions from the Azure marketplace to create a DMZ in Azure.
MODULE 4: Implementing Azure Governance
In this module, students will learn how to use the built-in controls and services such as role based access control (RBAC), policies, and Azure monitor to control who, what and where Azure services can be managed.
MODULE 5: Encryption and Key Management
In this module, students will learn how to use Azure Key Vault to securely store and access secrets as well as using Azure Virtual Machine disk encryption to protect data in Azure.
MODULE 6: Securing Azure Services
In this module, students will learn capabilities for deploying Azure services in a secure manner. Students will learn how certain services such as Azure App Service Environment, SQL Database, Site Recovery, and several others protect your data from attack. Azure Security center will also be discussed in-depth to learn how it can be used to detect and respond to attacks.