Module 1: Secure Azure solutions with Microsoft Entra ID
- Configure Microsoft Entra ID and Microsoft Entra Domain Services for security
- Create users and groups that enable secure usage of your tenant
- Use MFA to protect user's identities
- Configure passwordless security options
Module 2: Implement Hybrid identity
- Deploy Microsoft Entra Connect
- Pick and configure that best authentication option for your security needs
- Configure password writeback
Module 3: Deploy Microsoft Entra ID protection
- Deploy and configure Identity Protection
- Configure MFA for users, groups, and applications
- Create Conditional Access policies to ensure your security
- Create and follow an access review process
Module 4: Configure Microsoft Entra privileged identity management
- Describe Zero Trust and how it impacts security
- Configure and deploy roles using Privileged Identity Management (PIM)
- Evaluate the usefulness of each PIM setting as it relates to your security goals
Module 5: Design an enterprise governance strategy
- Explain the shared responsibility model and how it impacts your security configuration
- Create Azure policies to protect your solutions
- Configure and deploy access to services using RBAC
Module 6: Implement perimeter security
- Define defense in depth
- Protect your environment from denial-of-service attacks
- Secure your solutions using firewalls and VPNs
- Explore your end-to-end perimeter security configuration based on your security posture
Module 7: Configure network security
- Deploy and configure network security groups to protect your Azure solutions
- Configure and lockdown service endpoints and private links
- Secure your applications with Application Gateway, Web App Firewall, and Front Door
- Configure ExpressRoute to help protect your network traffic
Module 8: Configure and manage host security
- Configure and deploy Endpoint Protection
- Deploy a privileged access strategy for devices and privileged workstations
- Secure your virtual machines and access to them
- Deploy Windows Defender
- Practice layered security by reviewing and implementing Security Center and Security Benchmarks
Module 9: Enable Containers security
- Define the available security tools for containers in Azure
- Configure security settings for containers and Kubernetes services
- Lock down network, storage, and identity resources connected to your containers
- Deploy RBAC to control access to containers
Module 10: Deploy and secure Azure Key Vault
- Define what a key vault is and how it protects certificates and secrets
- Deploy and configure Azure Key Vault
- Secure access and administration of your key vault
- Store keys and secrets in your key vault
- Explore key security considers like key rotation and backup / recovery
Module 11: Configure application security features
- Register an application in Azure using app registration
- Select and configure which Microsoft Entra users can access each application
- Configure and deploy web app certificates
Module 12: Implement storage security
- Define data sovereignty and how that is achieved in Azure
- Configure Azure Storage access in a secure and managed way
- Encrypt your data while it is at rest and in transit
- Apply rules for data retention
Module 13: Configure and manage SQL database security
- Configure which users and applications have access to your SQL databases
- Block access to your servers using firewalls
- Discover, classify, and audit the use of your data
- Encrypt and protect your data while is it stored in the database.
Module 14: Configure and manage Azure Monitor
- Configure and monitor Azure Monitor
- Define metrics and logs you want to track for your Azure applications
- Connect data sources to and configure Log Analytics
- Create and monitor alerts associated with your solutions security
Module 15: Enable and manage Microsoft Defender for Cloud
- Define the most common types of cyber-attacks
- Configure Azure Security Center based on your security posture
- Review Secure Score and raise it
- Lock down your solutions using Security Center and Defender
- Enable Just-in-Time access and other security features
Module 16: Configure and monitor Microsoft Sentinel
- Explain what Azure Sentinel is and how it is used
- Deploy Azure Sentinel
- Connect data to Azure Sentinel, like Azure Logs, Microsoft Entra ID, and others
- Track incidents using workbooks, playbooks, and hunting techniques