- Module 1: In this module, you’ll use the alert capabilities of Microsoft Defender for Cloud to watch for and respond to threats.
- View security alerts in Microsoft Defender for Cloud
- Define an incident response plan
- Use a Workflow automation to automate a security response
- Module 2: Explore the options for Azure disk encryption to encrypt OS and data disks on existing and new virtual machines.
- Determine which encryption method is best for your VM
- Encrypt existing virtual machine disks using the Azure portal
- Encrypt existing virtual machine disks using PowerShell
- Modify Azure Resource Manager templates to automate disk encryption on new VMs
- Module 3: Learn how to create an Azure Key Vault to store secret values and how to enable secure access to the vault.
- Explore what types of information can be stored in Azure Key Vault
- Create an Azure Key Vault and use it to store secret configuration values
- Enable secure access to the vault from an Azure App Service web app with managed identities for Azure resources
- Implement a web application that retrieves secrets from the vault
- Module 4: Learn how to use Azure role-based access control to effectively manage your team’s access to Azure resources.
- Verify access to resources for yourself and others
- Grant access to resources
- View activity logs of Azure RBAC changes
- Module 5: Secure the traffic from your users all the way to your web servers by enabling TLS encryption on Application Gateway.
- Implement TLS encryption between your users and Application Gateway
- Implement TLS encryption between Application Gateway and your web servers
- Module 6: Identify the data in your organization and store it on Azure. Store secrets securely, and use client-side encryption and Storage Service Encryption to help protect your data.
- Identify the types of data that your organization is using and the security requirements for that data
- Identify the encryption capabilities for services on Azure
- Module 7: Secure an Azure SQL database to keep the information safe and diagnose potential security concerns as they happen.
- Control network access to your Azure SQL Database using firewall rules
- Control user access to your Azure SQL Database using authentication and authorization
- Protect your data in transit and at rest
- Audit and monitor your Azure SQL Database for access violations
- Module 8: Keep tabs on security events in your Azure AD resources by using built-in reporting and monitoring capabilities. Respond to events as they happen, and address security risks before they become a problem.
- Store Azure audit activity and sign-in activity logs in Azure Monitor.
- Create alerts for security events in Azure Monitor.
- Create and view dashboards to support improved monitoring.
In this module, you will:
In this module, you will:
In this module, you will:
In this module, you will:
In this module, you will:
In this module, you will:
In this module, you will:
In this module, you will: