- Module 1: Use Microsoft Entra ID to you secure your internal, external, and customer identities.
In this module, you will:
- Describe the core terminology of Microsoft Entra ID.
- Describe the core features of Microsoft Entra ID.
- Describe the licensing models for Microsoft Entra ID.
- Module 2: Learn how to create users and groups in Microsoft Entra ID.
In this module, you will:
- Add users to Microsoft Entra ID.
- Manage app and resource access by using Microsoft Entra groups.
- Give guest users access in Microsoft Entra business to business (B2B).
- Module 3: Securely authenticate apps to Azure to manage and access Azure services. Service principals and managed identities give your app a Microsoft Entra identity.
In this module, you will:
- Identify the benefits of and use cases for service principals.
- Identify the benefits of using managed identities for Azure resources.
- Enable managed identity on an Azure VM.
- Use managed identity with Azure SDKs in applications.
- Module 4: Configure and manage secrets in Azure Key Vault
In this module, you will:
- Explore proper usage of Azure Key Vault
- Manage access to an Azure Key Vault
- Explore certificate management with Azure Key Vault
- Configure a Hardware Security Module Key-generation solution
- Module 5: Discover how to protect your APIs from unauthorized use with API keys and client certificate authentication.
In this module, you will:
- Use API keys to authorize access to your APIs
- Use client certificate authentication to secure your APIs
- Module 6: Monitor Microsoft Entra security events with built-in reporting and monitoring capabilities to prevent unauthorized access and potential data loss.
In this module, you will:
- Store Azure audit logs and sign-in activity logs in a Log Analytics workspace.
- Create alerts for security events in a Log Analytics workspace.
- Create and view dashboards to support improved monitoring.
- Module 7: Learn best practices for building, hosting, and maintaining a secure repository on GitHub.
In this module, you will:
- Identify the tools and GitHub features to establish a secure development strategy
- Enable vulnerable dependency detection for private repositories
- Detect and fix outdated dependencies with security vulnerabilities
- Automate the detection of vulnerable dependencies with Dependabot
- Add a security policy with a SECURITY.md file
- Remove a commit exposing sensitive data in a pull request
- Keep sensitive files out of your repository by applying the use of a .gitignore file
- Remove historical commits exposing sensitive data deep in your repository
- Module 8: Learn about post-incident reviews, a practice necessary to help you sustainably achieve the appropriate level of reliability in your systems, services, and products.
In this module you will:
- Discover the importance of learning from incidents
- Understand the aspects of complex systems that make learning from failure important
- Learn when and how to conduct a post-incident review
- Understand the purpose and goals of a post-incident review
- Learn the components that go into a good post-incident review
- Explore the Azure tools that can assist with getting started with post-incident reviews
- Become aware of common traps to avoid
- Identify helpful practices to conduct a better review
- Module 9: Learn the incident response fundamentals necessary to help you sustainably achieve the appropriate level of reliability in your systems, services, and products.
In this module you will:
- Learn the importance of effective incident response
- Gain an understanding of the lifecycle of an incident so we know just how to apply our efforts
- Learn the building blocks for constructing an incident response process that allows us to respond with urgency.
- Begin to track your incidents effectively using Azure DevOps tools.
- Explore ways to automate your incident tracking for a speedy and consistent response
- Understand the guidelines around communication that allow incident response to be more efficient
- Visit some Azure tools that can significantly speed up your remediation times during an incident
Overview
Syllabus
- Module 1: Module 1: Secure your identities by using Microsoft Entra ID
- Introduction
- Microsoft Entra overview
- Understand Microsoft Entra ID licenses and terminology
- Essential features of Microsoft Entra ID
- Get started with Microsoft Entra ID
- Summary
- Module 2: Module 2: Create Azure users and groups in Microsoft Entra ID
- Introduction
- What are user accounts in Microsoft Entra ID?
- Exercise - Add and delete users in Microsoft Entra ID
- Manage app and resource access by using Microsoft Entra groups
- Exercise - Assign users to Microsoft Entra groups
- Collaborate by using guest accounts and Microsoft Entra B2B
- Exercise - Give guest users access in Microsoft Entra B2B
- Summary
- Module 3: Module 3: Authenticate apps to Azure services by using service principals and managed identities for Azure resources
- Introduction
- Authentication with service principals in Microsoft Entra ID
- Authentication with managed identities
- Use managed identities with Azure virtual machines
- Exercise - Configure a system-assigned managed identity for an Azure VM
- Build applications by using Microsoft Entra managed identities
- Exercise - Configure a custom application in .NET by using managed identity
- Summary
- Module 4: Module 4: Configure and manage secrets in Azure Key Vault
- Introduction
- Guidelines for using Azure Key Vault
- Manage access to secrets, certificates, and keys
- Exercise - store secrets in Azure Key Vault
- Manage certificates
- Summary
- Module 5: Module 5: Control access to your APIs with Azure API Management
- Introduction
- What is API Management?
- Create subscriptions in Azure API Management
- Exercise - Create subscriptions in Azure API Management
- Use client certificates to secure access to an API
- Exercise - Use client certificates to secure access to an API
- Summary
- Module 6: Module 6: Monitor and report on security events in Microsoft Entra ID
- Introduction
- Use logs to detect suspicious activity
- Exercise - Set up and view sign-in logs and audit logs
- Integrate logs with a Log Analytics workspace
- Exercise - Integrate logs with a Log Analytics workspace
- Set and view alerts in your Log Analytics workspace
- Exercise - Set an alert in your Log Analytics workspace and view alerts
- Set up dashboards and reports to visualize log data
- Exercise - Set up a dashboard and add a report
- Summary
- Module 7: Module 7: Maintain a secure repository by using GitHub best practices
- Introduction
- How to maintain a secure GitHub repository
- Exercise - Add a .gitignore file
- Automated security
- Knowledge check
- Summary
- Module 8: Module 8: Improve your reliability with modern operations practices: Learning from failure
- Introduction
- Why learn from incidents?
- What is a post-incident review?
- Characteristics and components of a good post-incident review
- The post-incident review process
- Common traps to avoid
- Helpful practices for learning from failure
- Summary
- Module 9: Module 9: Improve your reliability with modern operations practices: Incident response
- Introduction
- Importance of incident response
- Characteristics and lifecycle of an incident
- Foundations of incident response
- Incident tracking
- Communication and collaboration
- Remediation
- Summary
