- Module 1: Learn to regulate network traffic to your Azure resources by configuring and applying network security groups in the Azure portal, improving your network's security posture.
By the end of this training module, participants will:
- Understand the purpose and benefits of using Azure NSG to filter network traffic.
- Learn how to create and configure NSGs to enforce access controls for Azure resources.
- Gain insights into how NSGs can be used to allow or deny specific types of traffic based on source, destination, and port.
- Understand how to prioritize NSG rules and leverage Azure NSG flow logs for monitoring and troubleshooting.
- Recognize the role of NSGs in implementing network security best practices in Azure.
- Module 2: Learn to create a Log Analytics workspace within the Azure portal, enabling robust data collection and analysis for Microsoft Defender for Cloud to enhance your security posture.
By the end of this training module, participants will:
- Understand the importance of a centralized logging solution like Azure Log Analytics workspace for Microsoft Defender for Cloud.
- Learn how to create and configure a Log Analytics workspace in Azure.
- Gain insights into collecting and analyzing security data from Microsoft Defender for Cloud within the Log Analytics workspace.
- Understand how to create custom queries and alerts to proactively detect security threats and incidents.
- Recognize the benefits of integrating Log Analytics workspace with other Azure services and tools.
- Module 3: Discover how to leverage Microsoft Defender for Cloud through the Azure portal to ensure the security of your Azure services and workloads, offering continuous threat detection and prevention.
By the end of this training module, participants will:
- Understand the features and benefits of Microsoft Defender for Cloud, Microsoft Security Benchmark, Security Recommendations, and Defender for Cloud Secure Score.
- Learn how to leverage these tools to monitor, protect, and improve the security of cloud environments.
- Explore the MITRE Attack Matrix to identify common attack techniques and prioritize security efforts.
- Understand the concept of Brute Force Attacks and the importance of implementing preventive measures.
- Familiarize yourself with Just in Time Virtual Machine to implement fine-grained access controls for enhanced security.
- Module 4: Discover how to set up and integrate a Log Analytics agent with a workspace in Defender for Cloud using the Azure portal, enhancing security data analysis capabilities.
By the end of this training module, participants will:
- Understand the importance of a centralized log collection and analysis solution in Microsoft Defender for Cloud.
- Learn how to configure and deploy the Log Analytics agent in Azure.
- Gain insights into creating and configuring a Log Analytics workspace for Defender for Cloud.
- Understand how to integrate the Log Analytics workspace with Defender for Cloud to collect and analyze security logs.
- Recognize the benefits of leveraging centralized log analytics for proactive security monitoring and threat detection.
- Module 5: Learn to configure Azure Key Vault networking settings via the Azure portal, enabling secure access control to your vault, protecting sensitive keys and secrets.
By the end of this training module, participants will:
- Understand the importance of configuring networking settings for Azure Key Vault in ensuring secure access and communication.
- Learn how to configure network access control for Azure Key Vault using virtual network service endpoints and private endpoints.
- Gain insights into configuring firewall rules and virtual network service endpoints to restrict access to Key Vault.
- Understand the process of configuring private endpoints to securely access Key Vault from virtual networks.
- Recognize the benefits of properly configuring networking settings for Azure Key Vault in enhancing overall security.
- Module 6: Learn how to securely connect an Azure SQL server using an Azure Private Endpoint via the Azure portal, ensuring private and safe communication with your SQL server.
By the end of this training module, participants will:
- Understand the importance of using Azure Private Endpoint to establish secure connections to Azure SQL Server.
- Learn how to configure and create an Azure Private Endpoint for Azure SQL Server in the Azure portal.
- Gain insights into the network architecture and components involved in setting up an Azure Private Endpoint.
- Understand how to validate and test the connection between the Azure Private Endpoint and Azure SQL Server.
- Recognize the benefits of using Azure Private Endpoint for securing database connections and isolating network traffic.
Overview
Syllabus
- Module 1: Module 1: Filter network traffic with a network security group using the Azure portal
- Introduction
- Azure resource group
- Azure Virtual Network
- How network security groups filter network traffic
- Application security groups
- Exercise - Create a virtual network infrastructure
- Knowledge check
- Summary
- Module 2: Module 2: Create a Log Analytics workspace for Microsoft Defender for Cloud
- Introduction
- Defender for Cloud monitoring components
- Exercise - Create a workspace
- Knowledge check
- Summary
- Module 3: Module 3: Set up Microsoft Defender for Cloud
- Introduction
- Implement Microsoft Defender for Cloud
- Security posture
- Workload protections
- Deploy Microsoft Defender for Cloud
- Exercise - Enable Defender for Cloud on your Azure subscription
- Azure Arc
- Azure Arc capabilities
- Microsoft cloud security benchmark
- Improve your regulatory compliance.
- Configure Microsoft Defender for Cloud policies
- View and edit security policies
- Manage and implement Microsoft Defender for Cloud recommendations
- Explore secure score
- MITRE Attack matrix
- Define brute force attacks
- Understand just-in-time VM access
- Implement just-in-time VM access
- Exercise - Enable just-in-time access on Virtual Machines
- Knowledge check
- Summary
- Module 4: Module 4: Configure and integrate a Log Analytics agent and workspace in Defender for Cloud
- Introduction
- Collect data from your workloads with the Log Analytics agent
- Configure the Log Analytics agent and workspace
- Exercise - Collect data from your workloads with the Log Analytics agent
- Knowledge check
- Summary
- Module 5: Module 5: Configure Azure Key Vault networking settings
- Introduction
- Azure Key Vault basic concepts
- Best practices for Azure Key Vault
- Azure Key Vault security
- Configure Azure Key Vault firewalls and virtual networks
- Exercise - Configure Key Vault firewall and virtual networks
- Azure Key Vault soft delete overview
- Virtual network service endpoints for Azure Key Vault
- Exercise - Configure Azure Key Vault recovery management with soft delete and purge protection
- Knowledge check
- Summary
- Module 6: Module 6: Connect an Azure SQL server using an Azure Private Endpoint using the Azure portal
- Introduction
- Azure Private Endpoint
- Azure Private Link
- Exercise - Deploy a virtual machine to test connectivity privately and securely to the SQL server across the private endpoint
- Knowledge check
- Summary