This course is an expert level course in Microsoft's cybersecurity course line. The course is aimed at professionals involved in the development and implementation of security strategies in organizations. Although previous experience is not mandatory, participants recommended have certification specialist in the field security , compliance and credentials such as AZ -500, SC -200 or SC -300, before passing of this course.
After its completion participants will acquire skills development and evaluation strategies cybersecurity in such important directions , such as Zero Trust , Risk Management and Compliance requirements (GRC), operations security (SecOps), and protection data and applications. In addition, they will learn design solutions based on models Zero Trust and determine requirements security for different cloud models infrastructures: SaaS, PaaS and IaaS.
This course will be an important step for those who want to better understand and implement modern approaches to cybersecurity. With the knowledge gained, you will be able to create effective security strategies for organizations, including using the Zero model Trust, the industry standard for ensuring security in an ever-evolving cyber threat environment. This course will enable you to become an expert in managing all aspects of cyber security and provide strategic direction for organizations, thereby strengthening their security and compliance.
After completing this course, students will be able to:
- what best practices are, how cybersecurity architects use them, and some key best practice frameworks for Microsoft cybersecurity capabilities. You also learn about the concept of Zero Trust, and how to get started with Zero Trust in an organization.
- about the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF) and how you can use them to design more secure solutions.
- about the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft cloud security benchmark (MCSB) and how you can use them to design more secure solutions.
- about common cyberthreats like ransomware and what kinds of attack patterns an organization must be prepared for.
- how to interpret and translate regulatory requirements into technical solutions. You'll also learn how to use capabilities found in Microsoft Purview, Microsoft Priva, and Defender for Cloud for compliance.
- about various strategies for managing identities and access to resources, including hybrid and multicloud scenarios, external identities, and conditional access.
- advanced techniques for designing solutions that manage privileged access effectively.
- techniques to design security operations capabilities including logging, auditing, Security Information and Event Management (SIEM), Security Orchestration and Automated Response (SOAR), and security workflows.
- how to design security solutions for Exchange, Sharepoint, OneDrive, and Teams.
- how to secure applications, APIs and the development process using techniques like posture management, threat modeling, and secure access for workload identities.
- about designing solutions that secure an organization's data using capabilities like Microsoft Purview, Defender for SQL, Defender for Storage.
- how to analyze security requirements for different cloud offerings (SaaS, PaaS, and IaaS), IoT workloads, web workloads and containers.
- how to design security posture management solutions that integrate into hybrid and multicloud scenarios using capabilities in Microsoft Defender for Cloud, Azure Arc and Microsoft Cloud Security Benchmark (MCSB).
- how to analyze the security requirements for different types of endpoints including servers, clients, IoT, OT, mobile, and embedded devices. These requirements take into account different platforms and operating systems and set standards for endpoint protection, hardening, and configuration.
- how to design secure network solutions using techniques like network segmentation, traffic filtering, network monitoring and posture management.
Audience Profile
This course is designed for:
- Experienced cloud security engineers who have previously obtained certifications in security, compliance, and identity, or have the relevant knowledge and skills. Specifically, the participant should have extensive experience and knowledge in security, including identity and access, platform security, security operations, data protection, and application security. The participant should have experience working with hybrid and cloud implementations.
- Architects security responsible for design cyber defense organizations.
- Technical leaders and managers of information technology security, developing politicians security and implementing them into the corporate IT infrastructure.
The course provides a deep understanding of the principles of construction modern architecture cybersecurity and prepares for the SC -100 certification exam.
Before attending this course, students must have:
- Conceptual knowledge of security policies, requirements, Zero Trust architecture, and management of hybrid environments.
- Working experience with Zero Trust strategies, applying security policies, and developing security requirements based on business goals.
- Advanced experience and knowledge in identity and access, platform protection, security operations, securing data and securing applications.
- Experience with hybrid and cloud implementations.
1. Design solutions that align with security best practices and priorities
- Introduction to Zero Trust and best practice frameworks
- Design security solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)
- Design solutions that align with the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft cloud security benchmark (MCSB)
- Design a resiliency strategy for ransomware and other attacks based on Microsoft Security Best Practices
- Case study: Design solutions that align with security best practices and priorities
2. Design security operations, identity, and compliance capabilities
- Design solutions for regulatory compliance
- Design solutions for identity and access management
- Design solutions for securing privileged access
- Design solutions for security operations
- Case study: Design security operations, identity, and compliance capabilities
3. Design security solutions for applications and data
- Design solutions for securing Microsoft 365
- Design solutions for securing applications
- Design solutions for securing an organization's data
- Case study: Design security solutions for applications and data
4. Design security solutions for infrastructure
- Specify requirements for securing SaaS, PaaS, and IaaS services
- Design solutions for security posture management in hybrid and multicloud environments
- Design solutions for securing server and client endpoints
- Design solutions for network security
- Case study: Design security solutions for infrastructure