This module explores foundational concepts of security, compliance and identity including governance models, threat landscape, and identity as a security perimeter.
Lessons:
Describe the shared responsibility model, defense-in-depth and Zero Trust approaches.
Explain encryption, hashing and foundational data-security mechanisms.
Understand identity versus access: the role of authentication and authorisation in cloud services.
Recognize how compliance frameworks underpin risk management and governance in IT.
Shared responsibility model and defence-in-depth strategy
Zero Trust principles and identity as the new perimeter
Authentication vs authorisation, directory services and federation
Governance, risk and compliance (GRC) concepts and their relevance in cloud contexts
Encryption, hashing, data-security fundamentals and their role in SCI
This module covers Microsoft s identity platforms and access-management services, including identity types, authentication methods and governance controls.
Lessons:
Describe the function and types of identities in Microsoft Entra ID (formerly Azure AD).
Configure authentication methods, multi-factor authentication and self-service password reset.
Implement role-based access control (RBAC), conditional access and privileged identity management.
Review governance capabilities such as identity protection, monitoring and lifecycle management.
Microsoft Entra ID service and identity types (user, device, workload, external)
Authentication methods (password, MFA, SSPI, self-service reset)
Role-based access control (RBAC), conditional access, privileged identity management
Identity protection, governance and audit-capabilities in cloud identity platforms
Access-management best practices in hybrid and cloud-native environments
This module addresses the security-service portfolio of Microsoft including infrastructure protection, threat detection, SIEM/SOAR and unified protection across environments.
Lessons:
Outline core infrastructure-security services in Microsoft Azure and Microsoft 365.
Summarise how Microsoft Defender, Azure Security Centre and Azure Sentinel provide threat protection.
Describe management-capabilities for cloud security posture, policy enforcement and vulnerability management.
Recognize how endpoint protection and unified XDR (Extended Detection & Response) operate in Microsoft environments.
Infrastructure security services: network, compute, identity, data-surface protection
Microsoft Defender, Azure Security Centre, Sentinel: threat detection, incident response, SIEM/SOAR
Cloud-security posture management, policy initiatives and vulnerability reduction
Endpoint security, XDR and integration of security operations across cloud and on-premises
Security monitoring, alerting, incident-response workflows and analytics in Microsoft platform
This module covers compliance tools and services including data-protection, governance, audit, insider risk and aligned capabilities within Microsoft cloud-ecosystem.
Lessons:
Explain data-governance, classification, sensitivity labels and information-protection services.
Describe insider-risk management, eDiscovery, audit and records-management functions in Microsoft 365/Entra.
Outline compliance-manager features, regulatory-compliance dashboards and service-trust-portals.
Understand resource-governance capabilities in Azure and how they support compliance frameworks.
Information-protection (classification, labeling), DLP (Data-Loss Prevention) and governance tools
Insider-risk management, eDiscovery, audit trails and compliance-reporting in Microsoft services
Compliance Manager, Service Trust Portal and regulatory dashboards
Resource-governance in Azure: policy, blueprint, management groups and compliance-alignment
Data-lifecycle management, records-management, retention policies and regulatory frameworks
