Topics Covered:
Shared responsibility and defense-in-depth models.
Introduction to the Zero-Trust model.
Encryption, hashing, and authentication basics.
Core compliance concepts.
Learning Outcomes:
Understand security models and their application in Microsoft solutions.
Explain the principles of the Zero-Trust security framework.
Identify the differences between encryption and hashing techniques.
Recognize key compliance and regulatory requirements.
Topics Covered:
Authentication vs. authorization.
Identity as the new security perimeter.
Microsoft Entra ID overview and identity types.
Learning Outcomes:
Differentiate authentication and authorization mechanisms.
Understand the role of identity in cloud security.
Identify the various identity types supported by Microsoft Entra ID.
Topics Covered:
Authentication methods, including Multifactor Authentication (MFA).
Self-service password reset (SSPR) and password management.
Conditional Access and role-based access control (RBAC).
Learning Outcomes:
Implement secure authentication strategies using MFA.
Configure and manage password security features in Microsoft Entra ID.
Apply Conditional Access policies to enhance identity protection.
Topics Covered:
Identity governance and lifecycle management.
Privileged Identity Management (PIM).
Threat detection with Microsoft Entra ID Protection.
Learning Outcomes:
Implement identity governance to manage user access.
Utilize PIM to secure privileged accounts.
Detect and mitigate identity-based security threats.
Topics Covered:
Azure Security Center and Microsoft Defender for Cloud.
Virtual machine (VM) security and network protection.
Data encryption and Azure Key Vault.
Learning Outcomes:
Monitor and enhance security using Defender for Cloud.
Secure virtual machines and network resources in Azure.
Protect sensitive data with encryption and key management.
Topics Covered:
Microsoft Purview compliance solutions.
Information protection and governance.
Risk management and audit tools.
Learning Outcomes:
Understand Microsoft’s compliance offerings and regulatory frameworks.
Implement data loss prevention (DLP) and information protection strategies.
Use compliance tools to assess and manage security risks.