Технологии безопасности в Microsoft Azure (AZ-500T00)

Целевая аудитория

• Системные администраторы
• Сотрудники отдела информационной безопасности, занимающиеся настройкой и организацией защиты в облачной инфраструктуре Microsoft Azure.

Предварительные требования

Слушатели должны иметь по крайней мере один год практического опыта защиты Azure и опыт работы с элементами управления безопасностью в Azure.

Приобретаемые знания и навыки

По окончании курса слушатели смогут:

• Описать специализированные классификаций данных в Azure
• Определить механизмы защиты данных Azure
• Реализовать методы шифрования данных Azure
• Настраивать безопасность Интернет-протоколов в Azure
• Описание служб и возможностей в безопасности Azure

Программа курса

Module 1: Secure Azure solutions with Microsoft Entra ID

• Configure Microsoft Entra ID and Microsoft Entra Domain Services for security
• Create users and groups that enable secure usage of your tenant
• Use MFA to protect user's identities
• Configure passwordless security options

Module 2: Implement Hybrid identity

• Deploy Microsoft Entra Connect
• Pick and configure that best authentication option for your security needs
• Configure password writeback

Module 3: Deploy Microsoft Entra ID protection

• Deploy and configure Identity Protection
• Configure MFA for users, groups, and applications
• Create Conditional Access policies to ensure your security
• Create and follow an access review process

Module 4: Configure Microsoft Entra privileged identity management

• Describe Zero Trust and how it impacts security
• Configure and deploy roles using Privileged Identity Management (PIM)
• Evaluate the usefulness of each PIM setting as it relates to your security goals

Module 5: Design an enterprise governance strategy

• Explain the shared responsibility model and how it impacts your security configuration
• Create Azure policies to protect your solutions
• Configure and deploy access to services using RBAC

Module 6: Implement perimeter security

• Define defense in depth
• Protect your environment from denial-of-service attacks
• Secure your solutions using firewalls and VPNs
• Explore your end-to-end perimeter security configuration based on your security posture

Module 7: Configure network security

• Deploy and configure network security groups to protect your Azure solutions
• Configure and lockdown service endpoints and private links
• Secure your applications with Application Gateway, Web App Firewall, and Front Door
• Configure ExpressRoute to help protect your network traffic

Module 8: Configure and manage host security

• Configure and deploy Endpoint Protection
• Deploy a privileged access strategy for devices and privileged workstations
• Secure your virtual machines and access to them
• Deploy Windows Defender
• Practice layered security by reviewing and implementing Security Center and Security Benchmarks

Module 9: Enable Containers security

• Define the available security tools for containers in Azure
• Configure security settings for containers and Kubernetes services
• Lock down network, storage, and identity resources connected to your containers
• Deploy RBAC to control access to containers

Module 10: Deploy and secure Azure Key Vault

• Define what a key vault is and how it protects certificates and secrets
• Deploy and configure Azure Key Vault
• Secure access and administration of your key vault
• Store keys and secrets in your key vault
• Explore key security considers like key rotation and backup / recovery

Module 11: Configure application security features

• Register an application in Azure using app registration
• Select and configure which Microsoft Entra users can access each application
• Configure and deploy web app certificates

Module 12: Implement storage security

• Define data sovereignty and how that is achieved in Azure
• Configure Azure Storage access in a secure and managed way
• Encrypt your data while it is at rest and in transit
• Apply rules for data retention

Module 13: Configure and manage SQL database security

• Configure which users and applications have access to your SQL databases
• Block access to your servers using firewalls
• Discover, classify, and audit the use of your data
• Encrypt and protect your data while is it stored in the database.

Module 14: Configure and manage Azure Monitor

• Configure and monitor Azure Monitor
• Define metrics and logs you want to track for your Azure applications
• Connect data sources to and configure Log Analytics
• Create and monitor alerts associated with your solutions security

Module 15: Enable and manage Microsoft Defender for Cloud

• Define the most common types of cyber-attacks
• Configure Azure Security Center based on your security posture
• Review Secure Score and raise it
• Lock down your solutions using Security Center and Defender
• Enable Just-in-Time access and other security features

Module 16: Configure and monitor Microsoft Sentinel

• Explain what Azure Sentinel is and how it is used
• Deploy Azure Sentinel
• Connect data to Azure Sentinel, like Azure Logs, Microsoft Entra ID, and others
• Track incidents using workbooks, playbooks, and hunting techniques

Документы об окончании курса

• Сертификат Microsoft об окончании авторизованного курса
• Сертификат Учебного центра Noventiq
• Cертификат об обучении установленного образца