ASDM Outline - Azure Security for Decision Makers

Azure Security for Decision Makers (ASDM) – Outline

Detailed Course Outline

1 Public Cloud Security Challenges

1.1 Cybersecurity Threats
1.2 World's Biggest Data Breaches and Hacks: http://informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
1.3 Compliance Challenges
1.4 Overview of the security stack in the private and the public clouds
- 1.4.1 Security on-premises
- 1.4.2 Security in the Cloud

2 Identity and Access Management

2.1 Governance in Azure
2.2 Overview of the access to Azure
2.3 Resources access in Azure
2.4 Azure Role-based Access Control (RBAC)
2.5 Manage and Safeguard Identity
- 2.5.1 Azure Active Directory
  - 2.5.1.1 Overview
  - 2.5.1.2 Versions
  - 2.5.1.3 Azure Active Directory Connect
  - 2.5.1.4 Windows Hello for Business
- 2.5.2 Secure Web Apps
  - 2.5.2.1 Authentication
  - 2.5.2.2 HTTPS
  - 2.5.2.3 TLS Mutual Authentication
  - 2.5.2.4 MS Azure Web Application Firewall
2.6 Microsoft access to Azure
2.7 Securing the IaaS
- 2.7.1 Virtual networks, subnets, DDoS basic and standard protection
- 2.7.2 NSGs – per subnet and per network interface
- 2.7.3 UDRs – user-defined routes
2.8 Azure Access Protection
- 2.8.1 VPN Gateway
- 2.8.2 Express Route
- 2.8.3 Application Gateway and Load Balancers
- 2.8.4 Third-party Security Tools
  - 2.8.4.1 Firewalls – Barracuda, Cisco, F5, etc.
  - 2.8.4.2 Routers – Cisco, etc.
  - 2.8.4.3 Web Application Firewalls – Barracuda, Sophos, etc.

3 Information and Threat Protection

3.1 Data Loss Prevention
- 3.1.1 Azure Storage Security
  - 3.1.1.1 Azure Storage Service Encryption
    - 3.1.1.1.1 Management and Data Plane Security
    - 3.1.1.1.2 Encryption at Rest and in Transit
  - 3.1.1.2 Data Lake Store security
- 3.1.2 Azure SQL DB Transparent Data Encryption
  - 3.1.2.1 SQL Server Database Threat Protection
  - 3.1.2.2 Azure Key Vault + demo
3.2 Microsoft Azure Information Protection
3.3 Office 365 Considerations
- 3.3.1 Malware and Phishing – Advanced Threat Protection
- 3.3.2 Data Loss Prevention
- 3.3.3 Advanced Security Management
- 3.3.4 Office 365 Multi-Factor Authentication

4 Azure Security Management

4.1 Security monitoring and visibility
- 4.1.1 Azure Security Center + demo
- 4.1.2 Operations Management suite + demo
- 4.1.3 Microsoft Cloud App Security
- 4.1.4 Office 365 Secure Score
4.2 Threat Management
- 4.2.1 Azure Advisor + demo
4.3 MS Azure Compliance Manager with GDPR tracking - https://servicetrust.microsoft.com/ComplianceManager demo
4.4 MS Azure Government Cloud

5 Microsoft Security Suites

5.1 Enterprise Mobility + Security
- 5.1.1 EM+S E3
- 5.1.2 EM+S E5
- 5.1.3 Microsoft Intune

6 Azure Security Best Practices

Demos

MS Azure Marketplace Security – overview of the security offerings in the MA Azure marketplace. Microsoft and third-party security solutions for your cloud environment.
App Service Application Configuration with Azure Active Directory Login – configuring your application in App Service to use Azure AD.
Azure Security Center – overview and getting acquainted with the security monitoring application.
Azure Network Watcher – learn how to monitor and diagnose network and security issues in scenario-based situation.
Backup vault – managing backups in Azure
Key vault – managing keys, secrets and certificates in Azure.
MS Web Application Firewall – deploying WAF for your application.
Network Security Groups, User Defined Routes and Azure DNS – deploying network security for your cloud infrastructure.
Virtual network appliances in Azure – using third-party security appliance to protect your cloud infrastructure.
App Gateway – show WAF
Storage account – the security options
Azure SQL DB
Security center – enable data collection (agents)
Log Analytics
Backup and Recovery Vault
Azure AD Cloud App Discovery
Advisor