Detailed Course Outline
1 Public Cloud Security Challenges
- 1.1 Cybersecurity Threats
- 1.2 World's Biggest Data Breaches and Hacks: http://informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
- 1.3 Compliance Challenges
- 1.4 Overview of the security stack in the private and the public clouds
- 1.4.1 Security on-premises
- 1.4.2 Security in the Cloud
2 Identity and Access Management
- 2.1 Governance in Azure
- 2.2 Overview of the access to Azure
- 2.3 Resources access in Azure
- 2.4 Azure Role-based Access Control (RBAC)
- 2.5 Manage and Safeguard Identity
- 2.5.1 Azure Active Directory
- 2.5.1.1 Overview
- 2.5.1.2 Versions
- 2.5.1.3 Azure Active Directory Connect
- 2.5.1.4 Windows Hello for Business
- 2.5.2 Secure Web Apps
- 2.5.2.1 Authentication
- 2.5.2.2 HTTPS
- 2.5.2.3 TLS Mutual Authentication
- 2.5.2.4 MS Azure Web Application Firewall
- 2.5.1 Azure Active Directory
- 2.6 Microsoft access to Azure
- 2.7 Securing the IaaS
- 2.7.1 Virtual networks, subnets, DDoS basic and standard protection
- 2.7.2 NSGs – per subnet and per network interface
- 2.7.3 UDRs – user-defined routes
- 2.8 Azure Access Protection
- 2.8.1 VPN Gateway
- 2.8.2 Express Route
- 2.8.3 Application Gateway and Load Balancers
- 2.8.4 Third-party Security Tools
- 2.8.4.1 Firewalls – Barracuda, Cisco, F5, etc.
- 2.8.4.2 Routers – Cisco, etc.
- 2.8.4.3 Web Application Firewalls – Barracuda, Sophos, etc.
3 Information and Threat Protection
- 3.1 Data Loss Prevention
- 3.1.1 Azure Storage Security
- 3.1.1.1 Azure Storage Service Encryption
- 3.1.1.1.1 Management and Data Plane Security
- 3.1.1.1.2 Encryption at Rest and in Transit
- 3.1.1.2 Data Lake Store security
- 3.1.1.1 Azure Storage Service Encryption
- 3.1.2 Azure SQL DB Transparent Data Encryption
- 3.1.2.1 SQL Server Database Threat Protection
- 3.1.2.2 Azure Key Vault + demo
- 3.1.1 Azure Storage Security
- 3.2 Microsoft Azure Information Protection
- 3.3 Office 365 Considerations
- 3.3.1 Malware and Phishing – Advanced Threat Protection
- 3.3.2 Data Loss Prevention
- 3.3.3 Advanced Security Management
- 3.3.4 Office 365 Multi-Factor Authentication
4 Azure Security Management
- 4.1 Security monitoring and visibility
- 4.1.1 Azure Security Center + demo
- 4.1.2 Operations Management suite + demo
- 4.1.3 Microsoft Cloud App Security
- 4.1.4 Office 365 Secure Score
- 4.2 Threat Management
- 4.2.1 Azure Advisor + demo
- 4.3 MS Azure Compliance Manager with GDPR tracking - https://servicetrust.microsoft.com/ComplianceManager demo
- 4.4 MS Azure Government Cloud
5 Microsoft Security Suites
- 5.1 Enterprise Mobility + Security
- 5.1.1 EM+S E3
- 5.1.2 EM+S E5
- 5.1.3 Microsoft Intune
6 Azure Security Best Practices
- 6.1 Azure network security best practices
- 6.2 Azure data security and encryption best practices
- 6.3 Azure identity management and access control security best practices
- 6.4 Azure database security best practices
- 6.5 Azure VM Security Best Practices
Demos
- MS Azure Marketplace Security – overview of the security offerings in the MA Azure marketplace. Microsoft and third-party security solutions for your cloud environment.
- App Service Application Configuration with Azure Active Directory Login – configuring your application in App Service to use Azure AD.
- Azure Security Center – overview and getting acquainted with the security monitoring application.
- Azure Network Watcher – learn how to monitor and diagnose network and security issues in scenario-based situation.
- Backup vault – managing backups in Azure
- Key vault – managing keys, secrets and certificates in Azure.
- MS Web Application Firewall – deploying WAF for your application.
- Network Security Groups, User Defined Routes and Azure DNS – deploying network security for your cloud infrastructure.
- Virtual network appliances in Azure – using third-party security appliance to protect your cloud infrastructure.
- App Gateway – show WAF
- Storage account – the security options
- Azure SQL DB
- Security center – enable data collection (agents)
- Log Analytics
- Backup and Recovery Vault
- Azure AD Cloud App Discovery
- Advisor