Seminarinhalt
Dieser Training beinhaltet Sicherheit für Identität und Zugriff, Plattformschutz, Daten und Anwendungen sowie Sicherheitsvorgänge.
Programm
Introduction to Microsoft Defender XDR threat protection
- Explore Extended Detection & Response (XDR) response use cases
- Understand Microsoft Defender XDR in a Security Operations Center (SOC)
- Explore Microsoft Security Graph
- Investigate security incidents in Microsoft Defender XDR
- Use the Microsoft Defender portal
- Manage incidents
- Investigate incidents
- Manage and investigate alerts
- Manage automated investigations
- Use the action center
- Explore advanced hunting
- Investigate Microsoft Entra sign-in logs
- Understand Microsoft Secure Score
- Analyze threat analytics
- Analyze reports
- Configure the Microsoft Defender portal
Remediate risks with Microsoft Defender for Office 365
- Introduction to Microsoft Defender for Office 365
- Automate, investigate, and remediate
- Configure, protect, and detect
- Simulate attacks
- Review identity protection basics
- Implement and manage user risk policy
- Exercise enable sign-in risk policy
- Exercise configure Microsoft Entra multifactor authentication registration policy
- Monitor, investigate, and remediate elevated risky users
- Implement security for workload identities
- Explore Microsoft Defender for Identity
- Introduction to Microsoft Defender for Identity
- Configure Microsoft Defender for Identity sensors
- Review compromised accounts or data
- Integrate with other Microsoft tools
- Understand the Defender for Cloud Apps Framework
- Explore your cloud apps with Cloud Discovery
- Protect your data and apps with Conditional Access App Control
- Walk through discovery and access control with Microsoft Defender for Cloud Apps
- Classify and protect sensitive information
- Detect Threats
- Microsoft cloud security benchmark: Identity management and privileged access
- What is Microsoft Entra ID?
- Secure Microsoft Entra users
- Create a new user in Microsoft Entra ID
- Secure Microsoft Entra groups
- Recommend when to use external identities
- Secure external identities
- Implement Microsoft Entra Identity Protection
- Microsoft Entra Connect
- Microsoft Entra Cloud Sync
- Authentication options
- Password hash synchronization with Microsoft Entra ID
- Microsoft Entra pass-through authentication
- Federation with Microsoft Entra ID
- What is Microsoft Entra authentication?
- Implement multifactor authentication (MFA)
- Kerberos authentication
- New Technology Local Area Network Manager (NTLM)
- Passwordless authentication options for Microsoft Entra ID
- Implement passwordless authentication
- Implement password protection
- Microsoft Entra ID single sign-on
- Implement single sign-on (SSO)
- Integrate single sign-on (SSO) and identity providers
- Introduction to Microsoft Entra Verified ID
- Configure Microsoft Entra Verified ID
- Recommend and enforce modern authentication protocols
- Azure management groups
- Configure Azure role permissions for management groups, subscriptions, resource groups, and resources
- Azure role-based access control
- Azure built-in roles
- Assign Azure role permissions for management groups, subscriptions, resource groups, and resources
- Microsoft Entra built-in roles
- Assign built-in roles in Microsoft Entra ID
- Microsoft Entra role-based access controlCreate and assign a custom role in Microsoft Entra ID
- Zero Trust security
- Microsoft Entra Privileged Identity Management
- Configure Privileged Identity Management
- Microsoft Entra ID governance
- Identity lifecycle management
- Lifecycle workflows
- Entitlement management
- Delegation and roles in entitlement management
- Access reviews
- Configure role management and access reviews by using Microsoft Entra ID governance
- Implement Conditional Access policies for Cloud Resources in Azure
- Azure lighthouse overview
- Module assessment
- Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants
- Manage app registrations in Microsoft Entra ID
- Configure app registration permission scopes
- Manage app registration permission consent
- Manage and use service principals
- Manage managed identities for Azure resources
- Recommend when to use and configure a Microsoft Entra Application Proxy, including authentication
- Module assessment
- Microsoft Cloud Security Benchmark: Data Protection, Logging and Threat Detection, and Network Security
- What is an Azure Virtual Network
- Azure Virtual Network Manager
- Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs)
- Plan and implement User-Defined Routes (UDRs)
- Plan and implement Virtual Network peering or gateway
- Plan and implement Virtual Wide Area Network, including secured virtual hub
- Secure VPN connectivity, including point-to-site and site-to-site
- Azure encryption
- What is Azure Virtual Network encryption
- Azure ExpressRoute
- Implement encryption over ExpressRoute
- Configure firewall settings on Azure resources
- Monitor network security by using Network Watcher
- Plan and implement security for private access for Azure resources
- Plan and implement security for public access to Azure resources
- Plan and implement virtual network Service Endpoints
- Plan and implement Private Endpoints
- Plan and implement Private Link services
- Plan and implement network integration for Azure App Service and Azure Functions
- Plan and implement network security configurations for an App Service Environment (ASE)
- Plan and implement network security configurations for an Azure SQL Managed Instance
- Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management
- Plan, implement, and manage an Azure Firewall, Azure Firewall Manager and firewall policies
- Plan and implement an Azure Application Gateway
- Plan and implement a Web Application Firewall (WAF)
- Plan and implement an Azure Front Door, including Content Delivery Network (CDN)
- Recommend when to use Azure DDoS Protection Standard
Plan and implement for virtual networks
- Microsoft Cloud Security Benchmark: Data Protection, Logging and Threat Detection, and Network Security
- What is an Azure Virtual Network
- Azure Virtual Network Manager
- Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs)
- Plan and implement User-Defined Routes (UDRs)
- Plan and implement Virtual Network peering or gateway
- Plan and implement Virtual Wide Area Network, including secured virtual hub
- Secure VPN connectivity, including point-to-site and site-to-site
- Azure encryption
- What is Azure Virtual Network encryption
- Azure ExpressRoute
- Implement encryption over ExpressRoute
- Configure firewall settings on Azure resources
- Monitor network security by using Network Watcher
- Plan and implement virtual network Service Endpoints
- Plan and implement Private Endpoints
- Plan and implement Private Link services
- Plan and implement network integration for Azure App Service and Azure Functions
- Plan and implement network security configurations for an App Service Environment (ASE)
- Plan and implement network security configurations for an Azure SQL Managed Instance
Plan and implement security for public access to Azure resources
- Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management
- Plan, implement, and manage an Azure Firewall, Azure Firewall Manager and firewall policies
- Plan and implement an Azure Application Gateway
- Plan and implement a Web Application Firewall (WAF)
- Plan and implement an Azure Front Door, including Content Delivery Network (CDN)
- Recommend when to use Azure DDoS Protection Standard
Secure compute, storage, and databases
Plan and implmenet advanced security for compute
- Plan and implement remote access to public endpoints, Azure Bastion and just-in-time (JIT) virtual machine (VM) access
- What is Azure Kubernetes Service?
- Configure network isolation for Azure Kubernetes Service (AKS)
- Secure and monitor Azure Kubernetes Service
- Configure authentication for Azure Kubernetes Service
- Configure security for Azure Container Instances (ACIs)
- Configure security for Azure Container Apps (ACAs)
- Manage access to Azure Container Registry (ACR)
- Configure disk encryption, Azure Disk Encryption (ADE), encryption as host, and confidential disk encryption
- Recommend security configurations for Azure API Management
- Plan and implement security for storage
- Plan and implement security for Azure SQL Database and Azure SQL Managed Instance
- Azure Storage
- Configure access control for storage accounts
- Manage life cycle for storage account access keys
- Select and configure an appropriate method for access to Azure Files
- Select and configure an appropriate method for access to Azure Blobs
- Select and configure an appropriate method for access to Azure Tables
- Select and configure an appropriate method for access to Azure Queues
- Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage
- Configure Bring your own key (BYOK)
- Enable double encryption at the Azure Storage infrastructure level
- Azure SQL Database and SQL Managed Instance security
- Enable Microsoft Entra database authentication
- Enable and monitor database audit
- Identify use cases for the Microsoft Purview governance portal
Implement and manage enforcement of cloud governance policies
- Microsoft cloud security benchmark: Access, Data, Identity, Network, Endpoint, Governance, Recovery, Incident, and Vulnerability Management
- Azure governance
- Create, assign, and interpret security policies and initiatives in Azure Policy
- Deploy secure infrastructures by using a landing zone
- Azure Key Vault
- Azure Key Vault security
- Azure Key Vault authentication
- Create and configure an Azure Key Vault
- Recommend when to use a dedicated Hardware Security Module (HSM)
- Configure access to Key Vault, including vault access policies and Azure role-based access control
- Manage certificates, secrets, and keys
- Configure key rotation
- Configure backup and recovery of certificates, secrets, and keys
- Implement security controls to protect backups
- Implement security controls for asset management
- Implement Microsoft Defender for Cloud
- Identify and remediate security risks by using the Microsoft Defender for Cloud Secure Score and Inventory
- Assess compliance against security frameworks and Microsoft Defender for Cloud
- Add industry and regulatory standards to Microsoft Defender for Cloud
- Add custom initiatives to Microsoft Defender for Cloud
- Connect hybrid cloud and multicloud environments to Microsoft Defender for Cloud
- Implement and use Microsoft Defender External Attack Surface Management
- Enable workload protection services in Microsoft Defender for Cloud
- Defender for Servers
- Defender for Storage
- Malware scanning in Defender for Storage
- Detect threats to sensitive data
- Deploy Microsoft Defender for Storage
- Enable configure Azure built-in policy
- Configure Microsoft Defender plans for Servers, Databases, and Storage
- Implement and manage Microsoft Defender Vulnerability Management
- Log Analytics workspace
- Manage data retention in a Log Analytics workspace
- Deploy the Azure Monitor Agent
- Collect data with Azure Monitor Agent
- Data collection rules (DCRs) in Azure Monitor
- Transformations in data collection rules (DCRs)
- Monitor network security events and performance data by configuring data collection rules (DCRs) in Azure Monitor
- Connect your Azure subscriptions
- Just-in-time machine access
- Enable just-in-time access
- Container security in Microsoft Defender for Containers
- Managed Kubernetes threat factors
- Defender for Containers architecture
- Configure Microsoft Defender for Containers components
- Microsoft Defender for Cloud DevOps Security
- DevOps Security support and prerequisites
- DevOps environment security posture
- Connect your GitHub lab environment to Microsoft Defender for Cloud
- Configure the Microsoft Security DevOps GitHub action
- Defender for Cloud AI threat protection
- Enable threat protection for AI workloads in Defender for Cloud
- Gain application and end-user context for AI alerts
Configure and manage security monitoring and automation solutions
- Manage and respond to security alerts in Microsoft Defender for Cloud
- Configure workflow automation by using Microsoft Defender for Cloud
- Log retention plans in Microsoft Sentinel
- Alerts and Incidents from Microsoft Sentinel
- Configure data connectors in Microsoft Sentinel
- Enable analytics rules in Microsoft Sentinel
- Configure automation in Microsoft Sentinel
- Automating Threat Response with Microsoft Sentinel
Manage security controls for identity and access
- Microsoft cloud security benchmark: Identity management and privileged access
- What is Microsoft Entra ID?
- Secure Microsoft Entra users
- Create a new user in Microsoft Entra ID
- Secure Microsoft Entra groups
- Recommend when to use external identities
- Secure external identities
- Implement Microsoft Entra Identity Protection
- Microsoft Entra Connect
- Microsoft Entra Cloud Sync
- Authentication options
- Password hash synchronization with Microsoft Entra ID
- Microsoft Entra pass-through authentication
- Federation with Microsoft Entra ID
- What is Microsoft Entra authentication?
- Implement multifactor authentication (MFA)
- Kerberos authentication
- New Technology Local Area Network Manager (NTLM)
- Passwordless authentication options for Microsoft Entra ID
- Implement passwordless authentication
- Implement password protection
- Microsoft Entra ID single sign-on
- Implement single sign-on (SSO)
- Integrate single sign-on (SSO) and identity providers
- Introduction to Microsoft Entra Verified ID
- Configure Microsoft Entra Verified ID
- Recommend and enforce modern authentication protocols
- Azure management groups
- Configure Azure role permissions for management groups, subscriptions, resource groups, and resources
- Azure role-based access control
- Azure built-in roles
- Assign Azure role permissions for management groups, subscriptions, resource groups, and resources
- Microsoft Entra built-in roles
- Assign built-in roles in Microsoft Entra ID
- Microsoft Entra role-based access control
- Create and assign a custom role in Microsoft Entra ID
- Zero Trust security
- Microsoft Entra Privileged Identity Management
- Configure Privileged Identity Management
- Microsoft Entra ID governance
- Identity lifecycle management
- Lifecycle workflows
- Entitlement management
- Delegation and roles in entitlement management
- Access reviews
- Configure role management and access reviews by using Microsoft Entra ID governance
- Implement Conditional Access policies for Cloud Resources in Azure
- Azure lighthouse overview
- Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants
- Manage app registrations in Microsoft Entra ID
- Configure app registration permission scopes
- Manage app registration permission consent
- Manage and use service principals
- Manage managed identities for Azure resources
- Recommend when to use and configure a Microsoft Entra Application Proxy, including authentication
Zielgruppen
Vorkenntnisse
- Verständnis bewährter Sicherheitsmethoden und Branchensicherheitsanforderungen, z. B. tiefgehende Verteidigung (Defense in Depth), Zugriff mit geringstmöglichen Berechtigungen, rollenbasierte Zugriffssteuerung, mehrstufige Authentifizierung, gemeinsame Verantwortung und Zero Trust-Modell
- Vertrautheit mit Sicherheitsprotokollen wie VPN (Virtual Private Networks), IPsec (Internet Security Protocol), SSL (Secure Socket Layer), Datenträger- und Datenverschlüsselungsmethoden Erfahrung mit der Bereitstellung von Azure-Workloads In diesem Kurs werden nicht die Grundlagen der Azure-Verwaltung behandelt. Vielmehr baut der Kursinhalt auf diesem Wissen auf und ergänzt es um sicherheitsspezifische Informationen.
- Erfahrung mit Windows- und Linux-Betriebssystemen und Skriptsprachen Kurslabs können PowerShell und die CLI verwenden.
Trainings zur Vorbereitung
Wichtige Information
Das Ablegen des Examens führt zum Zertifizierungsstatus: Microsoft Azure Security Engineer
Super Schulung, vielleicht etwas konkurrierend mit SC-200 und schwer zu trennen? 1 Stern Abzug weil die Labs leider outdated/problematisch waren.
Microsoft Azure Security Technologies
23.08.2024Super Schulung, vielleicht etwas konkurrierend mit SC-200 und schwer zu trennen? 1 Stern Abzug weil die Labs leider outdated/problematisch waren.
— Lukas S.Sehr gut aufbereitet
Microsoft Azure Security Technologies
31.01.2023Sehr gut aufbereitet
— Ernst S.Alles bestens
Microsoft Azure Security Technologies
19.04.2022Alles bestens
— Peter B.