Skip to main content

Microsoft Azure Security Essentials

Course

Intro Video

Photo of John Toler

John Toler

Training Architect

Length

08:00:00

Difficulty

Beginner

Videos

47

Hands-on Labs

3

Course Details

This course is designed to help you gain high-level knowledge on some of the important capabilities when it comes to securing the Azure platform.

We will cover Azure security concepts, terminology and architecture. We will also look at security as it relates to identity, compute, networking, and other Azure resources.

The course is also designed to provide insight into the trustworthy foundation provided by Azure with many configurable security options to best suit your organizational needs.

Syllabus

Course Introduction

What to Expect

00:03:23

Lesson Description:

This course is designed to bring out some of the core security technologies with an Azure Defense in-depth approach and cater to those individuals that may be new to Azure or may not carry an extensive security background. Security is everyone's job, and this course will help facilitate that mindset, all while maintaining confidentiality, integrity, and availability of customer data.

Security in the Cloud

Introduction into Azure Security

00:04:22

Lesson Description:

This course offers a high-level view of Azure security and many of the concepts that focus on decreasing the attack surfaces and improving security posture. Whether you are new to the cloud or want to know more about the security Azure offers, this course will be useful for you.

Shared Responsibilities

00:10:01

Lesson Description:

In the shared responsibility model for Azure, it is important to understand that the cloud offers a considerable advantage for security and compliance. However, customers still have to be responsible for protecting their users, applications, and other service offerings. This video outlines these responsibilities between customers and cloud service providers.

Transparency

Securing Customer Data in Azure Services

00:08:22

Lesson Description:

This video outlines the importance of data protection, which has several options, but also emphasizes how Microsoft values the protection of your data through their own transparent policies and being your Cloud Service Provider (CSP).

Managing Data Location in Azure Services

00:07:43

Lesson Description:

At a high level, this video represents some of the geographical and regional locations and services Azure has to offer. This is important in knowing what is available for your region and how the infrastructure and services may be deployed in the future for optimization and resiliency in the cloud.

Who Can Access Your Data and on What Terms?

00:06:14

Lesson Description:

In this short video lesson, we talk about the importance of data protection, talk at a high level over data classification, and reference AIP (Azure Information Protection) as one of the centerpieces to adding defense depth and layers to your data.

Review Certification for Azure Services, Transparency Hub

00:07:50

Lesson Description:

Due to the amount of data that is being created, stored, and shared, the task of maintaining security and compliance has become complex. Managing compliance in the cloud is important and learn about some of the key features with the Microsoft compliance score with opportunities to utilize and navigate through the Microsoft Trust Center to assist with these compliance and control requirements.

Conclusion

00:04:52

Lesson Description:

In this video we are wrapping up and concluding section three, and running through a quick review of what was covered throughout Transparency.

Identity and Access Management

Secure Identity

00:10:33

Lesson Description:

In this video, we describe the framework and some of the key processes that outline Identity Access Management and the capabilities in relation to Microsoft Azure and controls that have been put in place to add extra layers of security with a defense-in-depth approach.

Secure Apps and Data

00:08:01

Lesson Description:

Identity and Access Management is one of the most important ways to secure access to data in applications for both on-premise and in the cloud. This video teaches the fundamental concepts of how some of this technology works and incorporates important navigational tips in relation to the Azure platform and the easily accessible Microsoft documentation.

Role-Based Access Control (RBAC)

00:07:31

Lesson Description:

In this video, we learn some of the basic concepts around Role-Based Access control (RBAC) and how this interacts with other aspects of the Azure platform. Studies have proven when using RBAC, it helps to promote a better security posture for many organizations of all types. This is about some of the basics in role permissions and role-to-role relationships. Azure makes this easy to understand with the built-in technologies.

Conclusion

00:06:32

Lesson Description:

In this video, we are wrapping up and concluding section four, and running through a quick review over what we covered throughout Identity and Access Management.

Operations

Security and the Audit Dashboard

00:07:07

Lesson Description:

This video represents some of the basics when it comes to defining the data that is getting collected in the Azure environment. Some of these tools can allow you to see some of these audit and security features.

Application Insights

00:03:07

Lesson Description:

This lesson covers how Application Insights has been transformed into an extension for application monitoring, and can also be used from a security perspective to assist with analyzing data.

Azure Monitor

00:05:28

Lesson Description:

Azure Monitor is one of the key solutions designed to collect the telemetry data for both cloud and on-premises environments. Take a walk through this overview to learn some of the foundational components that bring this data together.

Azure Monitor Logs

00:05:46

Lesson Description:

It is important to know that you are collecting the right kind of data for your environment and that it is being done securely. This lesson breaks this down to explain how the data being collected for your environment also maintains a level of compliance and security hygiene.

Azure Advisor

00:07:59

Lesson Description:

Not quite the same as "Clippy" The Office Assistant, though Azure Advisor does assist in making best practice decisions and helps optimize deployments in your environments for high availability, security, performance, and cost optimization.

Azure Security Center

00:04:44

Lesson Description:

This lesson is a high-level view of the Security Center with the intended approach to connect the data and logs that we talked about throughout section 5 of this course. We then offer a visual in relation to how monitoring data is being ingested.

Conclusion

00:06:42

Lesson Description:

In this video, we are wrapping up and concluding section five by running through a quick review of what was covered throughout the Operations section.

Storage

Shared Access Signature

00:09:54

Lesson Description:

Shared Access Signature (SAS) provides an extra layer of security to storage accounts and clients by limiting the permissions and allowing better control and management over access. The objective of this lesson is to learn about the forms of SAAS, the service types it has to offer, and see some of its risk mitigation capabilities.

Encryption in Transit

00:02:38

Lesson Description:

This short lesson covers the importance of protecting data that is being transmitted across networks and how the process works.

Encryption at Rest

00:03:00

Lesson Description:

Encryption at Rest is important for data protection, and this lesson covers some of these attributes as well as Azure's integration into Key Vault to help protect and offer a more robust key management system.

Storage Analytics

00:06:21

Lesson Description:

This section is an overview of the storage data that can be aggregated into various solutions as an extension of the Azure platform. This explains how the logging is captured, which is important not only for metrics-driven data but also for the potential security anomalies that could be happening in the environment.

Enabling Browser-Based Clients Using CORS

00:08:33

Lesson Description:

This lesson describes how domains can allow each other to have access to different resources through the cross-origin resource sharing model. This allows different domain web traffic to communicate with one another through cross-domain scripting.

Conclusion

00:03:06

Lesson Description:

In this video, we are wrapping up and concluding section six, and running through a quick review of what we covered throughout Storage.

Networking

Network Layer Controls

00:06:10

Lesson Description:

In this video lesson, we discuss the topology of Network Layer Controls and how this limits the connectivity between different subnets and represents the foundation of network security.

Network Security Groups (NSG)

00:07:23

Lesson Description:

Network Security Groups play an important role in providing an extra layer of security within your infrastructure. This video demonstrates this concept through the easy to use tools that are available through the Azure portal.

Route Control and Forced Tunneling

00:07:05

Lesson Description:

This lesson's focus is on the Azure ability to control routing, which is critical to the security on your network. This covers some of the concepts pertaining to this technology.

Application Gateway

00:04:04

Lesson Description:

Azure Application Gateway is a web traffic load balancer that has routing and decision making capabilities to manage traffic to your hosted web applications. In this video, we explain this concept and provide a brief walkthrough on the setup from the Azure portal.

Web Application Firewall

00:03:42

Lesson Description:

Web Application Firewall is designed to provide protection through means of delivery control and protect against web application vulnerabilities. In this short lesson, these concepts are explained along with how to use them in the Azure portal. This is another way to add layered protection without having to worry about the underlining infrastructure.

Security Center

00:16:22

Lesson Description:

This lesson covers a walkthrough of the Security Center. When this solution identifies security and compliance issues, it can alert and report the information, which can help send you down the path of remediation.

Conclusion

00:05:48

Lesson Description:

In this video, we are wrapping up and concluding section seven, and running through a quick review of what we covered throughout Networking.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:45:00

Compute

Antimalware and Antivirus

00:06:32

Lesson Description:

Layered approaches are important for cloud as well as any hybrid environment. It is important to have a base understanding of some of the Azure security extensions that can be added to assist with this layered approach and real-time protection. This video has a short demonstration on how to achieve this through the Azure Portal.

Hardware Security Module

00:13:42

Lesson Description:

In Azure, there are options for storing keys from Key Vault in FIPS (Federal Information Processing Standards)certified hardware security modules. This section provides insight into how these can be implemented and some of the benefits with key management in Azure Key Vault.

SQL VM TDE

00:08:19

Lesson Description:

Encryption needs to take place in transit and at rest. This section covers some of the basic concepts for SQL transparent data encryption at rest with some of the common terms and usage to accomplish this functionality.

VM Disk Encryption

00:03:14

Lesson Description:

This is a short tutorial that explains the requirements for encryption on Windows and Linux operating systems through the Azure portal.

Patch Updates

00:03:13

Lesson Description:

This is a high-level overview running through a quick scenario on how to push out and update virtual machines.

Security Policy and Management and Reporting

00:07:01

Lesson Description:

This is a quick lesson covering some of the fundamentals when working with Security Policies from the Azure Portal.

Conclusion

00:04:46

Lesson Description:

In this video, we are wrapping up and concluding section four, and running through a quick review of what was covered throughout Identity and Access Management.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

02:00:00

Secure Platform

Security Development Cycle and Internal Audits

00:08:34

Lesson Description:

This video discussion centers on the importance of strategically aligning your design and concepts around the Security Development Cycle with an overall emphasis on best practices.

Mandatory Security Training and Background Checks

00:02:05

Lesson Description:

This short video stresses the importance of having employees in your organization complete mandatory security awareness training, and also shows an example from Microsoft on how they represent this as an audit control.

Penetration Testing, Intrusion Detection, DDoS, Audits, and Logging

00:03:19

Lesson Description:

This video includes examples of audit controls provided by Microsoft resources pertaining to Penetration Testing, Intrusion Detection, DDoS, Audits, and Logging. This also introduces some of the threat-protection and solutions that are available from Microsoft.

State of the Art Data Centers, Physical Security, and Secure Networks

00:04:02

Lesson Description:

This lesson highlights the key attributes to perimeter security from a physical and logical concept. From the Data Centers to the Secured Networks, all of these provide defense and in-depth layered protection for your data.

Security Incident Response and Shared Responsibility

00:04:06

Lesson Description:

This lesson provides a high-level understanding of the world of incident response and how it applies to the cloud as well as traditional on-premise technology.

Conclusion

00:03:40

Lesson Description:

In this video, we wrap up and conclude section nine and run through a quick review of what we covered throughout the Secure Platform.

Wrapping Up

Additional Resources

00:04:26

Lesson Description:

This video provides additional online resources when it comes to Azure security and some of the topics discussed in this essentials course.

What's Next?

00:01:31

Lesson Description:

This video gives a high-level explanation over the next options one could pursue in the Azure space or even gain some of the cloud-focused experiences from the Microsoft role-based certification roadmap and learning sites.

Take this course and learn a new skill today.

Transform your learning with our all access plan.

Start 7-Day Free Trial