Microsoft Azure Security Essentials
This course is designed to help you gain high-level knowledge on some of the important capabilities when it comes to securing the Azure platform.
We will cover Azure security concepts, terminology and architecture. We will also look at security as it relates to identity, compute, networking, and other Azure resources.
The course is also designed to provide insight into the trustworthy foundation provided by Azure with many configurable security options to best suit your organizational needs.
What to Expect
This course is designed to bring out some of the core security technologies with an Azure Defense in-depth approach and cater to those individuals that may be new to Azure or may not carry an extensive security background. Security is everyone's job, and this course will help facilitate that mindset, all while maintaining confidentiality, integrity, and availability of customer data.
Security in the Cloud
Introduction into Azure Security
This course offers a high-level view of Azure security and many of the concepts that focus on decreasing the attack surfaces and improving security posture. Whether you are new to the cloud or want to know more about the security Azure offers, this course will be useful for you.
In the shared responsibility model for Azure, it is important to understand that the cloud offers a considerable advantage for security and compliance. However, customers still have to be responsible for protecting their users, applications, and other service offerings. This video outlines these responsibilities between customers and cloud service providers.
Securing Customer Data in Azure Services
This video outlines the importance of data protection, which has several options, but also emphasizes how Microsoft values the protection of your data through their own transparent policies and being your Cloud Service Provider (CSP).
Managing Data Location in Azure Services
At a high level, this video represents some of the geographical and regional locations and services Azure has to offer. This is important in knowing what is available for your region and how the infrastructure and services may be deployed in the future for optimization and resiliency in the cloud.
Who Can Access Your Data and on What Terms?
In this short video lesson, we talk about the importance of data protection, talk at a high level over data classification, and reference AIP (Azure Information Protection) as one of the centerpieces to adding defense depth and layers to your data.
Review Certification for Azure Services, Transparency Hub
Due to the amount of data that is being created, stored, and shared, the task of maintaining security and compliance has become complex. Managing compliance in the cloud is important and learn about some of the key features with the Microsoft compliance score with opportunities to utilize and navigate through the Microsoft Trust Center to assist with these compliance and control requirements.
In this video we are wrapping up and concluding section three, and running through a quick review of what was covered throughout Transparency.
Identity and Access Management
In this video, we describe the framework and some of the key processes that outline Identity Access Management and the capabilities in relation to Microsoft Azure and controls that have been put in place to add extra layers of security with a defense-in-depth approach.
Secure Apps and Data
Identity and Access Management is one of the most important ways to secure access to data in applications for both on-premise and in the cloud. This video teaches the fundamental concepts of how some of this technology works and incorporates important navigational tips in relation to the Azure platform and the easily accessible Microsoft documentation.
Role-Based Access Control (RBAC)
In this video, we learn some of the basic concepts around Role-Based Access control (RBAC) and how this interacts with other aspects of the Azure platform. Studies have proven when using RBAC, it helps to promote a better security posture for many organizations of all types. This is about some of the basics in role permissions and role-to-role relationships. Azure makes this easy to understand with the built-in technologies.
In this video, we are wrapping up and concluding section four, and running through a quick review over what we covered throughout Identity and Access Management.
Security and the Audit Dashboard
This video represents some of the basics when it comes to defining the data that is getting collected in the Azure environment. Some of these tools can allow you to see some of these audit and security features.
This lesson covers how Application Insights has been transformed into an extension for application monitoring, and can also be used from a security perspective to assist with analyzing data.
Azure Monitor is one of the key solutions designed to collect the telemetry data for both cloud and on-premises environments. Take a walk through this overview to learn some of the foundational components that bring this data together.
Azure Monitor Logs
It is important to know that you are collecting the right kind of data for your environment and that it is being done securely. This lesson breaks this down to explain how the data being collected for your environment also maintains a level of compliance and security hygiene.
Not quite the same as "Clippy" The Office Assistant, though Azure Advisor does assist in making best practice decisions and helps optimize deployments in your environments for high availability, security, performance, and cost optimization.
Azure Security Center
This lesson is a high-level view of the Security Center with the intended approach to connect the data and logs that we talked about throughout section 5 of this course. We then offer a visual in relation to how monitoring data is being ingested.
In this video, we are wrapping up and concluding section five by running through a quick review of what was covered throughout the Operations section.
Shared Access Signature
Shared Access Signature (SAS) provides an extra layer of security to storage accounts and clients by limiting the permissions and allowing better control and management over access. The objective of this lesson is to learn about the forms of SAAS, the service types it has to offer, and see some of its risk mitigation capabilities.
Encryption in Transit
This short lesson covers the importance of protecting data that is being transmitted across networks and how the process works.
Encryption at Rest
Encryption at Rest is important for data protection, and this lesson covers some of these attributes as well as Azure's integration into Key Vault to help protect and offer a more robust key management system.
This section is an overview of the storage data that can be aggregated into various solutions as an extension of the Azure platform. This explains how the logging is captured, which is important not only for metrics-driven data but also for the potential security anomalies that could be happening in the environment.
Enabling Browser-Based Clients Using CORS
This lesson describes how domains can allow each other to have access to different resources through the cross-origin resource sharing model. This allows different domain web traffic to communicate with one another through cross-domain scripting.
In this video, we are wrapping up and concluding section six, and running through a quick review of what we covered throughout Storage.
Network Layer Controls
In this video lesson, we discuss the topology of Network Layer Controls and how this limits the connectivity between different subnets and represents the foundation of network security.
Network Security Groups (NSG)
Network Security Groups play an important role in providing an extra layer of security within your infrastructure. This video demonstrates this concept through the easy to use tools that are available through the Azure portal.
Route Control and Forced Tunneling
This lesson's focus is on the Azure ability to control routing, which is critical to the security on your network. This covers some of the concepts pertaining to this technology.
Azure Application Gateway is a web traffic load balancer that has routing and decision making capabilities to manage traffic to your hosted web applications. In this video, we explain this concept and provide a brief walkthrough on the setup from the Azure portal.
Web Application Firewall
Web Application Firewall is designed to provide protection through means of delivery control and protect against web application vulnerabilities. In this short lesson, these concepts are explained along with how to use them in the Azure portal. This is another way to add layered protection without having to worry about the underlining infrastructure.
This lesson covers a walkthrough of the Security Center. When this solution identifies security and compliance issues, it can alert and report the information, which can help send you down the path of remediation.
In this video, we are wrapping up and concluding section seven, and running through a quick review of what we covered throughout Networking.
Antimalware and Antivirus
Layered approaches are important for cloud as well as any hybrid environment. It is important to have a base understanding of some of the Azure security extensions that can be added to assist with this layered approach and real-time protection. This video has a short demonstration on how to achieve this through the Azure Portal.
Hardware Security Module
In Azure, there are options for storing keys from Key Vault in FIPS (Federal Information Processing Standards)certified hardware security modules. This section provides insight into how these can be implemented and some of the benefits with key management in Azure Key Vault.
SQL VM TDE
Encryption needs to take place in transit and at rest. This section covers some of the basic concepts for SQL transparent data encryption at rest with some of the common terms and usage to accomplish this functionality.
VM Disk Encryption
This is a short tutorial that explains the requirements for encryption on Windows and Linux operating systems through the Azure portal.
This is a high-level overview running through a quick scenario on how to push out and update virtual machines.
Security Policy and Management and Reporting
This is a quick lesson covering some of the fundamentals when working with Security Policies from the Azure Portal.
In this video, we are wrapping up and concluding section four, and running through a quick review of what was covered throughout Identity and Access Management.
Security Development Cycle and Internal Audits
This video discussion centers on the importance of strategically aligning your design and concepts around the Security Development Cycle with an overall emphasis on best practices.
Mandatory Security Training and Background Checks
This short video stresses the importance of having employees in your organization complete mandatory security awareness training, and also shows an example from Microsoft on how they represent this as an audit control.
Penetration Testing, Intrusion Detection, DDoS, Audits, and Logging
This video includes examples of audit controls provided by Microsoft resources pertaining to Penetration Testing, Intrusion Detection, DDoS, Audits, and Logging. This also introduces some of the threat-protection and solutions that are available from Microsoft.
State of the Art Data Centers, Physical Security, and Secure Networks
This lesson highlights the key attributes to perimeter security from a physical and logical concept. From the Data Centers to the Secured Networks, all of these provide defense and in-depth layered protection for your data.
Security Incident Response and Shared Responsibility
This lesson provides a high-level understanding of the world of incident response and how it applies to the cloud as well as traditional on-premise technology.
In this video, we wrap up and conclude section nine and run through a quick review of what we covered throughout the Secure Platform.
This video provides additional online resources when it comes to Azure security and some of the topics discussed in this essentials course.
This video gives a high-level explanation over the next options one could pursue in the Azure space or even gain some of the cloud-focused experiences from the Microsoft role-based certification roadmap and learning sites.
Take this course and learn a new skill today.
Transform your learning with our all access plan.Start 7-Day Free Trial