In this course the student will learn about the capabilities of the Azure platform for protecting public cloud and hybrid workloads. From there the student will explore the tools and services available to them to protect and lock down their own services and protect their identities. This course will also focus on general best practices for security.
This course is a mixture of:
40% Hands-On Labs
25% Architectural Case Studies
- Understand how to use Azure AD for to secure access to resources, configure single-sign-on and enterprise wide identity management
- Understand how to use and customize role based access control (RBAC)
- Understand how to use and customize Azure Resource Manager policies
- How to enable and use built in encryption services for data protection and secret management
- How to deploy Azure PaaS solutions in a secure manner with virtual network integration
- How to use Azure Security Center to monitor for security and compliance issues in your environment.
- Understanding of virtualization technologies such as Hyper-V or VMWare is recommended
- Experience with a scripting environment such as Bash is recommended
MODULE 1:Introduction to Azure Platform Security
In this module, students will learn how Microsoft Azure is architecture and what protections are put in place to protect customers from attacks.
MODULE 2:Managing Identities with Azure AD
In this module, students will learn the different cloud identity solutions that are provided by Azure Active Directory, and how to integrate them in a hybrid environment with your on-premises identity solution.
Students will first be introduced to the issues with identity in today’s cloud-first world. Then there will be a thorough examination of several Azure Active Directory features, across the different service tiers available today. Starting from the Azure AD Connect synchronization tool, we move to providing knowledge around the differences between Azure AD B2B/B2C and how to deploy them. Azure Active Directory Domain Services will be explored, after which we detail the integration with Office 365. The course is ended with an extensive mapping of Azure AD connect with ADFS Federation and the newest Azure AD Pass-through authentication.
MODULE 3:Azure Network Security
In this module, students will learn how to use features such as Network Security Groups and Azure routing to deploy secure networking solutions in Azure. Topics will include deploying firewall solutions from the Azure marketplace to create a DMZ in Azure.
MODULE 4: Implementing Azure Governance
In this module, students will learn how to use the built-in controls and services such as role based access control (RBAC), policies, and Azure monitor to control who, what and where Azure services can be managed.
MODULE 5: Encryption and Key Management
In this module, students will learn how to use Azure Key Vault to securely store and access secrets as well as using Azure Virtual Machine disk encryption to protect data in Azure.
MODULE 6: Securing Azure Services
In this module, students will learn capabilities for deploying Azure services in a secure manner. Students will learn how certain services such as Azure App Service Environment, SQL Database, Site Recovery, and several others protect your data from attack. Azure Security center will also be discussed in-depth to learn how it can be used to detect and respond to attacks.
Dedicated instructor-led training is designed for group training and is delivered by the experts at Opsgility. Delivery availability is anywhere in the world at your location or using advanced virtual training software.
- Standard or Customized Curriculum
- Globally Available for Delivery
- Holistic Learning Plans are Available
- Industry Recognized Subject Matter Experts