In this learning path, you will learn how to manage identities and implement security across Microsoft Azure and Office 365. A key component of both services is Azure AD and understanding the core management capabilities to protecting your cloud infrastructure are key.
The course will educate you on the details you need to know to be able to start writing PowerShell for Azure AD. By the end, our objective is to make you feel comfortable writing PowerShell to automate common management tasks for Azure AD. We’ll also provide you some real-world examples for where you can use PowerShell to be more consistent and save time.
This course is the 2nd in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on what it takes to implement overall Azure platform protection. In the first module, we touch on several aspects of Azure Networking security, like custom routing, Network Security Groups, Application Security Groups and Azure Firewall. You will also learn about optimizing security of remote management to your Azure Virtual Machines. In the next module, we pinpoint the topic of host security, which covers endpoint protection deployment and configuration, Azure virtual machine hardening best practices and how to enable and configure system updates for your Azure-running virtual machines. The 3rd module brings you up to speed on containerizing applications and running them in different Azure container service resources like Azure Container Registry and Azure Container Instance, always focusing on the security aspect of these. Last, we also talk about Azure Kubernetes Services networking and security control. In the 4th and last module, you learn about Azure governance using Azure Policies, Role Based Access Control and how to set up subscription permissions.
This course is the first in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on managing Azure Identity and Access control, relying on Azure Active Directory as the main vehicle for these. In the first module, where we start with an introduction to Azure Active Directory, we dive into the topic of AD Connect synchronization, discuss several authentication architectures available today for hybrid identity, and zoom in on several of Azure AD’s built-in security features. The 2nd module covers Azure AD Privileged Identity Management, a separate service in Microsoft Azure, allowing you to define and control admin-level privileges. The 3rd and last module in this course touches on how to migrate Azure resources across different subscriptions and what impact this might have, ending with describing and walking you through Azure API Management capabilities.
This course is the 3rd in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on managing security operations, mainly describing what different Azure monitoring and operations tools are available, and how they can help in managing your Azure environment from a security operations perspective. You will learn about Azure Monitor, Azure Log Analytics and Azure Security Center. Next, you will also learn about Azure alert management and Azure Security Center alerts specifically.
In this course, students will learn how to manage and configure Azure Active Directory in basic and advanced deployment scenarios. Students will learn how to manage hybrid identity to include attribute writeback as well as how to manage devices with Azure Active Directory.
This course is the 4th and last in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on deploying, configuring and managing security of your data that is stored in Azure, as well as how to secure your business-critical application workloads. You will learn about securing Azure SQL, covering different built-in and sometimes unique to public cloud features of SQL Server. Next, you will also learn the basics of securing other data solutions like HD Insights, Azure Data Lake and Cosmos DB. Another part of the course discusses on how to enable and configure data encryption, using Azure Key Vault as secrets store. Last, you will also learn about several security features of Azure App Services, optimizing security for Azure Web Apps and Azure App Services Environment.
In this course, students will learn how to implement and configure advanced security controls in Azure Active Directory, including Multi-Factor Authentication and Privileged Identity Management. These controls are implemented to secure user identities in Azure Active Directory and provide advanced reporting, authentication, and authorization through the Azure AD identity service.
This course explores the Security and Compliance features now available within Office 365. The course starts with a general review of core Security and Compliance features found within Office 365. The course will then move into specific areas such as Data Loss Prevention, Device Management, Permissions and core Security along with overall Administration and Reporting. Each topic area will be discussed and demonstrated.
In this module, you will focus on pricing and support models available with Microsoft to include but not limited to Azure subscriptions, planning and managing costs, support options available with Azure, and the service lifecycle in Azure.
In this module you will learn basic cloud concepts to include but not limited to the following: Why Cloud Services?, Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), Software-as-a-Service (SaaS), Public, Private, and Hybrid cloud models.
In this module, you will learn the basics of core services available within Microsoft Azure to include but not limited to Core Azure architectural components, Core Azure Services and Products, Azure Solutions, and Azure management tools.
In this module, you will learn about security, privacy, compliance, and trust with Microsoft Azure. You will become familiar with the following topics: securing network connectivity in Azure, core Azure identity services, security tools and features, Azure governance methodologies, monitoring and reporting in Azure, and privacy, compliance and data protection standards in Azure.
In this lab, you will connect to Azure Active Directory to retrieve audit and reporting information.
In this lab, you will learn the basics of Azure Automation for common Azure Active Directory tasks.
In this hands-on lab, you will implement many of the Azure Security Center features to secure their cloud-based Azure infrastructure (IaaS) and applications (PaaS). Specifically, you will ensure that any internet exposed resources have been properly secured and any non-required internet access disabled. Additionally, you will implement a “jump machine” for admins with Application Security enabled to prevent admins from installing non-approved software and potentially exposing cloud resources. You will then utilize custom alerts to monitor for TCP/IP Port Scans and then fire alerts and run books based on those attacks.
In this lab, an Azure Virtual Machine disk will be encrypted using the following steps:Deploy a VM into Azure that is not encryptedObtain and run the Azure Disk Encryption Prerequisites Azure PowerShell scriptEncrypt your virtual machines
In this lab, you will create a virtual network that will allow the virtual machines you create to securely connect with each other. You will then create two virtual machines and specify the virtual network configuration and the availability set configuration along with storage for the virtual machine.
In this lab, you will create an Azure Web App and a SQL Database and configure the popular content management system (CMS) Orchard CMS. You will then configure the web app to automatically scale based on actual CPU usage.
This lab is designed to help you become familiar with several features of Microsoft Azure Log Analytics. You will learn how to setup a Log Analytics workspace and install the agent on several VMs. From there, you will configure data sources from Azure as well as diagnostic data from the VMs and learn the fundamentals of querying data and events using the Log Analytics query language.This lab pre-provisions several resources in Microsoft Azure and will take 15-20 minutes to start before it is ready.
This lab explores the Security and Compliance features available within Office 365. The lab starts with a general review of core Security and Compliance features found within Office 365. The lab will then move into specific areas such as Data Loss Prevention, Device Management, Permissions and core Security along with overall Administration and Reporting. Each topic area will be discussed and demonstrated.Note: Instructions for creating an Office 365 E5 trial tenant are in the lab and is a requirement to complete this lab.
In this lab, you will get started with Azure Key Vault to create a hardened container (a vault) in Azure, to store and manage cryptographic keys and secrets in Azure. First you will use Azure PowerShell. Then you will store a password as a secret that could then be used with an Azure application.
In this lab, you will create 3 virtual networks in two different regions. You will configure site-to-site connectivity between the regions using a VPN Gateway. Finally, you will configure virtual network to virtual network connectivity using virtual network peering. This will also allow traffic from the 3rd virtual network to transit over the VPN gateway.
In this lab, you will manage external users within Azure Actiev Directory. You will creating Guest Users in Azure Active Directory, then manage the external user invitations. Lastly you will learn about lifecycle policies and how they can be used within Azure Active Directory.
In this lab, you will install the required components to connect to Azure Active Directory. You will then initiate a connection to Azure Active Directory, as well as review common administration tasks and commands.
In this lab, you will learn how to manage Users and Groups using both MSOnline and AzureAD PowerShell Modules. You will create, manage and remove both users and groups, followed by managing permissions within Azure Active Directory.