The content of this intensive training is derived from the exam "SC-100: Microsoft Cybersecurity Architect".
Module 1: Development of a comprehensive security strategy and architecture
- Overview of Zero Trust
- Development of integration points in an architecture
- Development of security requirements based on business objectives
- Translating security requirements into technical capabilities
- Developing security for a fail-safe strategy
- Design of a security strategy for hybrid and multi-tenant environments
- Design of technical and governance strategies for the filtering and segmentation of data traffic
- Understanding the security of protocols
Exercise: Building a comprehensive security strategy and architecture
Module 2: Designing a strategy for security operations
- Understanding frameworks, processes and procedures for security operations
- Designing a security strategy for logging and auditing
- Development of security processes for hybrid and multi-cloud environments
- Designing a strategy for Security Information and Event Management (SIEM) and Security Orchestration,
- Evaluation of security processes
- Review of security strategies for incident management
- Evaluation of the security operations strategy for sharing technical threat intelligence
- Monitor threat intelligence and remediation sources
Module 3: Designing an identity security strategy
- Secure access to cloud resources
- Recommend an identity store for security
- Recommend secure authentication and security authorization strategies
- Secure conditional access
- Design a strategy for role assignment and delegation
- Definition of identity governance for access checks and authorization management
- Design of a security strategy for privileged roles to access the infrastructure
- Design of a security strategy for privileged activities
- Understanding the security of protocols
Module 4: Evaluation of a compliance strategy
- Interpreting compliance requirements and their technical possibilities
- Infrastructure compliance assessment using Microsoft Defender for Cloud
- Interpreting conformity assessments and recommending measures to rectify problems or improve safety
- Design and validation of the implementation of Azure policies
- Design for data residency requirements
- Translating data protection requirements into requirements for security solutions
Module 5: Assessment of the security situation and recommendation of technical strategies for risk management
- Evaluating the security situation using benchmarks
- Evaluate the security situation using Microsoft Defender for Cloud
- Assessment of the security situation using Secure Scores
- Assessing the security hygiene of cloud workloads
- Designing security for an Azure Landing Zone
- Interpretation of technical threat data and recommendation of risk mitigation measures
- Recommendation of security features or controls to mitigate identified risks
Module 6: Understanding architecture best practices and how they are changing with the cloud
- Plan and implement a security strategy across teams
- Establish a strategy and process for the proactive and continuous development of a security strategy
- Understand network protocols and best practices for network segmentation and traffic filtering
Module 7: Designing a strategy for securing server and client endpoints
- Define security baselines for server and client endpoints
- Defining security requirements for servers
- Defining security requirements for mobile devices and clients
- Defining the requirements for securing Active Directory domain services
- Designing a strategy for managing secrets, keys and certificates
- Designing a strategy for secure remote access
- Understanding frameworks, processes and procedures for security operations
- Understanding in-depth forensic procedures by resource type
Module 8: Designing a strategy for securing PaaS, IaaS and SaaS services
- Defining security principles for PaaS, IaaS and SaaS services
- Define security requirements for IoT, data, web and storage workloads
- Defining security requirements for containers and container orchestration
Module 9: Specifying security requirements for applications
- Understanding application threat modeling
- Setting priorities for mitigating threats to applications
- Specify a security standard for the onboarding of a new application
- Defining a security strategy for applications and APIs
Module 10: Designing a strategy for backing up data
- Set priorities for mitigating threats to data
- Design a strategy to identify and protect sensitive data
- Defining an encryption standard for data at rest and in motion