Tijekom treninga IT profesionalci za sigurnost usvojiti će znanja i vještine potrebne za implementaciju sigurnosnih kontrola, održavanje sigurnosne pozicije organizacije te prepoznavanje i otklanjanje sigurnosnih propusta.
Kroz trening polaznici će usvojiti vještine i znanja o sigurnosti za identitet i pristup, zaštiti platforme, podacima i aplikacijama te o sigurnosnim operacija.
Što ćete naučiti
- Kako zaštiti korisnike od ugrožavanja korisničkih računa te kako upravljati pristupima.
- Kako osigurati pristup resursima organizacije (zaštita korisničkih zaporki, multifaktorska provjera identiteta).
- Kako omogućiti Azure Identity Protection.
- Kako konfigurirati AD federacijske servise te kako postaviti i koristiti Azure AD Connect.
- Upoznati Secure Score, Exchange Online zaštitu, Azure Advanced Threat Protectionom, Microsoft 365 Threat Intelligence, napredu zaštitu od prijetnji korištenjem Windows Defendera.
- Kako osigurati mobilne uređaje i aplikacija.
- Kako konfigurirati Microsoft 365 u cilju postizanja sigurnog okruženje.
Kome je namijenjeno
- Trening je namijenjen Azure Security inženjerima koji obavljaju sigurnosne zadatke u svom svakodnevnom poslu. Trening je također namijenjen inženjerima koji se želi specijalizirati za pružanje sigurnosti za digitalne platforme temeljene na Azureu i igrati važnu ulogu u zaštiti podataka organizacije.
Preduvjeti
- Razumjeti najbolje sigurnosne prakse i sigurnosne zahtjeve industrije kao što su dubinska obrana, najmanje privilegirani pristup, role-based kontrolu pristupa, multifaktorsku autentifikaciju, podijeljenu odgovornost i model nultog povjerenja.
- Poznavati sigurnosne protokole kao što su Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), metode šifriranja diska i podataka.
- Iskustvo u implementaciji Azure radnih opterećenja (eng.workloads).
- Iskustvo s Windows i Linux operativnim sustavima i skriptnim jezicima.
- AZ-104: Manage identities and governance in Azure
- AZ-104: Implement and manage storage in Azure
- AZ-104: Configure and manage virtual networks for Azure administrators
- AZ-104: Monitor and back up Azure resources
- AZ-104: Deploy and manage Azure compute resources
Nastavni plan
-
Pregledaj
- Module 1: Secure Azure solutions with Azure Active Directory
Explore how to securely configure and administer your Azure Active Directory instance.
After completing this module, students will be able to:
- Configure Azure AD and Azure AD Domain Services for security
- Create users and groups that enable secure usage of your tenant
- Use MFA to protect user's identities
- Configure passwordless security options
- Deploy Azure AD Connect
- Pick and configure that best authentication option for your security needs
- Configure password writeback
- Deploy and configure Identity Protection
- Configure MFA for users, groups, and applications
- Create Conditional Access policies to ensure your security
- Create and follow an access review process
- Describe Zero Trust and how it impacts security
- Configure and deploy roles using Privileged Identity Management (PIM)
- Evaluate the usefulness of each PIM setting as it relates to your security goals
- Explain the shared responsibility model and how it impacts your security configuration
- Create Azure policies to protect your solutions
- Configure and deploy access to services using RBAC
- Define defense in depth
- Protect your environment from denial-of-service attacks
- Secure your solutions using firewalls and VPNs
- Explore your end-to-end perimeter security configuration based on your security posture
- Deploy and configure network security groups to protect your Azure solutions
- Configure and lockdown service endpoints and private links
- Secure your applications with Application Gateway, Web App Firewall, and Front Door
- Configure ExpressRoute to help protect your network traffic
- Configure and deploy Endpoint Protection
- Deploy a privileged access strategy for devices and privileged workstations
- Secure your virtual machines and access to them
- Deploy Windows Defender
- Practice layered security by reviewing and implementing Security Center and Security Benchmarks
- Define the available security tools for containers in Azure
- Configure security settings for containers and Kubernetes services
- Lock down network, storage, and identity resources connected to your containers
- Deploy RBAC to control access to containers
- Define what a key vault is and how it protects certificates and secrets
- Deploy and configure Azure Key Vault
- Secure access and administration of your key vault
- Store keys and secrets in your key vault
- Explore key security considers like key rotation and backup / recovery
- Register an application in Azure using app registration
- Select and configure which Azure AD users can access each application
- Configure and deploy web app certificates
- StartAdd
- Define data sovereignty and how that is achieved in Azure
- Configure Azure Storage access in a secure and managed way
- Encrypt your data while it is at rest and in transit
- Apply rules for data retention
- Configure which users and applications have access to your SQL databases
- Block access to your servers using firewalls
- Discover, classify, and audit the use of your data
- Encrypt and protect your data while is it stored in the database
- Configure and monitor Azure Monitor
- Define metrics and logs you want to track for your Azure applications
- Connect data sources to and configure Log Analytics
- Create and monitor alerts associated with your solutions security
- Define the most common types of cyber-attacks
- Configure Azure Security Center based on your security posture
- Review Secure Score and raise it
- Lock down your solutions using Security Center and Defender
- Enable Just-in-Time access and other security features
- Explain what Azure Sentinel is and how it is used
- Deploy Azure Sentinel
- Connect data to Azure Sentinel, like Azure Logs, Azure AD, and others
- Track incidents using workbooks, playbooks, and hunting techniques
Za što vas priprema?
- Certifikacijski ispit: Exam AZ-500: Microsoft Azure Security Technologies
- Certifikat: Microsoft Certified: Azure Security Engineer Associate