Enabling Platform Protection in Microsoft Azure

Paths

Enabling Platform Protection in Microsoft Azure

Authors: Tim Warner, Michael Teske, Ned Bellavance

Cloud computing has enabled access to systems from anywhere, but cybersecurity is now more important than it has ever been to companies and Security Engineers alike. Microsoft... Read more

What you will learn:

  • Platform Level Protection
  • Microsoft Azure Virtual Machines and Virtual Networks
  • Azure Security Center
  • Applications Security
  • Host Security
  • Subscriptions

Pre-requisites

This path is for aspiring Security Engineers who are familiar with cloud computing and wish to learn how to use Microsoft Azure security features. There is no prerequisite.

Beginner

The courses in this section will teach you the fundamentals for securing your implementations on the Microsoft Azure Platform, including working with virtual machines, virtual networks, and security considerations for virtual networks. These topics are the perfect foundation for you to move to the intermediate level.

Configuring Virtual Machines in Microsoft Azure

by Tim Warner

Sep 14, 2018 / 1h 43m

1h 43m

Start Course
Description

At the core of configuration management in Microsoft Azure is a thorough knowledge of how to connect to and manage Azure-based virtual machines (VMs). In this course, Configuring Virtual Machines in Microsoft Azure, you’ll learn how to configure Windows Server and Linux VMs in Azure for maximum performance, availability, and security. First, you’ll learn how to manage VM configurations, including storage, networking, and extensions. Next, you’ll explore how to maximize VM availability, involving availability sets, availability zones, and Azure Advisor. Finally, you’ll discover how to enforce VM security in Azure, including role-based access control (RBAC) and Azure Security Center. When you’re finished with this course, you’ll have a foundational knowledge of Azure VM configuration that will help you as you move forward in your work as a Microsoft Azure administrator or solution architect.

Table of contents
  1. Course Overview
  2. Managing VM Configuration
  3. Managing VM Availability
  4. Managing VM Security

Managing Microsoft Azure Virtual Networks

by Tim Warner

Sep 14, 2018 / 1h 39m

1h 39m

Start Course
Description

At the core of Microsoft Azure infrastructure as a service (IaaS) is a thorough knowledge of software-defined networking. In this course, Managing Microsoft Azure Virtual Networks, you’ll learn how to design, deploy, manage, and maintain virtual networks in the Microsoft Azure cloud. First, you’ll learn how to create and configure virtual networks. Next, you’ll explore how to implement traffic control in a virtual network. Finally, you’ll discover how to troubleshoot virtual networks with Network Watcher. When you’re finished with this course, you’ll have a foundational knowledge of Azure networking that will help you as you move forward to become a more effective Azure administrator or solution architect.

Table of contents
  1. Creating and Configuring an Azure Virtual Network
  2. Implementing Traffic Control in a Microsoft Azure Virtual Network
  3. Course Overview

Securing Microsoft Azure Networks

by Michael Teske

May 28, 2019 / 1h 31m

1h 31m

Start Course
Description

Establishing a presence in the cloud should be done with security at the forefront. In this course, Securing Microsoft Azure Networks, you will learn what services and features you can leverage to create a plan to better improve your security profile in Azure. First, you will configure access control by securing what traffic can access your assets as well as who. Next, you will create and configure services that will better protect your network from malicious actors. Finally, you will maintain a secured connection from your on-premises environment to Azure in order to manage your Azure assets in a more secure fashion. When you’re finished with this course, you will have the skills and knowledge to apply security controls to your Azure network resources while creating a secure posture in the cloud.

Table of contents
  1. Course Overview
  2. Planning Hybrid Network Security in Microsoft Azure
  3. Configuring Network Security Access to Microsoft Azure Resources
  4. Configuring Network Resources in Microsoft Azure
  5. Creating a VPN Site-to-Site Connection to Microsoft Azure

Intermediate

These intermediate courses will take you through some of the more intricate elements within Azure platform security, including Azure Security Center and host security. Once you fully comprehend the topics in this area, you’ll be ready to move on to the advanced courses.

Managing Microsoft Azure Security

by Ned Bellavance

Dec 12, 2018 / 2h 30m

2h 30m

Start Course
Description

Configuring and monitoring the security of your Azure environment is a challenging endeavor. You want to ensure that you are following best practices, finding the important events, and taking a proactive stance on security configuration. Microsoft Azure Security Center helps provide a single management point for all things security in Azure. In this course, Managing Microsoft Azure Security, you'll learn how to properly leverage the Azure Security Center from Microsoft to meet the advanced security needs of a cloud deployment. First, you'll configure policies and data collection for the resources in your Azure subscriptions. Next, you'll review the recommended actions from the Security Center and prioritize which actions to take first. Finally, you'll investigate alerts and incidents to determine the root cause of a security intrusion. By the end of this course, you'll be able to leverage Azure Security Center to improve your security posture in Azure and assess and remediate vulnerabilities effectively.

Table of contents
  1. Course Overview
  2. Introducing Monitoring Azure Security
  3. Understanding Azure Security Center
  4. Policies and Data Collection
  5. Security Assessments and Threat Prevention
  6. Managing Security Solutions
  7. Investigating Threats
  8. Automating Security Workflows
  9. Advanced Cloud Defense

Implementing Host Security in Microsoft Azure

by Michael Teske

Jun 14, 2019 / 1h 22m

1h 22m

Start Course
Description

Improving your security profile includes ensuring your hosts, both on-premises and in Azure, are updated and secured. In this course, Implementing Host Security in Microsoft Azure, you will gain knowledge of the services and features you can leverage to harden and update hosts in order to reduce their attack surface. First, you will enable learn how to update management to automatically enroll your hosts to keep them up to date. Next, you will explore how to enroll your hosts into Azure Security Center and apply any remediation suggestions while also installing endpoint protection. Finally, you will see how everything ties together with Azure's advanced threat detection using the tools described including Azure Monitor. When you’re finished with this course, you will have the skills and knowledge to update and harden your endpoints, both on-premises and in the cloud, improving your overall security posture.

Table of contents
  1. Course Overview
  2. Planning for Endpoint Security
  3. Updating Virtual Machines
  4. Securing Azure Virtual Machines and Connected Devices
  5. Monitoring Azure VMs and Non-Azure Systems

Advanced

In this section, you’ll get the opportunity to explore the more complicated areas in Microsoft Azure Cloud Platform Security. For example, you’ll learn about security while you conduct deployments and while managing subscriptions.

Maintaining Deployment Security in Microsoft Azure

by Michael Teske

Jun 18, 2019 / 48m

48m

Start Course
Description

In any situation, be it on-premises, in the cloud, or somewhere in between, maintaining the security posture of your assets is a full-time job. In this course, Maintaining Deployment Security in Microsoft Azure, you will learn what services and features you can leverage to keep your assets secured and up to date, including virtual machines as well as your serverless computing. First, you will enroll your hosts into update management while also creating availability sets for your future deployments, ensuring platform resiliency. Next, you will monitor your assets in Azure Security Center and apply any remediation suggestions. Finally, you will see how you can maintain, monitor, and secure your container resources. When you’re finished with this course, you will have the skills and knowledge to maintain a strong security profile for your virtual machines and containers in Microsoft Azure.

Table of contents
  1. Course Overview
  2. Identifying Azure Platform Maintenance and Security Services
  3. Configuring Azure Maintenance and Security Services

Implementing Microsoft Azure Subscription Security

by Michael Teske

Jun 26, 2019 / 1h 14m

1h 14m

Start Course
Description

Shifting to the cloud requires quite a bit of thought and analysis. It's critical to think about how you can govern what your users have the rights to do within your company’s subscriptions. In this course, Implementing Microsoft Azure Subscription Security, you will learn what controls and features you can use to ensure you’re able to control who can deploy those resources, what they can deploy, and what they can do after deployment. First, you will make management groups to better organize and manage your subscription resources. Next, you will create policies to ensure your Azure assets remain in compliance and remediated if not. Finally, you will enforce the practice of least privilege by locking down resources through access control and resource locks. When you’re finished with this course, you will have the skills and knowledge to set guardrails and manage the governance over your entire Azure environment.

Table of contents
  1. Course Overview
  2. Identifying Azure Subscription Management Resources
  3. Configuring Microsoft Azure Subscription Security
  4. Securing Azure Resources