SC-5002: Secure Azure Services and Workloads with Microsoft Defender for Cloud regulatory Compliance Controls

Back to all topics
, , , , , , ,
  • 1 Day
  • Private Group Training
01

Course Overview

This learning path guides you in securing Azure services and workloads using Microsoft Cloud Security Benchmark controls in Microsoft Defender for Cloud via the Azure portal.

02

Key Learning Areas

  • Filtering network traffic with Network Security Groups and Application Security Groups.
  • Creating and configuring a Log Analytics workspace for Microsoft Defender for Cloud.
  • Setting up Microsoft Defender for Cloud, including posture management, workload protections, Azure Arc integration, compliance, secure score, policies, recommendations, and threat detection.
  • Configuring and integrating Log Analytics agents and workspaces to collect and analyze security data.
  • Implementing just-in-time VM access and understanding brute force attack defenses.
  • Securing secrets and keys with Azure Key Vault, including networking, firewalls, virtual networks, service endpoints, soft delete, and best practices.
03

Course Outline

Filter Network Traffic with a Network Security Group Using the Azure portal

  • Azure resource group
  • Azure Virtual Network
  • How network security groups filter network traffic
  • Application security groups

 

Create a Log Analytics Workspace for Microsoft Defender for Cloud

  • Defender for Cloud monitoring components

 

Set Up Microsoft Defender for Cloud

  • Implement Microsoft Defender for Cloud
  • Security posture
  • Workload protections
  • Deploy Microsoft Defender for Cloud
  • Azure Arc
  • Azure Arc capabilities
  • Microsoft cloud security benchmark
  • Improve your regulatory compliance.
  • Configure Microsoft Defender for Cloud policies
  • View and edit security policies
  • Manage and implement Microsoft Defender for Cloud recommendations
  • Explore secure score
  • MITRE Attack matrix
  • Define brute force attacks
  • Understand just-in-time VM access
  • Implement just-in-time VM access

 

Configure and Integrate a Log Analytics Agent and Workspace in Defender for Cloud

  • Collect data from your workloads with the Log Analytics agent
  • Configure the Log Analytics agent and workspace

 

Configure Azure Key Vault Networking Settings

  • Azure Key Vault basic concepts
  • Best practices for Azure Key Vault
  • Azure Key Vault security
  • Configure Azure Key Vault firewalls and virtual networks
  • Azure Key Vault soft delete overview
  • Virtual network service endpoints for Azure Key Vault
04

Who Benefits

  • General understanding of networking and cloud computing concepts.
  • IT professionals looking to strengthen their Azure security skills.
  • Cloud administrators and engineers who manage and protect Azure workloads.
  • DevOps teams wanting to integrate security and compliance into deployments.
  • Security specialists aiming to improve monitoring, threat detection, and regulatory compliance.
  • Developers and architects who need to safeguard application secrets with Azure Key Vault.
05

Prerequisites

There are no prerequisites for this course.

Want this course for your team?

Atmosera can provide this course virtually or on-site. Please reach out to discuss your requirements.

Request a Quote