Moocable is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Architect secure infrastructure in Azure

Microsoft via Microsoft Learn

Description

  • Module 1: In this module, you’ll use the alert capabilities of Microsoft Defender for Cloud to watch for and respond to threats.

    In this module, you will:

    • View security alerts in Microsoft Defender for Cloud
    • Define an incident response plan
    • Use a Workflow automation to automate a security response
    • Module 2: Explore the options for Azure disk encryption to encrypt OS and data disks on existing and new virtual machines.

      In this module, you will:

      • Determine which encryption method is best for your VM
      • Encrypt existing virtual machine disks using the Azure portal
      • Encrypt existing virtual machine disks using PowerShell
      • Modify Azure Resource Manager templates to automate disk encryption on new VMs
      • Module 3: Learn how to create an Azure Key Vault to store secret values and how to enable secure access to the vault.

        In this module, you will:

        • Explore what types of information can be stored in Azure Key Vault
        • Create an Azure Key Vault and use it to store secret configuration values
        • Enable secure access to the vault from an Azure App Service web app with managed identities for Azure resources
        • Implement a web application that retrieves secrets from the vault
        • Module 4: Learn how to use Azure role-based access control to effectively manage your team’s access to Azure resources.

          In this module, you will:

          • Verify access to resources for yourself and others
          • Grant access to resources
          • View activity logs of Azure RBAC changes
          • Module 5: Secure the traffic from your users all the way to your web servers by enabling TLS encryption on Application Gateway.

            In this module, you will:

            • Implement TLS encryption between your users and Application Gateway
            • Implement TLS encryption between Application Gateway and your web servers
            • Module 6: Identify the data in your organization and store it on Azure. Store secrets securely, and use client-side encryption and Storage Service Encryption to help protect your data.

              In this module, you will:

              • Identify the types of data that your organization is using and the security requirements for that data
              • Identify the encryption capabilities for services on Azure
              • Module 7: Secure an Azure SQL database to keep the information safe and diagnose potential security concerns as they happen.

                In this module, you will:

                • Control network access to your Azure SQL Database using firewall rules
                • Control user access to your Azure SQL Database using authentication and authorization
                • Protect your data in transit and at rest
                • Audit and monitor your Azure SQL Database for access violations
                • Module 8: Keep tabs on security events in your Azure AD resources by using built-in reporting and monitoring capabilities. Respond to events as they happen, and address security risks before they become a problem.

                  In this module, you will:

                  • Store Azure audit activity and sign-in activity logs in Azure Monitor.
                  • Create alerts for security events in Azure Monitor.
                  • Create and view dashboards to support improved monitoring.

Find study partner
Online Courses
Microsoft Learn
Free
7 hours 14 minutes

Architect secure infrastructure in Azure

Microsoft
Find study partner
Affiliate notice

  • Type
    Online Courses
  • Provider
    Microsoft Learn
  • Pricing
    Free
  • Duration
    7 hours 14 minutes

  • Module 1: In this module, you’ll use the alert capabilities of Microsoft Defender for Cloud to watch for and respond to threats.

    In this module, you will:

    • View security alerts in Microsoft Defender for Cloud
    • Define an incident response plan
    • Use a Workflow automation to automate a security response
    • Module 2: Explore the options for Azure disk encryption to encrypt OS and data disks on existing and new virtual machines.

      In this module, you will:

      • Determine which encryption method is best for your VM
      • Encrypt existing virtual machine disks using the Azure portal
      • Encrypt existing virtual machine disks using PowerShell
      • Modify Azure Resource Manager templates to automate disk encryption on new VMs
      • Module 3: Learn how to create an Azure Key Vault to store secret values and how to enable secure access to the vault.

        In this module, you will:

        • Explore what types of information can be stored in Azure Key Vault
        • Create an Azure Key Vault and use it to store secret configuration values
        • Enable secure access to the vault from an Azure App Service web app with managed identities for Azure resources
        • Implement a web application that retrieves secrets from the vault
        • Module 4: Learn how to use Azure role-based access control to effectively manage your team’s access to Azure resources.

          In this module, you will:

          • Verify access to resources for yourself and others
          • Grant access to resources
          • View activity logs of Azure RBAC changes
          • Module 5: Secure the traffic from your users all the way to your web servers by enabling TLS encryption on Application Gateway.

            In this module, you will:

            • Implement TLS encryption between your users and Application Gateway
            • Implement TLS encryption between Application Gateway and your web servers
            • Module 6: Identify the data in your organization and store it on Azure. Store secrets securely, and use client-side encryption and Storage Service Encryption to help protect your data.

              In this module, you will:

              • Identify the types of data that your organization is using and the security requirements for that data
              • Identify the encryption capabilities for services on Azure
              • Module 7: Secure an Azure SQL database to keep the information safe and diagnose potential security concerns as they happen.

                In this module, you will:

                • Control network access to your Azure SQL Database using firewall rules
                • Control user access to your Azure SQL Database using authentication and authorization
                • Protect your data in transit and at rest
                • Audit and monitor your Azure SQL Database for access violations
                • Module 8: Keep tabs on security events in your Azure AD resources by using built-in reporting and monitoring capabilities. Respond to events as they happen, and address security risks before they become a problem.

                  In this module, you will:

                  • Store Azure audit activity and sign-in activity logs in Azure Monitor.
                  • Create alerts for security events in Azure Monitor.
                  • Create and view dashboards to support improved monitoring.

Quick Links

Browse by subject

Browse by provider

Browse by university

Browse by publisher

Browse by institution

Roadmaps

Posts