Description

Module 1: Prevent attacks before they get to your Azure solutions. Use the concepts of defense in depth and zero trust to secure Azure perimeter.By the end of this module, you will be able to:Define defense in depthProtect your environment from denial-of-service attacksSecure your solutions using firewalls and VPNsExplore your end-to-end perimeter security configuration based on your security postureModule 2: Use Azure network capabilities to secure your network and applications from external and internal attacks.By the end of this module, you will be able to:Deploy and configure network security groups to protect your Azure solutionsConfigure and lockdown service endpoints and private linksSecure your applications with Application Gateway, Web App Firewall, and Front DoorConfigure ExpressRoute to help protect your network trafficModule 3: Learn to lock down the devices, virtual machines, and other components that run your applications in Azure.By the end of this module, you will be able to:Configure and deploy Endpoint ProtectionDeploy a privileged access strategy for devices and privileged workstationsSecure your virtual machines and access to themDeploy Windows DefenderPractice layered security by reviewing and implementing Security Center and Security BenchmarksModule 4: Explore how to secure your applications running within containers and how to securely connect to them.By the end of this module, you will be able to:Define the available security tools for containers in AzureConfigure security settings for containers and Kubernetes servicesLock down network, storage, and identity resources connected to your containersDeploy RBAC to control access to containers

Tags

Syllabus

Syllabus Module 1: Implement perimeter securityIntroductionDefine defense in depthExplore virtual network securityEnable Distributed Denial of Service (DDoS) ProtectionConfigure a distributed denial of service protection implementationExplore Azure Firewall featuresDeploy an Azure Firewall implementationConfigure VPN forced tunnelingCreate User Defined Routes and Network Virtual AppliancesExplore hub and spoke topologyPerform try-this exercisesKnowledge checkSummaryModule 2: Configure network securityIntroductionExplore Network Security Groups (NSG)Deploy a Network Security Groups implementationCreate Application Security GroupsEnable service endpointsConfigure service endpoint servicesDeploy private linksImplement an Azure application gatewayDeploy a web application firewallConfigure and manage Azure front doorReview ExpressRoutePerform try-this exercisesKnowledge checkSummaryModule 3: Configure and manage host securityIntroductionEnable endpoint protectionDefine a privileged access device strategyDeploy privileged access workstationsCreate virtual machine templatesEnable and secure remote access managementConfigure update managementDeploy disk encryptionDeploy and configure Windows DefenderExplore Microsoft Defender for Cloud recommendationsSecure Azure workloads with Azure Security BenchmarksPerform Try-This exercisesKnowledge checkSummaryModule 4: Enable Containers securityIntroductionExplore containersConfigure Azure Container Instances security​Manage security for Azure Container Instances (ACI)​Explore the Azure Container Registry (ACR)​Enable Azure Container Registry authenticationReview Azure Kubernetes Service (AKS)​Implement an Azure Kubernetes Service architecture​Configure Azure Kubernetes Service networking​Deploy Azure Kubernetes Service storage​Secure authentication to Azure Kubernetes Service with Active Directory​Manage access to Azure Kubernetes Service using Azure role-based access controlsKnowledge checkSummary Read more