Module 1: Identity and Access
Azure Active Directory
- Azure AD Feature
- Azure AD vs AD DS
- Roles for Azure AD
- Azure AD Domain Services
- Azure AD Users
- Azure AD Groups
- Administrative Units
- Passwordless
Hybrid Identity
- Azure AD Connect
- Azure AD Connect cloud sync
- Authentication Option
- Password Hash Synchronization (PHS)
- Pass-through Authentication (PTA)
- Federation with Azure AD
- Authentication Decision Tree
- Password Writeback
Azure AD Identity Protection
- Azure AD Identity Protection
- Risk Events
- User Risk Policy
- Sign-in Risk Policy
- Azure MFA concepts
- Azure AD Conditional Access
- Conditions
- Access Reviews
Azure AD Privileged Protection
- Microsoft's Zero Trust Model
- Microsoft Identity Management Evolution
- PIM Feature
- PIM Scope
- PIM Onboarding
- PIM Configuration Settings
- PIM Workflow
Enterprise Governance
- Shared Responsibility Model
- Azure Cloud Security Advantages
- Azure Hierarchy
- Azure Policy
- Azure Role-Based Access Control (RBAC)
- Azure RBAC vs Azure Policies
- Built-in Roles
- Resource Locks
- Azure Blueprints
- Azure Subscription Management
Module 2: Implement Platform Protection
Perimeter Security
- Defense in Depth
- Virtual Network Security
- Distributed Denial of Service (DDoS)
- DDoS Implementation
- Azure Firewall Features
- Azure Firewall Implementation
- VPN Forced Tunneling
- UDRs and NVAs
Network Security
- Network Security Groups (NSG)
- NSG Implementation
- Application Security Groups
- Service Endpoints
- Private Endpoints
- Azure Application Gateway
- Web Application Firewall
- Azure Front Door
- ExpressRoute
Host Security
- Endpoint Protection
- Privileged Access Workstations
- Virtual Machine Templates
- Remote Access Management
- Update Management
- Disk Encryption
- Microsoft Defender
- Security Center Recommendations
- Securing Azure Workloads
Container Security
- Containers
- ACI Security
- Azure Container Instances (ACI)
- Azure Container Registry (ACR)
- ACR Authentication
- Azure Kubernetes Service (AKS)
- AKS Terminology
- AKS Architecture
- AKS Networking
- AKS Storage
- AKS and Active Directory
Module 03: Data and Application Security
Azure Key Vault
- Azure Key Vault Features
- Key Vault Access
- Key Vault Example
- Key Vault Certificates
- Key Vault Keys
- Customer Managed Keys
- Key Vault Secrets
- Key Rotation
Application Security
- Microsoft Identity Platform
- Azure AD Application Scenarios
- App Registration
- Microsoft Graph Permissions
- Managed Identities
- Web App Certificates
Storage Security
- Data Sovereignty
- Azure Storage Access
- Shared Access Signatures
- Azure AD Storage Authentication
- Storage Service Encryption
- Blob Data Retention Policies
- Azure Files Authentication
- Secure Transfer Required
Database Security
- SQL Database Authentication
- SQL Database Firewalls
- Database Auditing
- Data Discovery and Classification
- Vulnerability Assessment
- Advanced Threat Protection
- Dynamic Data Masking
- Transparent Data Encryption
- Always Encrypted
Module 04: Security Operations
Azure Monitor
- Azure Monitor
- Metrics and Logs
- Log Analytics
- Connected Sources
- Azure Monitor Alerts
- Diagnostic Logging
Azure Security Center
- Cyber Kill Chain
- Azure Security Center Features
- Security Center Policies
- Security Center Recommendations
- Secure Score
- Brute Force Attacks
- Just in Time Virtual Machine Access
Azure Sentinel
- Azure Sentinel
- Data Connections
- Workbooks
- Incidents
- Playbooks
- Hunting