SC-5002: Secure Azure Services and Workloads with Microsoft Defender for Cloud Regulatory Compliance Controls

Overview This class provides essential knowledge and skills for leveraging Microsoft Defender for Cloud to secure Azure services and workloads. Participants will learn to streamline regulatory compliance, enhance security monitoring, manage network security, and implement advanced threat protection. The course covers practical, hands-on modules on enabling Defender for Cloud, configuring network security, setting up Log Analytics workspaces, and more. _ By completing this class, attendees will gain a comprehensive understanding of Defender for Cloud's capabilities and how to apply them to protect cloud-based applications effectively. This course is ideal for those looking to enhance their cloud security knowledge and ensure compliance with regulatory standards. Audience Profile This class is designed for IT professionals, security analysts, and cloud administrators responsible for managing and securing Azure environments. It's also suitable for those involved in regulatory compliance and cloud security operations. Prerequisites None. COURSE OUTLINE Module 1: Examine Defender for Cloud regulatory compliance standards Regulatory compliance standards in Defender for Cloud Microsoft cloud security benchmark in Defender for Cloud Improve your regulatory compliance in Defender for Cloud Module 2: Enable Defender for Cloud on your Azure subscription Connect your Azure subscriptions Exercise - Enable Defender for Cloud on your Azure subscription Module 3: Filter network traffic with a network security group using the Azure portal Azure resource group Azure Virtual Network How network security groups filter network traffic Application security groups Exercise - Create a virtual network infrastructure Module 4: Create a Log Analytics workspace for Microsoft Defender for Cloud Log Analytics workspace Exercise - Create a Log Analytics workspace for Microsoft Defender for Cloud Module 5: Configure and integrate a Log Analytics agent and workspace in Defender for Cloud Collect data from your workloads with the Log Analytics agent Configure the Log Analytics agent and workspace Exercise - Configure and integrate a Log Analytics agent and workspace agent in Defender for Cloud Module 6: Explore just-in-time virtual machine access Understand just-in-time virtual machine access Enable just-in-time access on virtual machines Exercise - Enable just-in-time access on virtual machines Module 7: Configure Azure Key Vault networking settings Azure Key Vault basic concepts Best practices for Azure Key Vault Azure Key Vault network security Configure Azure Key Vault firewalls and virtual networks Exercise - Configure Key Vault networking settings Azure Key Vault soft delete overview Virtual network service endpoints for Azure Key Vault Exercise - Perform soft-delete and purge protection key vault recovery Module 8: Connect an Azure SQL server using an Azure Private Endpoint using the Azure portal Azure Private Endpoint Azure Private Link Exercise - Connect to an Azure SQL server using an Azure Private Endpoint using the Azure portal