Overview
This workshop guides you in securing Azure services and workloads using Microsoft Cloud Security Benchmark controls in Microsoft Defender for Cloud via the Azure portal.
Prerequisites
- Practical experience in administration of Microsoft Azure and hybrid environments.
- Strong familiarity with compute, network, and security in Azure, as well as Microsoft Entra ID.
- Familiarity with security management and vulnerability remediation techniques.
- Knowledge of threat modeling and implementation of threat protection measures.
Outline
Module 1: Filter network traffic with a network security group using the Azure portal
In this module, we will focus on filtering network traffic using Network Security Groups (NSGs) in the Azure portal. Learn how to create, configure, and apply NSGs for improved network security.
- Introduction
- Azure resource group
- Azure Virtual Network
- How network security groups filter network traffic
- Application security groups
- Exercise - Create a virtual network infrastructure
- Knowledge check
- Summary
Module 2: Create a Log Analytics workspace for Microsoft Defender for Cloud
In this module, you'll discover how to create a Log Analytics workspace in the Azure portal for Microsoft Defender for Cloud, improving data collection and security analysis.
- Introduction
- Defender for Cloud monitoring components
- Exercise - Create a workspace
- Knowledge check
- Summary
Module 3: Set up Microsoft Defender for Cloud
In this module, you'll learn how to implement Microsoft Defender for Cloud using the Azure portal, to strengthen security and threat detection in your Azure environment.
- Introduction
- Implement Microsoft Defender for Cloud
- Security posture
- Workload protections
- Deploy Microsoft Defender for Cloud
- Exercise - Enable Defender for Cloud on your Azure subscription
- Azure Arc
- Azure Arc capabilities
- Microsoft cloud security benchmark
- Improve your regulatory compliance.
- Configure Microsoft Defender for Cloud policies
- View and edit security policies
- Manage and implement Microsoft Defender for Cloud recommendations
- Explore secure score
- MITRE Attack matrix
- Define brute force attacks
- Understand just-in-time VM access
- Implement just-in-time VM access
- Exercise - Enable just-in-time access on Virtual Machines
- Knowledge check
- Summary
Module 4: Configure and integrate a Log Analytics agent and workspace in Defender for Cloud
This module will guide you to configure and integrate a Log Analytics agent with a workspace in Defender for Cloud via the Azure portal, boosting security analysis.
- Introduction
- Collect data from your workloads with the Log Analytics agent
- Configure the Log Analytics agent and workspace
- Exercise - Collect data from your workloads with the Log Analytics agent
- Knowledge check
- Summary
Module 5: Configure Azure Key Vault networking settings
In this module, you'll learn to configure Azure Key Vault networking settings via the Azure portal, ensuring secure and controlled access to your stored secrets.
- Introduction
- Azure Key Vault basic concepts
- Best practices for Azure Key Vault
- Azure Key Vault security
- Configure Azure Key Vault firewalls and virtual networks
- Exercise - Configure Key Vault firewall and virtual networks
- Azure Key Vault soft delete overview
- Virtual network service endpoints for Azure Key Vault
- Exercise - Configure Azure Key Vault recovery management with soft delete and purge protection
- Knowledge check
- Summary
Module 6: Connect an Azure SQL server using an Azure Private Endpoint using the Azure portal
This module will guide you on securely connecting an Azure SQL server via Azure Private Endpoint in the Azure portal, enhancing data communication security.
- Introduction
- Azure Private Endpoint
- Azure Private Link1
- Exercise - Deploy a virtual machine to test connectivity privately and securely to the SQL server across the private endpoint
- Knowledge check
- Summary
Frequently asked questions
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.