SC-100 |

Microsoft Cybersecurity Architect

Descrizione

Questo corso è di livello avanzato e prepara i partecipanti negli ambiti della progettazione e della valutazione delle strategie di cybersecurity nelle aree seguenti: Zero Trust, Governance Risk Compliance (GRC), operazioni di sicurezza (SecOps). Gli studenti apprenderanno anche come creare progetti e architetture di soluzioni usando i principi di Zero Trust e come specificare i requisiti di sicurezza per l'infrastruttura cloud nei diversi modelli di servizio (SaaS, PaaS, IaaS).

Dettagli Corso

PERSONALIZZA:
Promozioni:
Calendario:
Sede:
Milano, Roma, Padova, Online
LIVELLO:
Avanzato
PREZZO:
1.600€ IVA esclusa
DURATA:
4 giorni

Destinatari

Questo corso è destinato ai tecnici della sicurezza cloud con esperienza pregressa in ambito di sicurezza, conformità e identità. In particolare, gli studenti devono avere esperienza e conoscenza avanzate in un'ampia gamma di aree di progettazione della sicurezza, tra cui identità e accesso, protezione della piattaforma, operazioni di sicurezza, protezione dei dati e protezione delle applicazioni. È consigliabile che abbiano anche esperienza nelle implementazioni cloud e ibride.

Obiettivi

Al termine del corso  i partecipanti saranno in grado di:

  • progettare una strategia e un’architettura Zero Trust
  • valutare le strategie tecniche di Governance Risk Compliance (GRC) e le strategie operative di sicurezza
  • progettare la sicurezza per l’infrastruttura
  • progettare una strategia per i dati e le applicazioni

Il corso, di livello avanzato, presuppone la frequenza (consigliata e non obbligatoria) di un corso di livello base-intermedio (ad esempio AZ-500, SC-200 o SC-300) o un buon livello di competenza pregressa. Nello specifico, sono richieste le seguenti competenze:

  • Conoscenza dei concetti relativi a criteri di sicurezza, requisiti, architettura Zero Trust e gestione degli ambienti ibridi.
  • Esperienza pratica con strategie Zero Trust, applicazione di criteri di sicurezza e sviluppo di requisiti di sicurezza in base agli obiettivi aziendali.
  • Esperienza e conoscenza avanzate in materia di identità e accesso, protezione della piattaforma, operazioni di sicurezza, protezione dei dati e protezione delle applicazioni.
  • Esperienza con implementazioni cloud e ibride.

Module 1: Introduction to Zero Trust and best practice frameworks

  • Introduction to best practices
  • Introduction to Zero Trust
  • Zero Trust RaMP initiatives
  • Zero Trust technology pillars

 

Module 2: Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)

  • Define a security strategy
  • Introduction to Cloud Adoption Framework
  • Cloud Adoption Framework - Secure Methodology
  • Introduction to Azure Landing Zones
  • Design security with Azure Landing Zones
  • Introduction to Well Architected Framework
  • Well Architected Framework - Security Pillar
  • Solutions with CAF and WAF

 

Module 3: Design solutions that align with the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft cloud security benchmark (MCSB)

  • Introduction to MCRA and MCSB
  • Design solutions with best practices for capabilities and controls
  • Design solutions with best practices for attack protection

 

Module 4: Design a resiliency strategy for common cyberthreats like ransomware

  • Common cyberthreats and attack patterns
  • Support business resiliency
  • Ransomware protection
  • Configurations for secure backup and restore
  • Security updates

 

Module 5: Design solutions for regulatory compliance

  • Introduction to Regulatory compliance
  • Translate compliance requirements into a security solution
  • Address compliance requirements with Purview
  • Address privacy requirements with Priva
  • Use Azure Policy to address security and compliance requirements
  • Evaluate infrastructure compliance by using Microsoft Defender for Cloud

 

Module 6: Design solutions for identity and access management

  • Introduction to Identity and Access Management
  • Design cloud, hybrid and multi-cloud access strategies (including Azure AD)
  • Design a solution for external identities
  • Design modern authentication and authorization strategies
  • Align conditional access and Zero Trust
  • Design a solution to manage secrets, keys and certificates

 

Module 7: Design solutions for securing privileged access

  • Introduction to privileged access
  • Enterprise access model
  • Design identity governance solutions
  • Design a solution for securing administration of cloud tenants
  • Design for cloud infrastructure entitlement management (CIEM)
  • Design a solution for privileged access workstations and bastion services

 

Module 8: Design solutions for security operations

  • Introduction to Security operations (SecOps)
  • Design security operations capabilities in hybrid and multicloud environments
  • Design centralized logging and auditing
  • Design SIEM solutions
  • Design solutions for detection and response
  • Design a solution for SOAR
  • Design security workflows
  • Design threat detection coverage

 

Module 9: Design solutions for securing Microsoft 365

  • Security for Exchange, Sharepoint, OneDrive and Teams (M365)
  • Evaluate security posture for collaboration and productivity workloads
  • Design a Microsoft Defender 365 solution
  • Design configurations and operational practices for M365

 

Module 10: Design solutions for securing applications

  • Intro to App Security
  • Design and implement standards to secure application development
  • Evaluate security posture of existing application portfolios
  • Design security lifecycle strategy for applications
  • Design a solution for API management and security
  • Design a solution for secure access to applications
  • Securing containerized applications

 

Module 11: Design solutions for securing an organization's data

  • Intro to data security
  • Design a solution for data discovery and classification using Microsoft Purview
  • Design a solution for protection of data at rest, data in motion, and data in use
  • Data security in Azure workloads
  • Security for Azure Storage
  • Defender for SQL and Defender for Storage

 

Module 12: Specify requirements for securing SaaS, PaaS, and IaaS services

  • Securing SaaS, PaaS and Iaas (Shared responsibility model)
  • Security baselines for cloud services
  • Specify security requirements for web workloads
  • Specify security requirements for containers and container orchestration

 

Module 13: Design solutions for security posture management in hybrid and multi-cloud environments

  • Introduction to hybrid and multicloud environments
  • Posture evaluation with MCSB
  • Overview of posture evaluation with Defender for Cloud
  • Posture evaluation with Microsoft Defender for Cloud secure score
  • Design posture management and workload protection in hybrid and multicloud environments
  • Design cloud workload protection solutions that use Microsoft Defender for Cloud
  • Design a solution for integrating hybrid and multicloud environments by using Azure Arc
  • External attack surface management
  • Evaluate infrastructure compliance by using Microsoft Defender for Cloud
  • Microsoft Defender for IoT

 

Module 14: Design solutions for securing server and client endpoints

  • Introduction to endpoint security
  • Specify server security requirements and baselines
  • Specify requirements for mobile devices and clients
  • Specify IoT and embedded device security requirements
  • Specify security baselines for server and client endpoints
  • Design a solution for secure remote access

 

Module 15: Design solutions for network security

  • Design solutions for network segmentation
  • Design solutions for traffic filtering with network security groups
  • Design solutions for network posture management
  • Design solutions for network monitoring

 

Recensioni

Lascia una recensione

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *

Corso personalizzato?

Mai stato così semplice!
Microsoft Cybersecurity Architect su misura per te

Calendario

Richiedi informazioni

Mai stato così semplice!
Microsoft Cybersecurity Architect su misura per te