Microsoft Cybersecurity Architect

A tanfolyamon a hallgatók megtanulják, hogyan tervezzenek és építsenek megoldásokat Zero Trust elvek alapján, és hogyan határozzák meg a felhő infrastruktúrájára vonatkozó biztonsági követelményeket a különböző szolgáltatási modellekben (SaaS, PaaS; IaaS).

 A tanfolyam célja, hogy a résztvevők felkészítése a kiberbiztonsági stratégiák tervezésére.

A tanfolyamot tapasztalt felhőbiztonsági mérnökök számára ajánljuk.

A tanfolyamon résztvevőknek speciális tapasztalattal és tudással kell rendelkeznie a biztonságtechnikai témakörben: identitás- és hozzáférésvédelem, platformvédelem, biztonsági műveletek, adatok és alkalmazások biztonsága.

• Introduction to Zero Trust and best practice frameworks
  • Introduction to best practices
  • Introduction to Zero Trust
  • Zero Trust RaMP initiatives
  • Zero Trust technology pillars
• Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)
  • Define a security strategy
  • Introduction to Cloud Adoption Framework
  • Cloud Adoption Framework―secure methodology
  • Introduction to Azure landing zones
  • Design security with Azure landing zones
  • Introduction to Well-Architected Framework
  • Well-Architected Framework―security pillar
  • Solutions with CAF and WAF
• Design solutions that align with the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft cloud security benchmark (MCSB)
  • Introduction to MCRA and MCSB
  • Design solutions with best practices for capabilities and controls
  • Design solutions with best practices for attack protection
• Design a resiliency strategy for common cyberthreats like ransomware
  • Common cyberthreats and attack patterns
  • Support business resiliency
  • Ransomware protection
  • Configurations for secure backup and restore
  • Security updates
• Design solutions for regulatory compliance
  • Introduction to regulatory compliance
  • Translate compliance requirements into a security solution
  • Address compliance requirements with Microsoft Purview
  • Address privacy requirements with Microsoft Priva
  • Use Azure Policy to address security and compliance requirements
  • Evaluate infrastructure compliance by using Microsoft Defender for Cloud
• Identity and access management
  • Introduction to identity and access management
  • Design cloud, hybrid and multicloud access strategies (including Microsoft Entra ID
  • Design a solution for external identities
  • Design modern authentication and authorization strategies
  • Align Conditional Access and Zero Trust
  • Design a solution to manage secrets, keys and certificates
• Privileged access
  • Introduction to privileged access
  • Enterprise access model
  • Design identity governance solutions
  • Design a solution for securing administration of cloud tenants
  • Design for cloud infrastructure entitlement management (CIEM)
  • Design a solution for privileged access workstations and bastion services
• Security operations
  • Introduction to security operations (SecOps)
  • Design security operations capabilities in hybrid and multicloud environments
  • Design centralized logging and auditing
  • Design SIEM solutions
  • Design solutions for detection and response
  • Design a solution for SOAR
  • Design security workflows
  • Design threat detection coverage
• Securing Microsoft 365
  • Security for Exchange, Sharepoint, OneDrive and Teams (M365)
  • Evaluate security posture for collaboration and productivity workloads
  • Design a Microsoft Defender 365 solution
  • Design configurations and operational practices for M365
• Securing applications
  • Intro to App Security
  • Design and implement standards to secure application development
  • Evaluate security posture of existing application portfolios
  • Design security life cycle strategy for applications
  • Design a solution for API management and security
  • Design a solution for secure access to applicationsSecuring containerized applications
• Securing an organization’s data
  • Intro to data security
  • Design a solution for data discovery and classification using Microsoft Purview
  • Design a solution for protection of data at rest, data in motion, and data in use
  • Data security in Azure workloads
  • Security for Azure Storage
  • Defender for SQL and Defender for Storage
• Specify requirements for securing SaaS, PaaS, and IaaS services
  • Securing SaaS, PaaS and IaaS (shared responsibility model)
  • Security baselines for cloud services
  • Specify security requirements for web workloads
  • Specify security requirements for containers and container orchestration
• Security posture management in hybrid and multicloud environments
  • Introduction to Hybrid and Multi-cloud environments
  • Posture evaluation with MCSB
  • Overview of posture evaluation with Defender for Cloud
  • Posture evaluation with Microsoft Defender for Cloud secure score
  • Design posture management and workload protection in hybrid and multi-cloud environments
  • Design cloud workload protection solutions that use Microsoft Defender for Cloud
  • Design a solution for integrating hybrid and multi-cloud environments by using Azure Arc
  • External attack surface management
  • Evaluate infrastructure compliance by using Microsoft Defender for Cloud
  • Microsoft Defender for IoT
• Securing server and client endpoints
  • Introduction to endpoint security
  • Specify server security requirements and baselines
  • Specify requirements for mobile devices and clients
  • Specify IoT and embedded device security requirements
  • Specify security baselines for server and client endpoints
  • Design a solution for secure remote access
• Evaluate solutions for network security and Security Service Edge (SSE)
  • Evaluate network designs to align with security requirements and best practices
  • Evaluate solutions that use Microsoft Entra Internet Access
  • Evaluate solutions that use Microsoft Entra Private Access

• SC-200T00 - Microsoft Security Operations Analyst
• SC-900T00 - Microsoft Security, Compliance, and Identity Fundamentals