Azure Security, Compliance, and Identity Fundamentals Bootcamp

DreamsPlus provides a thorough Azure Security, Compliance, and Identity Fundamentals Bootcamp in Chennai and online that aims to give you the knowledge and skills you need to properly safeguard your Azure environment.

Syllabus 

• Describe the concepts of security, compliance, and identity (10–15%)
• Describe the capabilities of Microsoft Entra (25–30%)
• Describe the capabilities of Microsoft security solutions (35–40%)
• Describe the capabilities of Microsoft compliance solutions (20–25%)

Describe the concepts of security, compliance, and identity (10–15%)

Describe security and compliance concepts

• Explain the concept of shared accountability.
• Explain the defense in detail.
• Explain the Zero Trust concept.
• Describe hashing and encryption.
• Explain the ideas of Governance, Risk, and Compliance (GRC). 

Define identity concepts

• Identify identity as the main defense perimeter.
• Explain the meaning of authentication.
• Define permission.
• Explain identity providers.
• Explain the idea of Active Directory and directory services.
  Explain what the term “federation” means.

Describe the capabilities of Microsoft Entra (25–30%)

Describe function and identity types of Microsoft Entra ID

• Give an explanation of Microsoft Entra ID.
• Describe the different kinds of identities.
• Explain the concept of hybrid identity.

Describe authentication capabilities of Microsoft Entra ID

• Describe the techniques for authentication.
• Describe multi-factor authentication (MFA)
• Describe the features for password management and protection.

Describe access management capabilities of Microsoft Entra ID

• Explain What Conditional Access Is.
• Describe role-based access control (RBAC) and Microsoft Entra roles.

 Describe identity protection and governance capabilities of Microsoft Entra

• Explain the governance of Microsoft Entra ID.
• Explain your access reviews.
• What features does Microsoft Entra Privileged Identity Management offer?
• Explain Entra ID protection for Microsoft.
  
• Describe Permissions Management for Microsoft Entra.

Describe the capabilities of Microsoft security solutions (35–40%)

Describe core infrastructure security services in Azure

• Explain Azure’s protection against distributed denial-of-service (DDoS).
• Explain the Azure Firewall.
• The Web Application Firewall (WAF) is described.
• Explain how to segment a network using Azure virtual networks.
• Describe the NSGs, or network security groups.
• Explain the Azure Bastion.
• Explain what Azure Key Vault is.

Describe security management capabilities of Azure

• Give an overview of Microsoft Defender for Cloud.
• Explain the concept of cloud security posture management (CSPM). 
• How security activities and policies enhance the cloud security posture.
• Describe the improved security features that cloud workload protection offers.

Describe capabilities of Microsoft Sentinel

• The terms “security orchestration automated response” (SOAR) and “security information and event management” (SIEM) should be defined.
• Describe threat detection and mitigation capabilities in Microsoft Sentinel

Describe threat protection with Microsoft Defender XDR

• Describe Microsoft Defender XDR services
• Describe Office 365’s Microsoft Defender.
• Explain Microsoft Endpoint Defense.
• Explain Microsoft Cloud Apps Defender.
• Describe Microsoft Defender for Identity
  
• Describe vulnerability management for Microsoft Defender.
• Provide an explanation of Microsoft Defender Threat Intelligence (Defender TI).
• Describe the Microsoft Defender portal.

Describe the capabilities of Microsoft compliance solutions (20–25%)

Describe Microsoft Service Trust Portal and privacy principles

• Explain the offerings of the Service Trust Portal.
• Describe Microsoft’s privacy policies.
• Describe Microsoft Priva

Describe compliance management capabilities of Microsoft Purview

• Describe the Microsoft Purview compliance portal
• Explain the Compliance Manager
• Explain the purposes and advantages of the compliance score.

Describe information protection, data lifecycle management, and data governance capabilities of Microsoft Purview

• Describe the capability for data classification.
• Explain the advantages of Activity and Content Explorers. Describe sensitivity labels and policies.
• Describe data loss prevention (DLP).
• Describe records management.
• Explain the record-keeping process.
• Explain labels for retention, policies for retention, and policies for retention labels.
• Explain Microsoft’s unified data governance solutions.

Describe insider risk, eDiscovery, and audit capabilities in Microsoft Purview

• Explain the concept of insider risk management.
• Explain the eDiscovery options available in Microsoft Purview
• Describe the Microsoft Purview audit solutions.

Azure Security Hands-on Experience

1. Implement Security Best Practices:
   • Configure RBAC for least privilege access.
   • Enable MFA for enhanced security.
   • Apply conditional access policies.
2. Configure Compliance Settings:
   • Set up policies to meet regulatory standards.
   • Monitor and audit compliance with Azure Policy.
3. Manage Identity and Access:
   • Control access with Azure AD.
   • Implement secure authentication methods.
4. Monitor and Respond to Threats:
   • Use Azure Security Center for threat detection.
   • Set up alerts and automate responses to security incidents.