This is an advanced, expert-level course. Although not required to attend, students are strongly encouraged to have taken and passed another associate level certification in the security, compliance and identity portfolio (such as AZ-500, SC-200 or SC-300) before attending this class. This course prepares students with the expertise to design and evaluate cybersecurity strategies in the following areas: Zero Trust, Governance Risk Compliance (GRC), security operations (SecOps), and data and applications. Students will also learn how to design and architect solutions using zero trust principles and specify security requirements for cloud infrastructure in different service models (SaaS, PaaS, IaaS).
- Price: $2,380.00
- Duration: 1 day
- Delivery Methods: Virtual
| Date | Time | Price | Option |
|---|---|---|---|
| Please contact us at info@toptalentlearning.com or 469-721-6100 for this course schedule. |
For questions call: (469) 721-6100
Why choose
TOPTALENT?
- Get assistance every step of the way from our Texas-based team, ensuring your training experience is hassle-free and aligned with your goals.
- Access an expansive range of over 3,000 training courses with a strong focus on Information Technology, Business Applications, and Leadership Development.
- Have confidence in an exceptional 95% approval rating from our students, reflecting outstanding satisfaction with our course content, program support, and overall customer service.
- Benefit from being taught by Professionally Certified Instructors with expertise in their fields and a strong commitment to making sure you learn and succeed.
1 – Introduction to Zero Trust and best practice frameworks
- Zero Trust initiatives
- Zero Trust technology pillars part 1
- Zero Trust technology pillars part 2
2 – Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)
- Define a security strategy
- Cloud Adoption Framework secure methodology
- Design security with Azure Landing Zones
- The Well-Architected Framework security pillar
3 – Design solutions that align with the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft cloud security benchmark (MCSB)
- Design solutions with best practices for capabilities and controls
- Design solutions with best practices for attack protection
4 – Design a resiliency strategy for common cyberthreats like ransomware
- Common cyberthreats and attack patterns
- Support business resiliency
- Ransomware protection
- Configurations for secure backup and restore
- Security updates
5 – Case study: Design solutions that align with security best practices and priorities
- Case study description
- Case study answers
- Conceptual walkthrough
- Technical walkthrough
6 – Design solutions for regulatory compliance
- Translate compliance requirements into a security solution
- Address compliance requirements with Microsoft Purview
- Address privacy requirements with Microsoft Priva
- Address security and compliance requirements with Azure policy
- Evaluate infrastructure compliance with Defender for Cloud
7 – Design solutions for identity and access management
- Design cloud, hybrid and multicloud access strategies (including Azure AD)
- Design a solution for external identities
- Design modern authentication and authorization strategies
- Align conditional access and Zero Trust
- Specify requirements to secure Active Directory Domain Services (AD DS)
- Design a solution to manage secrets, keys, and certificates
8 – Design solutions for securing privileged access
- The enterprise access model
- Design identity governance solutions
- Design a solution to secure tenant administration
- Design a solution for cloud infrastructure entitlement management (CIEM)
- Design a solution for privileged access workstations and bastion services
9 – Design solutions for security operations
- Design security operations capabilities in hybrid and multicloud environments
- Design centralized logging and auditing
- Design security information and event management (SIEM) solutions
- Design solutions for detection and response
- Design a solution for security orchestration, automation, and response (SOAR)
- Design security workflows
- Design threat detection coverage
10 – Case study: Design security operations, identity and compliance capabilities
- Case study description
- Case study answers
- Conceptual walkthrough
- Technical walkthrough
11 – Design solutions for securing Microsoft 365
- Evaluate security posture for collaboration and productivity workloads
- Design a Microsoft 365 Defender solution
- Design configurations and operational practices for Microsoft 365
12 – Design solutions for securing applications
- Design and implement standards to secure application development
- Evaluate security posture of existing application portfolios
- Evaluate application threats with threat modeling
- Design security lifecycle strategy for applications
- Secure access for workload identities
- Design a solution for API management and security
- Design a solution for secure access to applications
13 – Design solutions for securing an organization’s data
- Design a solution for data discovery and classification using Microsoft Purview
- Design a solution for data protection
- Design data security for Azure workloads
- Design security for Azure Storage
- Design a security solution with Microsoft Defender for SQL and Microsoft Defender for Storage
14 – Case study: Design security solutions for applications and data
- Case study description
- Case study answers
- Conceptual walkthrough
- Technical walkthrough
15 – Specify requirements for securing SaaS, PaaS, and IaaS services
- Specify security baselines for SaaS, PaaS, and IaaS services
- Specify security requirements for web workloads
- Specify security requirements for containers and container orchestration
16 – Design solutions for security posture management in hybrid and multicloud environments
- Evaluate security posture by using Microsoft Cloud Security Benchmark
- Design integrated posture management and workload protection
- Evaluate security posture by using Microsoft Defender for Cloud
- Posture evaluation with Microsoft Defender for Cloud secure score
- Design cloud workload protection with Microsoft Defender for Cloud
- Integrate hybrid and multicloud environments with Azure Arc
- Design a solution for external attack surface management
17 – Design solutions for securing server and client endpoints
- Specify server security requirements
- Specify requirements for mobile devices and clients
- Specify internet of things (IoT) and embedded device security requirements
- Secure operational technology (OT) and industrial control systems (ICS) with Microsoft Defender for IoT
- Specify security baselines for server and client endpoints
- Design a solution for secure remote access
18 – Design solutions for network security
- Design solutions for network segmentation
- Design solutions for traffic filtering with network security groups
- Design solutions for network posture management
- Design solutions for network monitoring
19 – Case study: Design security solutions for infrastructure
- Case study description
- Case study answers
- Conceptual walkthrough
- Technical walkthrough
This course is for experienced cloud security engineers who have taken a previous certification in the security, compliance and identity portfolio. Specifically, students should have advanced experience and knowledge in a wide range of security engineering areas, including identity and access, platform protection, security operations, securing data, and securing applications. They should also have experience with hybrid and cloud implementations. Beginning students should instead take the course SC-900: Microsoft Security, Compliance, and Identity Fundamentals.
- Highly recommended to have attended and passed one of the associate level certifications in the security, compliance and identity portfolio (such as SC-300T00: Microsoft Identity and Access Administrator).
- Advanced experience and knowledge in identity and access, platform protection, security operations, securing data and securing applications.
- Experience with hybrid and cloud implementations.
Ten (10) business days’ notice is required to reschedule a class with no additional fees. Notify TOPTALENT LEARNING as soon as possible at 469-721-6100 or by written notification to info@toptalentlearning.com to avoid rescheduling penalties.
Please contact our team at 469-721-6100; we will gladly guide you through the online purchasing process.
You will receive a receipt and an enrollment confirmation sent to the email you submitted at purchase. Your enrollment email will have instructions on how to access the class. Any additional questions our team is here to support you. Please call us at 469-721-6100.
If a student is 15 minutes late, they risk losing their seat to a standby student. If a student is 30 minutes late or more, they will need to reschedule. A no-show fee will apply. Retakes are enrolled on a stand-by basis. The student must supply previously issued courseware. Additional fees may apply.
You will receive a ‘Certificate of Completion’ once you complete the class. If you purchased an exam voucher for the class, a team member from TOPTALENT LEARNING will reach out to discuss your readiness for the voucher and make arrangements to send it.
