SC-100 Microsoft Cybersecurity Architect course with sims | Udemy

We really hope you’ll agree, this training is way more then the average course on Udemy!

Have access to the following:

• Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer
• Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material
• Instructor led hands on and simulations to practice that can be followed even if you have little to no experience

TOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS:

Design a resiliency strategy for ransomware & other attacks based on MS Security

• Working with business resiliency goals, identifying and prioritizing threats
• MS ransomware best practices, including backup, restore, and privileged access
• Secure backup and restore by using Azure Backup
• Security updates using the Azure Update Manager

Design solutions that align with the MCRA and MCSB

• Concepts of cybersecurity capabilities and controls using Zero Trust security
• Concepts of MS Defender for protecting against insider and external attacks
• Navigating the Microsoft Defender and Microsoft Purview admin centers
• Understanding insider risk policies as a mitigation solution
• Implementing insider risk management policies in Microsoft Purview
• Using the Zero Trust Rapid Modernization Plan (RaMP) as your security strategy

Design solutions that align with the Microsoft CAF and WAF Frameworks

• Security and governance based on Microsoft Cloud Adoption Framework (CAF)
• Security and governance based on Microsoft Azure Well-Architected Framework
• Using Azure landing zones for implementing and governing security
• The DevSecOps process model

Design solutions for security operations

• Security operations capabilities to support a hybrid or multicloud environment
• Requirements for centralized logging and auditing
• Setting audit permissions and enabling support
• Perform threat hunting by with audit logging
• Understanding the Kusto Query Language (KQL) for use in threat hunting
• Detection and response concepts of extended detection and response (XDR)
• Confirming we understand the concept of Microsoft Sentinel
• Setting up a Log Analytics workspace and Microsoft Sentinel workspace
• Confirming we understand the concepts of SIEM and SOAR
• Visualizing data ingestion for use in Microsoft Sentinel
• Understanding analytic rules in Microsoft Sentinel to support SIEM and SOAR
• Workflow for creating security analytic rules for incident response & management
• Workflow for creating built-in scheduled query rules
• Workflow for creating near-real-time (NRT) analytics rules
• Automation with security orchestration automated response (SOAR)
• Utilizing content gallery hunting queries for threat hunting
• Threat detection coverage by using MITRE ATT&CK

Design solutions for identity and access management

• Understanding SaaS, PaaS, and IaaS, & how it relates to Azure hybrid/on-premise
• Use cases with SaaS, PaaS, & IaaS including identity, networking, applications
• External identities, business-to-business (B2B), & business-to-customer (B2C)
• Managing business-to-business (B2B) settings within Entra ID
• Using Entra ID external identities for a business-to-business (B2B) solution
• Creating a tenant for using business-to-customer (B2C) scenarios
• Decentralized identities with the help of Microsoft Entra Verified ID
• Threat mitigation with sign-in logs in Microsoft Entra ID
• Understanding Entra Identity Protection for continuous access evaluation
• Using Entra Identity Protection for securing authentication and authorization
• Threat intelligence integration from Entra Identity Protection into MS Defender
• Understanding Multi Factor Authentication (MFA)
• Implementing Muti Factor Authentication in Microsoft Entra ID
• Implementing Self Service Password Reset (SSPR) in Microsoft Entra ID
• Understanding Conditional Access Policies with a Zero Trust strategy
• Implementing Conditional Access Policies with a Zero Trust strategy
• Concepts of threat intelligence integration with Defender for Cloud
• Design and configure workflow automation in Microsoft Defender for Cloud
• Setting up email notifications within Defender for Cloud
• Create and manage alert suppression rules
• Generate sample alerts and incidents in Microsoft Defender for Cloud
• Remediate alerts and incidents by using MS Defender for Cloud recommendations
• Manage security alerts and incidents
• Analyze Microsoft Defender for Cloud threat intelligence reports
• Concepts of securing the various types of identities using Defender for Identity
• Hybrid Active Directory Domain Services (ADDS) connections for secure identities
• Creating an Azure Key Vault for secrets, keys, and certificates
• Access control to secrets, keys, and certificates with Azure Key Vault
• Managing secrets, keys, and certificates with Azure Key vault
• Removing key vault services

Design solutions for securing privileged access

• Assigning and delegating privileged roles by using the enterprise access model
• Understanding RBAC for Identity governance & privileged access management
• Implementing RBAC to provide privileged access management in Entra ID & Azure
• Creating a custom RBAC role in Microsoft Entra ID
• Using RBAC to provide access to Azure resources
• Implementing RBAC to provide privileged access management in Microsoft 365
• Understanding Microsoft Entra Privileged Identity Management (PIM)
• Implementing Microsoft Entra Privileged Identity Management (PIM)
• Understanding entitlement management as an identity governance solution
• Creating catalogs for entitlement management
• Implementing entitlement management with Microsoft Entra Permissions Management
• User access request entitlement management to an access package
• Identity governance with access reviews in Microsoft Entra
• Privileged Access Workstation (PAW) and bastion services

Design solutions for regulatory compliance

• Determining compliance requirements for security solution adaptation
• Solutions that address compliance requirements by using Microsoft Purview
• Utilizing Microsoft Priva for privacy requirements
• Creating Privacy Risk Management policies to meet privacy requirements
• Azure Policy solutions to address security and compliance requirements
• Compliance with Microsoft Defender for Cloud

Design solutions for security posture management in hybrid and multicloud

• Security posture with regulatory compliance policies and MCSB
• Security posture with Microsoft Defender for Cloud
• Security posture with Microsoft Secure Score
• Enabling support for Defender for servers within Defender for Cloud
• Enabling Microsoft Defender for Servers as a cloud workload protection solution
• Enabling Microsoft Defender for App Service as a cloud app protection solution
• Integration with hybrid and multicloud environments by using Azure Arc
• Support for Microsoft Defender for DevOps within Defender for Cloud
• Utilizing Microsoft Defender External Attack Surface Management (Defender EASM)

Design solutions for securing server and client endpoints

• Using Microsoft Defender for Endpoint for securing multiple platforms and OS’
• Configuring settings in Microsoft Defender for Endpoint
• Utilizing Microsoft Intune for mobile devices & client for endpoint protection
• Managing security requirements on mobile devices & clients endpoints with Intune
• Using security baselines to secure servers and client endpoints
• IoT, OT and ICS security discovery using Microsoft Defender for IoT
• Secure remote access with Microsoft Entra Global Secure Access

Specify requirements for securing SaaS, PaaS, and IaaS services

• Security baselines for SaaS, PaaS, and IaaS services
• Security in your IoT workloads
• Web workload management with Azure App Service plans
• Creating an Azure App Service plan
• Adding an App Service for web workloads
• Securing web workloads with Azure App Services
• Understanding containers in Azure
• Creating a container instance in Azure
• Securing Azure container instances
• Container orchestration with Azure Kubernetes Service (AKS)
• Scaling container orchestration with Azure Kubernetes Service (AKS)
• Securing container orchestration with Azure Kubernetes Service (AKS)

Design solutions for securing Microsoft 365

• Posture with Microsoft Secure Score & Microsoft Defender for Cloud secure score
• Requirements for a Microsoft 365 Defender security solution
• Secure configuration & operational practices for Microsoft 365 workloads & data

Design solutions for securing applications

• Securing existing application portfolios and business-critical applications
• Standards and practices for securing the application development process
• Considerations for API management and security solutions
• Understanding secure access with Azure Web Application Firewall (WAF)
• Use cases for implementing the Azure Front Door
• Setting up an Azure Web Application Firewall (WAF) & Azure Front Door
• Removing existing resources up to this point

Design solutions for securing an organization’s data

• Understanding data discovery and classification with Purview sensitivity labels
• Managing sensitive info types for a classification data governance solution
• Implementing a data governance & classification solution with sensitivity labels
• Visualizing protection solutions with data at rest, data in motion & data in use
• Understanding the concepts of relational databases
• Setting up an Azure SQL database and connecting with SSMS
• Configuring Azure SQL firewall settings for client connections
• Utilizing Azure SQL dynamic masking
• Utilizing Azure SQL database encryption
• Understanding the concepts of non-relational data and NoSQL
• Setting up an Azure Cosmos DB solution in Azure
• Protection and durability with replication of an Azure Cosmos DB
• Remove existing database resources
• Grasping the purposes of Azure Synapse Analytics
• Registering Azure Synapse as a resource provider
• Creating a SQL DB and server for use with Azure Synapse Analytics
• Adding an Azure Synapse workspace and Data Lake Storage account
• Visualizing the concepts of SQL Pool usage with Azure Synapse Analytics
• Setting up a SQL Pool for usage with Azure Synapse
• Confirming we understand the concepts of Azure Storage accounts
• Creating an Azure Storage account as a data storage solution
• Mitigating threats to data within our Azure Storage account solution
• Enabling Defender for Storage within a Azure Storage account
• Utilizing Microsoft Defender for SQL as a security solution

Conclusion

• Cleaning up resource
• Getting a Udemy certificate
• BONUS Where do I go from here?