Identify and understanding cloud computing concepts and definitions based on industry standards – ISO/IEC 17788 and NIST.
Understand how security models like zero trust architecture (ZTA) relate to organisational strategies and help to drive a consistent approach to manging cloud services.
Consider the threat landscape for cloud services and the common challenges faced by digital transformation and the modern workplace.
2. Microsoft 365 & Modern Workplace (Office 365, EMS, E3 & E5):
Understand the productivity features of Microsoft 365 including identity, user, device & data management.
Cover the key licensing differences across the Microsoft 365 suite including Office 365, Enterprise Mobility & Security, and specific security SKU’s.
Understanding how application protection works across SaaS applications and Microsoft 365.
Discovering cloud applications and services and conducting effective risk management of cloud services.
Reviewing activity and creating alert rules using MCAS.
6. Data Governance & Records Management (AIP, Compliance Portal):
Understanding data governance and data management principles and requirements.
Demonstrate Azure Information Protection to provide data compliance in Microsoft 365
Implement Sensitivity Labels and Retention Policies and configure auto classification.
Understand auditing and forensic analysis using eDiscovery.
Review different capabilities of AIP P1 & P2 licensing.
LAB: Learn how to deploy data loss protection alert rules for compliance.
7. Device Protection & Management (Defender ATP & Intune)
Understand the key capabilities around device management using Microsoft Endpoint Manager.
Define a device management strategy across computing and mobile devices including the differences between mobile application management and full mobile device management.
Configure Intune for mobile and computing device management and establish protection policies.
Review Defender ATP and advanced endpoint protection and integration with end to end management in Microsoft 365.
8. Azure Security Overview:
Understanding Azure services and capabilities and the relationship to Microsoft 365.
Key concepts around role-based access control, subscription management and management groups.
Using Azure Security Center for IaaS and PaaS and on-premises workload management and defining effective security operating models to support DevSecOps in Azure.
Advanced security capabilities in Azure including network security configuration, WAF and Firewall capabilities.
Using Azure Security Center for end to end compliance monitoring and reporting and integration into Microsoft 365.
9. Modern Security Operations:
Understand security operating models and the challenges faced by managing cloud-based security operations.
Clearly define the roles & responsibilities for an effective cloud operating model across productivity services, cloud services, development teams and security.
Implement Azure Sentinel for log management, alerting and incident management.
Learn how to configure data connectors, create dashboards, run queries, and create alert rules.
Review end to end incident management using Microsoft Threat Protection (MTP) and Azure Sentinel.