Secure Azure services and workloads with Defender for Cloud regulatory compliance controls

Onderwerpen

Examine Defender for Cloud regulatory compliance standards

• Understand how to use Microsoft Defender for Cloud’s compliance management dashboard.
• Identify and interpret key regulatory compliance standards applicable to your industry.
• Implement and manage compliance controls within Microsoft Defender for Cloud.
• Conduct regular compliance assessments and generate comprehensive compliance reports.

Enable Defender for Cloud on your Azure subscription

• Learn how to connect your Azure subscriptions to Microsoft Defender for Cloud.
• Understand the benefits of integrating Azure subscriptions for enhanced security monitoring.
• Explore methods to manage and ensure compliance across connected Azure subscriptions.
• Gain skills to implement best practices for threat protection within your Azure environment.

Filter network traffic with a network security group using the Azure portal

• Understand the purpose and benefits of using Azure NSG to filter network traffic.
• Learn how to create and configure NSGs to enforce access controls for Azure resources.
• Gain insights into how NSGs can be used to allow or deny specific types of traffic based on source, destination, and port.
• Understand how to prioritize NSG rules and leverage Azure NSG flow logs for monitoring and troubleshooting.
• Recognize the role of NSGs in implementing network security best practices in Azure.

Create a Log Analytics workspace for Microsoft Defender for Cloud

• Understand the importance of a centralized logging solution like Azure Log Analytics workspace for Microsoft Defender for Cloud.
• Learn how to create and configure a Log Analytics workspace in Azure.
• Gain insights into collecting and analyzing security data from Microsoft Defender for Cloud within the Log Analytics workspace.
• Understand how to create custom queries and alerts to proactively detect security threats and incidents.
• Recognize the benefits of integrating Log Analytics workspace with other Azure services and tools.

Configure and integrate a Log Analytics agent and workspace in Defender for Cloud

• Understand the importance of a centralized log collection and analysis solution in Microsoft Defender for Cloud.
• Learn how to configure and deploy the Log Analytics agent in Azure.
• Gain insights into creating and configuring a Log Analytics workspace for Defender for Cloud.
• Understand how to integrate the Log Analytics workspace with Defender for Cloud to collect and analyze security logs.
• Recognize the benefits of leveraging centralized log analytics for proactive security monitoring and threat detection.

Explore just-in-time virtual machine access

• Understand the risks associated with open management ports on virtual machines.
• Learn how to implement JIT VM access using Microsoft Defender for Cloud.
• Explore how JIT VM access reduces attack surfaces in Azure and AWS environments.
• Gain skills to configure and manage temporary, controlled access to VMs for authorized users.

Configure Azure Key Vault networking settings

• Understand the importance of configuring networking settings for Azure Key Vault in ensuring secure access and communication.
• Learn how to configure network access control for Azure Key Vault using virtual network service endpoints and private endpoints.
• Gain insights into configuring firewall rules and virtual network service endpoints to restrict access to Key Vault.
• Understand the process of configuring private endpoints to securely access Key Vault from virtual networks.
• Recognize the benefits of properly configuring networking settings for Azure Key Vault in enhancing overall security.

Connect an Azure SQL server using an Azure Private Endpoint using the Azure portal

• Understand the importance of using Azure Private Endpoint to establish secure connections to Azure SQL Server.
• Learn how to configure and create an Azure Private Endpoint for Azure SQL Server in the Azure portal.
• Gain insights into the network architecture and components involved in setting up an Azure Private Endpoint.
• Understand how to validate and test the connection between the Azure Private Endpoint and Azure SQL Server.
• Recognize the benefits of using Azure Private Endpoint for securing database connections and isolating network traffic.