Training agenda
-
Building general strategy and security architecture:
-
Introduction
-
Zero Trust review
-
Designing integration points in architecture
-
Designing security requirements based on business goals
-
Transposing security requirements to technical opportunities
-
Designing securities for vulnerability strategies
-
Planning security strategies for hybrid and multi-access strategies
-
Designing technical and management strategies for filtering and segmenting traffic
-
Acquaintance with protocol securities .
-
Designing security operation strategies:
-
Introduction
-
Understanding structure, processes and procedures related to security
-
Designing strategies of logging and audit strategies
-
Planning security operations for hybird and multi-cloud environments
-
Planning Security Information and Event Management (SIEM) strategy and security orchestration,
-
Evaluation of workflows related to security
-
Review of security strategies related to incident management
-
Evaluating strategy of security operations in terms of sharing information about technical threats
-
Monitoring sources to gain insight into threats and mitigation measures.
-
Designing strategies of identity security:
-
Introduction
-
Secure access to cloud resources
-
Security recommendations for dentity storage
-
Security recommendations for strategies of secure authentication and authorization
-
Secure conditional access
-
Designing strategies of assigning roles and delegating
-
Defining identity management for access reviews and authorization management
-
Designing security strategies for the role of priviliged access to infrastructure
-
Designing security strattegies for privileged operations
-
Acquaintance with protocol securities.
-
Evaluating rule compliance strategies:
-
Introduction
-
Interpreting requirements of compliance and their technical capabilities
-
Evaluating compliance’s infrastructure using Microsoft Defender for Cloud
-
Interpreting evaluation of compliance and recommended operations to solve problmes or improve security
-
Designing and verifying Azure Policy implementations
-
Designing requirements in terms of data residences
-
Transposing requirements related to privacy into requirements related to security solutions.
-
Evaluating the state of security and recommended technical Risk Management strategies:
-
Introduction
-
Evaluating security attitude using comparisn tests
-
Evaluating state security using Microsoft Defender for Cloud
-
Evaluating security attitude using secure results
-
Evaluating security hygiene of Cloud Workloads
-
Designing securities for Azure Landing Zone
-
Interpreting the analysis of technical threates and recommended means limiting the risk
-
Recommended security functions or means of control in order to mitigate identified threats
-
Acquaintance with best practices related to architecture and their change in cloud:
-
Introduction
-
Planning and implementing security strategies in teams
-
Specifying strategies and the process of proactive and constant evolution of security strategy
-
Acquaintance with network protocols and best practices related to network segmentation and traffic filtering.
-
Designing strategy of securing server and client end points:
-
Introduction
-
Specifying fundamentals of security of server’s and client’s end points
-
Specifying security requirements for servers
-
Specifying security requirements for mobile devices and clients
-
Specifying requirements related to securing domain services in Active Directory
-
Designing strategy of managing secrets, keys and certificates
-
Designing strategies of secure remote access
-
Understanding structure, processes and security procedures
-
Understanding procedures of deep forensics according to the type of resources.
-
Designing strategy of securing PaaS, IaaS and SaaS strategies:
-
Introduction
-
Specifying security fundamentals for PaaS services
-
Specifying security fundamentals for IaaS services
-
Specifying security fundamentals for SaaS services
-
Specifying requirements related to securities for IoT overloads
-
Specifying security fundamentals for data overloads
-
Specifying security fundamentals for Internet overloads
-
Specifying security fundamentals for mass storage overloads
-
Specifying security fundamentals for containers
-
Specifying security fundamentals for containers orchestration.
-
Specifying security fundamentals for applications:
-
Introduction
-
Understanding application threat modelling
-
Specifying priorities of threats for applications
-
Specifying security standards during new application implementation
-
Specifying security strategy for applications and API interfaces.
-
Planning data security strategy:
-
Introduction
-
Prioritetization of data threat mitigation
-
Planning strategy of identification and sensitive data protection
-
Specifying data coding standard at rest and in motion.