October 3, 2018 Mayank Baweja

Pricing information

100 credits

Duration

8 Hours

Audience

Cloud Administrators

Cloud Architects

Security Analysts

Security Architects

Technologies

Azure Virtual Machines and Networks with Network Security Groups

Virtual Private Networks (Point to Point, Site to Site)

Azure Web Apps

Azure SQL DB and corresponding security features (Threat Detection, TDE, Column Level Encryption, etc.)

Azure Storage Encryption

SQL Server Virtual Machines

Azure IAM

Azure Monitor and Log Analytics

Power BI

Azure Security Center

Azure Key Vault Integrations

Microsoft Azure Active Directory

Microsoft Intune

Conditional Access controls

Azure Security, Privacy, And, Compliance – 8 HRS Hands-on Workshop

In this workshop, you will learn how to design an implementation of Azure Security Center and Microsoft Compliance Manager tools to ensure a secure and privacy-focused Azure cloud-based architecture. In this hands-on lab, you will implement many of the Azure Security Center features to secure their cloud-based Azure infrastructure (IaaS) and applications (PaaS). Specifically, you will ensure that any internet exposed resources have been properly secured and any non-required internet access disabled. Additionally, you will implement a “jump machine” for admins. with Application Security enabled to prevent admins from installing non-approved software and potentially exposing cloud resources. You will then utilize custom alerts to monitor for TCP/IP Port Scans and then fire alerts and run books based on those attacks. 

Agenda

1 H

Implementing Just-In-Time (JIT) access

Setup virtual machine with JIT
Perform a JIT request

2 H

Securing the Web Application and database

Setup the database
Test the web application solution
Utilize data masking
Utilize column encryption with Azure Key Vault

2 H

Migrating to Azure Key Vault

Create an Azure Key Vault secret
Create an Azure Active Directory application
Assign Azure Active Directory application permissions
Install or verify Nuget Package
Test the solution

3 H

Securing the network

Test network security group rules #1
Configure network security groups
Test network security group rules #2
Install network watcher VM extension
Setup network packet capture
Execute a port scan

2 H

Creating security log alerts

Create a custom alert
Investigate a custom alert
Create and run a playbook

0.5 H

Creating Compliance Reports with Power BI

Export a Power Query formula from Log Analytics

0.5 H

Using Compliance Manager

Use Compliance Manager for Azure