Cybersecurity Architecture Reference

Checked: 0

Unchecked: 0

Percentage Checked: 0%

Design Solutions that Align with Security Best Practices and Priorities

Assessments and Tools

Microsoft Assessments - Pre-Assessment Mode: Evaluate your cloud environment.
Cloud Adoption Framework Overview: Overview of the Cloud Adoption Framework.
Microsoft Cybersecurity and Cloud Security Benchmark: Aligning solutions with security benchmarks.
Microsoft Cybersecurity Reference Architecture (MCRA): Cybersecurity architecture for Microsoft platforms.
Security Priority Architecture (SPA): Prioritizing security investments and initiatives.
External Attack Surface Management (EASM) in Defender: Manage external attack surfaces in Azure Defender.
Azure Secure Score Tracking: Access and track security scores to improve security posture.
Azure Key Vault Logging: Enable and configure logging for Azure Key Vault activities.

Training Modules and Case Studies

SC-100 Design Solutions Best Practices and Priorities: Design solutions aligned with best practices.
SC-100 Microsoft Cybersecurity Architect Instructions: SC-100 certification preparation.
Architecture Best Practices Case Study: Best practices in architecture design.
Design Secure Applications: Strategies for secure applications.
Case Study on Identity and Access Management: IAM design case study.
Case Study on Securing Privileged Access: Privileged access design strategies.
Case Study on Security Operations: Designing solutions for security operations.

Microsoft Defender and Zero Trust in Microsoft 365

Microsoft 365 Zero Trust Security: Zero Trust for Microsoft 365.
Microsoft 365 Copilot Privacy: Privacy in Microsoft 365 Copilot.
Security Solutions for Applications and Data: Learning path for app and data security.
Microsoft Defender for Office 365: Defender overview for Office 365.
Microsoft Secure Score Improvement Actions: Improve security posture with Secure Score.
Microsoft 365 Defender Layered Defense: Build layered defense with Defender.
Design Secure Microsoft 365 Applications: Module on securing Microsoft 365 applications.
Defender for Cloud Apps Introduction: Overview of Defender for Cloud Apps for SaaS security.

Design Security Operations, Identity, and Compliance Capabilities

Workload Identities and Key Management

Secure Access for Workload Identities: Module on securing workload identities.
Workload Identities Overview: Managing workload identities in Azure AD.
Azure Key Management Fundamentals: Core concepts of key management in Azure.
Azure Key Vault Best Practices: Best practices for using Key Vault.
Azure Key Vault Basic Concepts: Introduction to Key Vault concepts.

Key Vault and HSM Security

Key Vault Overview: Secure storage for keys, secrets, and certificates.
Managed HSM Overview: Managed Hardware Security Modules in Azure.
Dedicated HSM Overview: Dedicated HSM for high-security storage.
Payment HSM Overview: Secure transactions with Payment HSM.
Key Vault Security Features: Security features in Key Vault.
Key Vault VNet Service Endpoints: Integrating Key Vault with virtual networks.
Key Vault Soft Delete Overview: Recover deleted Key Vault objects.
Key Vault Alerts: Set up alerts for Key Vault events.

Compliance Modules and Trust Centers

Regulatory Compliance Solutions: Designing solutions for regulatory compliance.
Microsoft Trust Center - Compliance Overview: Overview of Microsoft's compliance offerings.
Service Trust Portal: Compliance documentation and resources.

Incident Response and Threat Intelligence

Azure Sentinel Threat Intelligence Overview: Leveraging threat intelligence in Sentinel.
Hunting in Azure Sentinel: Proactively hunting for threats in Sentinel.
Security Operations Solutions: Training on designing security operations.
Azure Sentinel MITRE Coverage: How Sentinel maps to MITRE ATT&CK.
Cloud Security Operations Center in CAF: Establishing a CSOC.
Microsoft Sentinel Automated Response Solutions: Automated response solutions in Sentinel.
Hybrid Security Monitoring: Security monitoring for hybrid environments.
Integrating Microsoft Defender and Azure: Integrating Defender with Azure services.

Design Security Solutions for Infrastructure

Infrastructure Monitoring and Posture Management

Cloud Security Posture Management in Defender: CSPM capabilities in Microsoft Defender.
Agentless Data Collection in Defender for Cloud: Data collection without agents.
Attack Path Analysis in Defender for Cloud: Identify and mitigate vulnerabilities.
Secure Score and Security Controls in Defender: Secure score metrics in Defender.
Integrated Posture Management in Hybrid/Multi-cloud: Security posture across hybrid/multi-cloud.
Defender for Cloud Introduction: Enhanced security with Microsoft Defender.
Defender for Servers Planning Guide: Deploying Defender for Servers.
Defender for App Service Introduction: Securing web applications.
Defender for SQL Usage: Protect SQL databases.
Defender for IoT Overview: Secure IoT devices.
Defender for Cloud Apps Service Introduction: SaaS security with Defender.

Infrastructure Compliance

Evaluate Infrastructure Compliance in Defender: Assess compliance with Defender for Cloud.
Regulatory Compliance Module for Infrastructure: Compliance for infrastructure solutions.
Secure Operational Technology in Defender: Security solutions for OT and ICS.
Azure Security Benchmark for Posture and Vulnerability Management: Best practices for security posture.
Secure Landing Zone Design: Security-focused design for Azure landing zones within the Cloud Adoption Framework.
Azure IoT Hub Security Baseline: Baseline security recommendations for Azure IoT Hub deployments.

Microsoft Defender for Endpoint and Device Baselines

Virtual Machines Windows Security Baseline: Security baseline for Windows VMs in Azure.
Security Solutions for Securing Server and Client Endpoints: Training on securing endpoints.
Plan for Remote Access on VMs: Best practices for remote access to VMs.
Windows VM Security Baseline: Security baselines for Windows Virtual Machines on Azure.
AKS Security Baseline: Security recommendations for Azure Kubernetes Service (AKS).
Azure Posture and Vulnerability Management: Guidance on managing security posture and vulnerabilities.

Design Security Solutions for Applications and Data

Application Security and DevSecOps

Design Security Lifecycle for Applications: Strategies for app security lifecycle integration.
DevSecOps Security Baseline: Baseline for DevSecOps practices.
Azure Security Center Introduction: Unified security management overview.
Security Fundamentals for IaaS: Securing Infrastructure as a Service.
Security Fundamentals for PaaS: Security for Platform as a Service.
DevSecOps Controls in Cloud Adoption Framework: Guidance on integrating DevSecOps controls within Azure.

Secure Applications and DevSecOps

Application Lifecycle Management: Managing lifecycle of Azure container apps.
Design Secure Applications Module: Training on secure app design.
Service Guide for Azure OpenAI: Using Azure OpenAI securely.
Azure Shared Responsibility Model: Division of security responsibilities.
Security Fundamentals for PaaS: Security in PaaS deployments.
Azure Penetration Testing Rules of Engagement: Guidelines for pen testing on Azure.
Security Risk Detection for Applications: Detect security risks in applications.

Data Security and Compliance

Azure Purview Resource Portal: Access Azure Purview resources.
Azure Purview Catalog Search: Search and discover data assets.
Azure Purview Insights: Data insights in Azure Purview.
Azure Purview Data Sharing: Securely sharing data using Purview.
Azure Purview Private Link: Secure connectivity with Private Link.
Azure Purview Security Best Practices: Best practices for securing Purview.
Azure SQL Database Security Overview: Security guidance for Azure SQL Database.
Secure Organization Data: Training module on securing data within an organization.

Data Encryption and Storage Security

Data Encryption Best Practices: Encryption best practices in Azure.
Azure Storage Encryption Design: Designing encryption for Azure Storage.
SQL Database Data Classification: Classifying data in Azure SQL.
Azure Storage Service Encryption: Overview of Azure Storage encryption.
Azure Storage Blobs Overview: Introduction to Azure Blob Storage.
Azure Disk Encryption for Linux VMs: Encrypting disks on Linux VMs.
Azure Virtual Machines Availability Set: High availability with Availability Sets.

Cybersecurity Architecture Reference

M. W. Hatter's Study Helpers

Design Solutions that Align with Security Best Practices and Priorities

Zero Trust and Security Frameworks

Cloud Adoption and Architecture Frameworks

Assessments and Tools

Training Modules and Case Studies

Business Resilience

Microsoft Defender and Zero Trust in Microsoft 365

Design Security Operations, Identity, and Compliance Capabilities

Identity and Access Management

Workload Identities and Key Management

Key Vault and HSM Security

Privileged Access and Identity Governance

Privileged Access Solutions and Security Operations

Policy and Compliance Tools

Compliance Modules and Trust Centers

Incident Response and Threat Intelligence

Design Security Solutions for Infrastructure

Infrastructure and Network Security

Infrastructure Monitoring and Posture Management

Infrastructure Compliance

Endpoint Security and Device Management

Microsoft Defender for Endpoint and Device Baselines

Design Security Solutions for Applications and Data

Application Security and DevSecOps

Application and Network Security

Secure Applications and DevSecOps

Data Security and Compliance

Data Encryption and Storage Security

Advanced Data Security