Microsoft cybersecurity architect exam ref SC-100 : get certified with ease while learning how to develop highly effective cybersecurity strategies

Microsoft cybersecurity architect exam ref SC-100 get certified with ease while learning how to develop highly effective cybersecurity strategies

Advance your knowledge of architecting and evaluating cybersecurity services to tackle day-to-day challenges Key Features Gain a deep understanding of all topics covered in the SC-100 exam Benefit from practical examples that will help you put your new knowledge to work Design a zero-trust architect...

Descripción completa

Detalles Bibliográficos
Otros Autores: Natwick, Dwayne, author (author), Trent, Rod, writer of foreword (writer of foreword)
Formato: Libro electrónico
Idioma:Inglés
Publicado: Birmingham, England ; Mumbai : Packt [2023]
Edición:1st ed
Materias:
Microsoft Corporation > Examinations > Study guides.
Computer security > Examinations > Study guides.
Computer networks > Security measures > Examinations > Study guides.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009711812206719
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright and Credits
  • Foreword
  • Contributors
  • Table of Contents
  • Preface
  • Part 1: The Evolution of Cybersecurity in the Cloud
  • Chapter 1: Cybersecurity in the Cloud
  • What is cybersecurity?
  • Evolution of cybersecurity from on-premises to the cloud
  • Defense-in-depth security strategy
  • Building a defense-in-depth security posture
  • Shared responsibility in cloud security
  • Cybersecurity architecture use cases
  • Security operations
  • Understanding the stages of a cyber attack
  • Understanding the scope of cybersecurity in the cloud
  • Shared responsibility scope
  • Principles of the zero-trust methodology
  • Common threats and attacks
  • Internal threats
  • External threats
  • Summary
  • Part 2: Designing a Zero-Trust Strategy and Architecture
  • Chapter 2: Building an Overall Security Strategy and Architecture
  • Identifying the integration points in an architecture by using the Microsoft Cybersecurity Reference Architecture
  • How are the MCRA used?
  • What are the components of the MCRA?
  • Translating business goals into security requirements
  • Threat analysis
  • Translating security requirements into technical capabilities
  • Physical
  • Identity and access
  • Perimeter security
  • Network security
  • Compute
  • Applications
  • Data
  • Designing security for a resiliency strategy
  • Integrating a hybrid or multi-tenant environment into a security strategy
  • Developing a technical and governance strategy for traffic filtering and segmentation
  • Summary
  • Chapter 3: Designing a Security Operations Strategy
  • Designing a logging and auditing strategy to support security operations
  • Security operations overview
  • Microsoft security operations tools
  • Logging and auditing for threat and vulnerability detection
  • Developing security operations to support a hybrid or multi-cloud environment.
  • Designing a strategy for SIEM and SOAR
  • Evaluating security workflows
  • Security strategies for incident management and response
  • Security workflows
  • Evaluating a security operations strategy for the incident management life cycle
  • Evaluating a security operations strategy for sharing technical threat intelligence
  • Summary
  • Chapter 4: Designing an Identity Security Strategy
  • Zero Trust for identity and access management
  • Designing a strategy for access to cloud resources
  • Recommending an identity store
  • Azure AD tenant synchronization with SCIM
  • B2B
  • B2C
  • Recommending an authentication and authorization strategy
  • Hybrid identity infrastructure
  • Secure authorization methods
  • Designing a strategy for CA
  • Designing a strategy for role assignment and delegation
  • Designing a security strategy for privileged role access
  • Azure AD PIM
  • Designing a security strategy for privileged activities
  • Privileged access reviews
  • Entitlement management (aka permission management)
  • Cloud tenant administration
  • Case study - designing a Zero Trust architecture
  • Summary
  • Part 3: Evaluating Governance, Risk, and Compliance (GRC) Technical Strategies and Security Operations Strategies
  • Chapter 5: Designing a Regulatory Compliance Strategy
  • Interpreting compliance requirements and translating them into specific technical capabilities
  • Evaluating infrastructure compliance by using Microsoft Defender for Cloud
  • Interpreting compliance scores and recommending actions to resolve issues or improve security
  • Designing the implementation of Azure Policy
  • Designing for data residency requirements
  • Translating privacy requirements into requirements for security solutions
  • Case study - designing for regulatory compliance
  • Summary.
  • Chapter 6: Evaluating the Security Posture and Recommending Technical Strategies to Manage Risk
  • Evaluating the security posture by using benchmarks
  • Evaluating the security posture by using Microsoft Defender for Cloud
  • Evaluating the security posture by using Secure Scores
  • Evaluating the security posture of cloud workloads
  • Designing security for an Azure Landing Zone
  • Interpreting technical threat intelligence and recommending risk mitigations
  • Recommending security capabilities or controls to mitigate identified risks
  • Case study - evaluating the security posture
  • Summary
  • Part 4: Designing Security for Infrastructure
  • Chapter 7: Designing a Strategy for Securing Server and Client Endpoints
  • Planning and implementing a security strategy across teams
  • Specifying security baselines for server and client endpoints
  • Specifying security requirements for servers, including multiple platforms and operating systems
  • Specifying security requirements for mobile devices and clients, including endpoint protection, hardening, and configuration
  • Specifying requirements to secure AD DS
  • Designing a strategy to manage secrets, keys, and certificates
  • Designing a strategy for secure remote access
  • Understanding security operations frameworks, processes, and procedures
  • Case study - designing a secure architecture for endpoints
  • Summary
  • Chapter 8: Designing a Strategy for Securing SaaS, PaaS, and IaaS
  • Specifying security baselines for SaaS, PaaS, and IaaS services
  • Security baselines for SaaS
  • Security baselines for IaaS
  • Security baselines for PaaS
  • Specifying security requirements for IoT workloads
  • Specifying security requirements for data workloads, including SQL, Azure SQL Database, Azure Synapse, and Azure Cosmos DB
  • Specifying security requirements for storage workloads, including Azure Storage.
  • Specifying security requirements for web workloads, including Azure App Service
  • Specifying security requirements for containers
  • Specifying security requirements for container orchestration
  • Case study - security requirements for IaaS, PaaS, and SaaS
  • Summary
  • Part 5: Designing a Strategy for Data and Applications
  • Chapter 9: Specifying Security Requirements for Applications
  • Specifying priorities for mitigating threats to applications
  • Identity and secrets handling and use
  • Segmentation and configuration
  • Static and dynamic testing
  • Data handling and access
  • Security posture management and workload protection
  • Specifying a security standard for onboarding a new application
  • Specifying a security strategy for applications and APIs
  • Case study - security requirements for applications
  • Summary
  • Chapter 10: Designing a Strategy for Securing Data
  • Specifying priorities for mitigating threats to data
  • Managing the risk to data
  • Ransomware protection and recovery
  • Designing a strategy to identify and protect sensitive data
  • Specifying an encryption standard for data at rest and in motion
  • Encryption at rest
  • Encryption in transit
  • Identity and secrets handling and use
  • Case study - designing a strategy to secure data
  • Summary
  • Chapter 11: Case Study Responses and Final Assessment/Mock Exam
  • Case study sample responses
  • Chapter 4 - designing a zero-trust architecture
  • Chapter 5 - designing for regulatory compliance
  • Chapter 6 - evaluating the security posture
  • Chapter 7 - designing a secure architecture for endpoints
  • Chapter 8 - security requirements for IaaS, PaaS, and SaaS
  • Chapter 9 - security requirements for applications
  • Chapter 10 - designing a strategy to secure data
  • Mock exam practice questions
  • Questions
  • Mock exam answers and chapter reference
  • Summary.
  • Appendix: Preparing for Your Microsoft Exam
  • Technical requirements
  • Preparing for a Microsoft exam
  • Resources to prepare for the exam
  • Access to a subscription
  • Where to take the exam
  • Exam format
  • Resources available and accessing Microsoft Learn
  • Accessing Microsoft Learn
  • Finding content on Microsoft Learn
  • Exam pages on Microsoft Learn
  • Creating a Microsoft 365 trial subscription
  • Office 365 or Microsoft 365 trial subscription
  • Enterprise Mobility + Security subscription
  • Setting up a free month of Azure services
  • Exam objectives
  • Who should take the SC-100 exam?
  • Summary
  • Index
  • Other Books You May Enjoy.

Ejemplares similares