1. Design a Zero Trust strategy and architecture
-
1.1 Diagrams
-
1.2 PPT's
-
2. How are we approaching this course (6:38)
-
3. About this section (0:53)
-
4. Zero Trust (5:09)
-
5. Security - Integration endpoints (3:02)
-
6. Cloud Adoption Framework (3:40)
-
7. Security Strategy (2:16)
-
8. Security Strategy - Hybrid environments (3:15)
-
9. Security logging - tools (2:16)
-
10. Let's start using the tools (0:40)
-
11. Security logging - Our next steps (2:36)
-
12. Security logging - Building a simple infrastructure (5:11)
-
13. About Microsoft Sentinel (3:19)
-
14. Lab - Microsoft Sentinel - Setup (6:41)
-
15. Lab - Microsoft Sentinel - Data connectors (10:41)
-
16. Lab - Microsoft Sentinel - Azure Activity (7:47)
-
17. Lab - Microsoft Sentinel - Generating Incidents (14:34)
-
19. Incidents (3:46)
-
20. Lab - Microsoft Sentinel - Virtual Machines - Incidents (5:36)
-
22. Microsoft Sentinel - Workbooks (2:52)
-
23. Microsoft Sentinel - Automation (13:11)
-
24. Microsoft Sentinel - Note on threat protection (1:44)
-
25. NSG Flow logs (11:18)
-
26. Our next focus - Azure Active Directory (3:04)
-
27. Review on Role-based access control (6:04)
-
28. Identity Governance - Entitlement Management (5:59)
-
29. Review of Application Objects (2:22)
-
30. Example on using Application Objects (12:08)
-
32. Another example on Application Objects (17:08)
-
32.1 AuthApp
-
34. Enterprise Applications (5:58)
-
35. Example on Enterprise Applications (9:38)
-
36. Review - Azure AD Identity Protection (4:33)
-
37. Review - Conditional Access Policies (8:31)
-
38. Hybrid Identities - Azure AD Connect (5:31)
-
39. Review - Azure AD Privileged Identity Management (9:55)
-
40. Azure B2B (3:34)
-
41. Azure B2C (7:29)
-
42. Which service to choose (2:28)
-
43. Azure AD Logs (2:04)
-
44. Quick note before moving along (1:12)
2. Evaluate Governance Risk Compliance
-
1. Compliance of your resources (1:21)
-
2. Review of Azure Policy service (6:34)
-
3. Introduction to Microsoft Defender for Cloud (4:29)
-
4. Microsoft Defender for Cloud - Initial Look (7:42)
-
5. Azure Security Benchmark (7:00)
-
6. Microsoft Defender for Cloud - Servers (11:07)
-
7. Microsoft Defender for Cloud - Secure Management Ports (11:06)
-
8. Microsoft Defender for Cloud - Workload Protection features (3:09)
-
9. Microsoft Defender for Cloud - Workflow Automation (6:29)
-
10. Microsoft Defender for Cloud - Vulnerability assessment (6:40)
-
11. Management Ports update (4:31)
-
12. Microsoft Defender for Cloud - Regulatory compliance (5:34)
-
13. Microsoft Defender for Cloud - AWS resources (10:12)
-
14. Quick note on other AWS aspects (2:00)
-
15. Azure Landing zones (4:00)
-
16. Azure Blueprints (2:59)
-
17. Example on using Azure Blueprints (11:42)
3. Design security for infrastructure
-
1. What are we going to cover (0:56)
-
2. Quick overview of the services (4:14)
-
3. Azure Storage Accounts - Authorization (4:01)
-
4. Azure Storage Accounts Authorization - Access keys (6:07)
-
5. Azure Storage Account Authorization - Shared Access Signature (7:26)
-
6. Azure Storage Accounts - Azure AD Authentication (8:44)
-
7. Azure Storage Accounts - Firewalls (4:48)
-
8. Azure Storage Account - Service Endpoint (5:32)
-
9. Azure Storage Accounts - Deny use of Access keys (3:39)
-
10. Azure Storage accounts - Azure Policy use case (3:57)
-
11. Creating an Azure SQL database (7:23)
-
12. Azure SQL Database - Auditing (3:56)
-
13. Azure SQL Database - Log output (2:36)
-
14. Azure Web Apps - Enabling Diagnostics (7:14)
-
15. Azure Web Apps - Diagnostics results (2:09)
-
16. Azure Web Apps - Virtual Network Integration (5:21)
-
17. Using the Azure Bastion Service (4:23)
-
18. Azure Bastion - Creating the environment (3:43)
-
19. Lab - Using the Azure Bastion Service (5:37)
-
20. Lab - Creating an Azure Cosmos DB Account (6:29)
-
21. Example of an application connecting to Azure Cosmos DB (3:59)
-
22. sqlapp
-
23. Storing Azure Cosmos DB keys (10:58)
-
24. keyvault
-
25. Microsoft Defender for Containers (1:53)
-
26. Containers - What are we going to implement (4:22)
-
27. Building a Docker Image (12:59)
-
28. Deploying the container (14:10)
-
29. Quick Note on protecting domain controllers (1:39)
-
30. Network Security Groups - Quick Review (4:55)
-
31. Introduction to Microsoft Defender (2:37)
-
32. Microsoft 365 Admin Center (7:15)
-
33. Quick look at Microsoft Defender for Endpoint (7:40)
4. Design a strategy for data and applications
-
1. What are we going to cover (0:47)
-
2. Protecting your data (2:14)
-
3. Lab - Azure SQL database - Dynamic data masking (9:07)
-
4. Azure SQL database - Classification of data (7:20)
-
5. Encryption of data (2:59)
-
6. Azure Storage Service Encryption (2:35)
-
7. Azure SQL Database Encryption (2:15)
-
8. Azure SQL Database - Always Encrypted feature (3:47)
-
9. Managed Disks Encryption (2:58)
-
10. Note on Azure Backups (3:55)
-
11. Protecting your workloads (3:10)
-
12. Note on your DevOps pipeline (2:31)
-
13. Quick Note on securing applications (1:46)
-
14. Review of the Azure Firewall service (14:40)
-
15. Quick Note on Azure Web App - Azure Firewall (1:34)
-
16. Simple implementation of Azure Front Door (7:47)
-
17. Azure Front Door - Web Application Firewall (5:57)
-
18. Quick Note - Microsoft 365 Defender - Web Content Filtering (1:43)
