1 - Module 1: Build an overall security strategy and architecture
Zero Trust overviewDevelop Integration points in an architectureDevelop security requirements based on business goalsTranslate security requirements into technical capabilitiesDesign security for a resiliency strategyDesign a security strategy for hybrid and multi-tenant environmentsDesign technical and governance strategies for traffic filtering and segmentationUnderstand security for protocolsExercise: Build an overall security strategy and architecture
2 - Module 2: Design a security operations strategy
Understand security operations frameworks, processes, and proceduresDesign a logging and auditing security strategyDevelop security operations for hybrid and multi-cloud environmentsDesign a strategy for Security Information and Event Management (SIEM) and Security OrchestrationEvaluate security workflowsReview security strategies for incident managementEvaluate security operations strategy for sharing technical threat intelligenceMonitor sources for insights on threats and mitigations
3 - Module 3: Design an identity security strategy
Secure access to cloud resourcesRecommend an identity store for securityRecommend secure authentication and security authorization strategiesSecure conditional accessDesign a strategy for role assignment and delegationDefine Identity governance for access reviews and entitlement managementDesign a security strategy for privileged role access to infrastructureDesign a security strategy for privileged activitiesUnderstand security for protocols
4 - Module 4: Evaluate a regulatory compliance strategy
Interpret compliance requirements and their technical capabilitiesEvaluate infrastructure compliance by using Microsoft Defender for CloudInterpret compliance scores and recommend actions to resolve issues or improve securityDesign and validate implementation of Azure PolicyDesign for data residency RequirementsTranslate privacy requirements into requirements for security solutions
5 - Module 5: Evaluate security posture and recommend technical strategies to manage risk
Evaluate security postures by using benchmarksEvaluate security postures by using Microsoft Defender for CloudEvaluate security postures by using Secure ScoresEvaluate security hygiene of Cloud WorkloadsDesign security for an Azure Landing ZoneInterpret technical threat intelligence and recommend risk mitigationsRecommend security capabilities or controls to mitigate identified risks
6 - Module 6: Understand architecture best practices and how they are changing with the Cloud
Plan and implement a security strategy across teamsEstablish a strategy and process for proactive and continuous evolution of a security strategyUnderstand network protocols and best practices for network segmentation and traffic filtering
7 - Module 7: Design a strategy for securing server and client endpoints
Specify security baselines for server and client endpointsSpecify security requirements for serversSpecify security requirements for mobile devices and clientsSpecify requirements for securing Active Directory Domain ServicesDesign a strategy to manage secrets, keys, and certificatesDesign a strategy for secure remote accessUnderstand security operations frameworks, processes, and proceduresUnderstand deep forensics procedures by resource type
8 - Module 8: Design a strategy for securing PaaS, IaaS, and SaaS services
Specify security baselines for PaaS servicesSpecify security baselines for IaaS servicesSpecify security baselines for SaaS servicesSpecify security requirements for IoT workloadsSpecify security requirements for data workloadsSpecify security requirements for web workloadsSpecify security requirements for storage workloadsSpecify security requirements for containersSpecify security requirements for container orchestration
9 - Module 9: Specify security requirements for applications
Understand application threat modelingSpecify priorities for mitigating threats to applicationsSpecify a security standard for onboarding a new applicationSpecify a security strategy for applications and APIs
10 - Module 10: Design a strategy for securing data
Prioritize mitigating threats to dataDesign a strategy to identify and protect sensitive dataSpecify an encryption standard for data at rest and in motion
Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Who is it For?
IT professionals with advanced experience and knowledge in a wide range of security engineering areas, including identity and access, platform protection, security operations, securing data, and securing applications. They should also have experience with hybrid and cloud implementations.
Before attending this course, students must have:
Advanced experience and knowledge in identity and access, platform protection, security operations, securing data and securing applications.
Experience with hybrid and cloud implementations.
This course prepares you to take the SC-100 Certification Exam in order to earn the Microsoft Certified: Cybersecurity Architect Expert certification.