Microsoft Azure Security Technologies Certification and Beyond
eBook - ePub

Microsoft Azure Security Technologies Certification and Beyond

David Okeyode

  1. 526 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Microsoft Azure Security Technologies Certification and Beyond

David Okeyode

Book details
Book preview
Table of contents
Citations

About This Book

Excel at AZ-500 and implement multi-layered security controls to protect against rapidly evolving threats to Azure environments – now with the the latest updates to the certificationKey Features• Master AZ-500 exam objectives and learn real-world Azure security strategies• Develop practical skills to protect your organization from constantly evolving security threats• Effectively manage security governance, policies, and operations in AzureBook DescriptionExam preparation for the AZ-500 means you'll need to master all aspects of the Azure cloud platform and know how to implement them. With the help of this book, you'll gain both the knowledge and the practical skills to significantly reduce the attack surface of your Azure workloads and protect your organization from constantly evolving threats to public cloud environments like Azure. While exam preparation is one of its focuses, this book isn't just a comprehensive security guide for those looking to take the Azure Security Engineer certification exam, but also a valuable resource for those interested in securing their Azure infrastructure and keeping up with the latest updates. Complete with hands-on tutorials, projects, and self-assessment questions, this easy-to-follow guide builds a solid foundation of Azure security. You'll not only learn about security technologies in Azure but also be able to configure and manage them. Moreover, you'll develop a clear understanding of how to identify different attack vectors and mitigate risks. By the end of this book, you'll be well-versed with implementing multi-layered security to protect identities, networks, hosts, containers, databases, and storage in Azure – and more than ready to tackle the AZ-500.What you will learn• Manage users, groups, service principals, and roles effectively in Azure AD• Explore Azure AD identity security and governance capabilities• Understand how platform perimeter protection secures Azure workloads• Implement network security best practices for IaaS and PaaS• Discover various options to protect against DDoS attacks• Secure hosts and containers against evolving security threats• Configure platform governance with cloud-native tools• Monitor security operations with Azure Security Center and Azure SentinelWho this book is forThis book is a comprehensive resource aimed at those preparing for the Azure Security Engineer (AZ-500) certification exam, as well as security professionals who want to keep up to date with the latest updates. Whether you're a newly qualified or experienced security professional, cloud administrator, architect, or developer who wants to understand how to secure your Azure environment and workloads, this book is for you. Beginners without foundational knowledge of the Azure cloud platform might progress more slowly, but those who know the basics will have no trouble following along.

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Microsoft Azure Security Technologies Certification and Beyond an online PDF/ePUB?
Yes, you can access Microsoft Azure Security Technologies Certification and Beyond by David Okeyode in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Packt Publishing
Year
2021
ISBN
9781800567047
Edition
1
Topic
Computer Science
Subtopic
Cyber Security
Index
Computer Science

Section 1: Implement Identity and Access Security for Azure

A common attack entry point for Azure environments is identity compromise. This is why mitigating identity security risks and configuring secure access is a key component of a comprehensive Azure security strategy. In this section, you will gain a clear understanding of Azure Active Directory (Azure AD), Microsoft's cloud-based identity and access management service, and how to secure your cloud identities using features such as multi-factor authentication, password protection, conditional access, identity protection, and privileged identity management. Not only will just the concepts and theory be made clear; we will also walk through many exercises as well!
This part of the book comprises the following chapters:
  • Chapter 1, Introduction to Azure Security
  • Chapter 2, Understanding Azure AD
  • Chapter 3, Azure AD Hybrid Identity
  • Chapter 4, Azure AD Identity Security
  • Chapter 5, Azure AD Identity Governance

Chapter 1: Introduction to Azure Security

Security is a core component of any well-architected environment, and this is no different for Azure. Every workload that your organization implements in Azure needs to be implemented with security in mind. The risk associated with not doing this could range from an attacker being able to use your Azure resources to mine cryptocurrency at your expense to an attacker being able to gain access to sensitive customer data that could result in massive fines or sanctions against your company. It could also lead to reputation damage that may lead to customers moving to a competitor.
But how does cloud security work? Is it different from traditional security? Do you have to unlearn everything that you know about managing on-premises security and start from the beginning? You'll be glad that the answer to that latter question is "No." The principles of digital security are the same whether your workload sits in a traditional on-premises data center or in a cloud environment such as Microsoft Azure. The way you apply those principles, however, is quite different. Some of those differences are due to the dynamic and elastic nature of cloud environments. The ability to rapidly provision and release resources introduces new challenges that traditional security models struggle to address effectively, but we'll be covering how to solve this in this book – that is, we'll focus on how we apply security principles to secure dynamic Azure environments.
In any discussion on Azure security, it is critical to understand the "shared responsibility model," that is, which security tasks are handled by the cloud provider (Microsoft in this case) and which tasks are handled by the cloud consumers (us). In this chapter, I will introduce this concept and show how cloud security responsibilities vary depending on the type of service that you are using in Azure – Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS). I will also walk you through how to set up an Azure subscription that you can use to follow along with the hands-on sections of this book.
In this chapter, we're going to cover the following topics; however, feel free to skip to the next chapter if the information covered is already familiar to you:
  • Shared responsibility model
  • Setting up a practice environment

Technical requirements

To follow along with the instructions in this chapter, you'll need the following:
  • An outlook.com account that you will use to sign up for your Azure subscription. Make sure that this is an account that you have not previously used to sign up for a free trial Azure subscription. This is because every Microsoft account is entitled to only one free trial signup. You can sign up for a new outlook.com account by going to https://outlook.live.com/owa/ and clicking Create free account.
  • A PC with a web browser: The PC can run Windows, macOS, or GUI-based Linux, as long as it has a web browser installed and it has internet connectivity.
  • A credit card: This will be needed during the sign-up process to validate your identity. The credit card will not be charged during the trial. You have to explicitly convert a free trial subscription to a pay-as-you-go subscription for it to be charged.
  • A valid phone number: This will also be needed to validate your identity.

Shared responsibility model

As organizations transition their workloads from their on-premises data centers to the Azure cloud platform, the responsibility of security also shifts. One of these shifts is that you are no longer solely responsible (as an organization) for all aspects of security as you may be used to in a traditional environment. Security is now a concern that both the cloud provider (Microsoft) and the cloud customers (us) share. This is called the shared responsibility model and all cloud providers, including Microsoft's competitors such as AWS and GCP, follow this model as well.
The diagram in Figure 1.1 clearly highlights this. It is from a whitepaper on the shared security model that was published by Microsoft. You can download the whitepaper from this URL: https://azure.microsoft.com/en-gb/resources/shared-responsibility-for-cloud-computing/. In the diagram, the gray represents the security responsibilities that are transferred to Microsoft when we adopt Azure, while the blue represents security...

Table of contents

  1. Microsoft Azure Security Technologies Certification and Beyond
  2. Contributors
  3. Preface
  4. Section 1: Implement Identity and Access Security for Azure
  5. Chapter 1: Introduction to Azure Security
  6. Chapter 2: Understanding Azure AD
  7. Chapter 3: Azure AD Hybrid Identity
  8. Chapter 4: Azure AD Identity Security
  9. Chapter 5: Azure AD Identity Governance
  10. Section 2: Implement Azure Platform Protection
  11. Chapter 6: Implementing Perimeter Security
  12. Chapter 7: Implementing Network Security
  13. Chapter 8: Implementing Host Security
  14. Chapter 9: Implementing Container Security
  15. Section 3: Secure Storage, Applications, and Data
  16. Chapter 10: Implementing Storage Security
  17. Chapter 11: Implementing Database Security
  18. Chapter 12: Implementing Secrets, Keys, and Certificate Management with Key Vault
  19. Chapter 13: Azure Cloud Governance and Security Operations
  20. Assessments
  21. Other Books You May Enjoy
Citation styles for Microsoft Azure Security Technologies Certification and Beyond

APA 6 Citation

Okeyode, D. (2021). Microsoft Azure Security Technologies Certification and Beyond (1st ed.). Packt Publishing. Retrieved from https://www.perlego.com/book/3043242/microsoft-azure-security-technologies-certification-and-beyond-pdf (Original work published 2021)

Chicago Citation

Okeyode, David. (2021) 2021. Microsoft Azure Security Technologies Certification and Beyond. 1st ed. Packt Publishing. https://www.perlego.com/book/3043242/microsoft-azure-security-technologies-certification-and-beyond-pdf.

Harvard Citation

Okeyode, D. (2021) Microsoft Azure Security Technologies Certification and Beyond. 1st edn. Packt Publishing. Available at: https://www.perlego.com/book/3043242/microsoft-azure-security-technologies-certification-and-beyond-pdf (Accessed: 15 October 2022).

MLA 7 Citation

Okeyode, David. Microsoft Azure Security Technologies Certification and Beyond. 1st ed. Packt Publishing, 2021. Web. 15 Oct. 2022.