Microsoft Azure Security Technologies Certification and Beyond
eBook - ePub

Microsoft Azure Security Technologies Certification and Beyond

David Okeyode

  1. 526 Seiten
  2. English
  3. ePUB (handyfreundlich)
  4. Über iOS und Android verfügbar
eBook - ePub

Microsoft Azure Security Technologies Certification and Beyond

David Okeyode

Angaben zum Buch
Buchvorschau
Inhaltsverzeichnis
Quellenangaben

Über dieses Buch

Excel at AZ-500 and implement multi-layered security controls to protect against rapidly evolving threats to Azure environments – now with the the latest updates to the certificationKey Features• Master AZ-500 exam objectives and learn real-world Azure security strategies• Develop practical skills to protect your organization from constantly evolving security threats• Effectively manage security governance, policies, and operations in AzureBook DescriptionExam preparation for the AZ-500 means you'll need to master all aspects of the Azure cloud platform and know how to implement them. With the help of this book, you'll gain both the knowledge and the practical skills to significantly reduce the attack surface of your Azure workloads and protect your organization from constantly evolving threats to public cloud environments like Azure. While exam preparation is one of its focuses, this book isn't just a comprehensive security guide for those looking to take the Azure Security Engineer certification exam, but also a valuable resource for those interested in securing their Azure infrastructure and keeping up with the latest updates. Complete with hands-on tutorials, projects, and self-assessment questions, this easy-to-follow guide builds a solid foundation of Azure security. You'll not only learn about security technologies in Azure but also be able to configure and manage them. Moreover, you'll develop a clear understanding of how to identify different attack vectors and mitigate risks. By the end of this book, you'll be well-versed with implementing multi-layered security to protect identities, networks, hosts, containers, databases, and storage in Azure – and more than ready to tackle the AZ-500.What you will learn• Manage users, groups, service principals, and roles effectively in Azure AD• Explore Azure AD identity security and governance capabilities• Understand how platform perimeter protection secures Azure workloads• Implement network security best practices for IaaS and PaaS• Discover various options to protect against DDoS attacks• Secure hosts and containers against evolving security threats• Configure platform governance with cloud-native tools• Monitor security operations with Azure Security Center and Azure SentinelWho this book is forThis book is a comprehensive resource aimed at those preparing for the Azure Security Engineer (AZ-500) certification exam, as well as security professionals who want to keep up to date with the latest updates. Whether you're a newly qualified or experienced security professional, cloud administrator, architect, or developer who wants to understand how to secure your Azure environment and workloads, this book is for you. Beginners without foundational knowledge of the Azure cloud platform might progress more slowly, but those who know the basics will have no trouble following along.

Häufig gestellte Fragen

Wie kann ich mein Abo kündigen?
Gehe einfach zum Kontobereich in den Einstellungen und klicke auf „Abo kündigen“ – ganz einfach. Nachdem du gekündigt hast, bleibt deine Mitgliedschaft für den verbleibenden Abozeitraum, den du bereits bezahlt hast, aktiv. Mehr Informationen hier.
(Wie) Kann ich Bücher herunterladen?
Derzeit stehen all unsere auf Mobilgeräte reagierenden ePub-Bücher zum Download über die App zur Verfügung. Die meisten unserer PDFs stehen ebenfalls zum Download bereit; wir arbeiten daran, auch die übrigen PDFs zum Download anzubieten, bei denen dies aktuell noch nicht möglich ist. Weitere Informationen hier.
Welcher Unterschied besteht bei den Preisen zwischen den Aboplänen?
Mit beiden Aboplänen erhältst du vollen Zugang zur Bibliothek und allen Funktionen von Perlego. Die einzigen Unterschiede bestehen im Preis und dem Abozeitraum: Mit dem Jahresabo sparst du auf 12 Monate gerechnet im Vergleich zum Monatsabo rund 30 %.
Was ist Perlego?
Wir sind ein Online-Abodienst für Lehrbücher, bei dem du für weniger als den Preis eines einzelnen Buches pro Monat Zugang zu einer ganzen Online-Bibliothek erhältst. Mit über 1 Million Büchern zu über 1.000 verschiedenen Themen haben wir bestimmt alles, was du brauchst! Weitere Informationen hier.
Unterstützt Perlego Text-zu-Sprache?
Achte auf das Symbol zum Vorlesen in deinem nächsten Buch, um zu sehen, ob du es dir auch anhören kannst. Bei diesem Tool wird dir Text laut vorgelesen, wobei der Text beim Vorlesen auch grafisch hervorgehoben wird. Du kannst das Vorlesen jederzeit anhalten, beschleunigen und verlangsamen. Weitere Informationen hier.
Ist Microsoft Azure Security Technologies Certification and Beyond als Online-PDF/ePub verfügbar?
Ja, du hast Zugang zu Microsoft Azure Security Technologies Certification and Beyond von David Okeyode im PDF- und/oder ePub-Format sowie zu anderen beliebten Büchern aus Computer Science & Cyber Security. Aus unserem Katalog stehen dir über 1 Million Bücher zur Verfügung.

Information

Verlag
Packt Publishing
Jahr
2021
ISBN
9781800567047
Auflage
1
Thema
Computer Science
Thema
Cyber Security

Section 1: Implement Identity and Access Security for Azure

A common attack entry point for Azure environments is identity compromise. This is why mitigating identity security risks and configuring secure access is a key component of a comprehensive Azure security strategy. In this section, you will gain a clear understanding of Azure Active Directory (Azure AD), Microsoft's cloud-based identity and access management service, and how to secure your cloud identities using features such as multi-factor authentication, password protection, conditional access, identity protection, and privileged identity management. Not only will just the concepts and theory be made clear; we will also walk through many exercises as well!
This part of the book comprises the following chapters:
  • Chapter 1, Introduction to Azure Security
  • Chapter 2, Understanding Azure AD
  • Chapter 3, Azure AD Hybrid Identity
  • Chapter 4, Azure AD Identity Security
  • Chapter 5, Azure AD Identity Governance

Chapter 1: Introduction to Azure Security

Security is a core component of any well-architected environment, and this is no different for Azure. Every workload that your organization implements in Azure needs to be implemented with security in mind. The risk associated with not doing this could range from an attacker being able to use your Azure resources to mine cryptocurrency at your expense to an attacker being able to gain access to sensitive customer data that could result in massive fines or sanctions against your company. It could also lead to reputation damage that may lead to customers moving to a competitor.
But how does cloud security work? Is it different from traditional security? Do you have to unlearn everything that you know about managing on-premises security and start from the beginning? You'll be glad that the answer to that latter question is "No." The principles of digital security are the same whether your workload sits in a traditional on-premises data center or in a cloud environment such as Microsoft Azure. The way you apply those principles, however, is quite different. Some of those differences are due to the dynamic and elastic nature of cloud environments. The ability to rapidly provision and release resources introduces new challenges that traditional security models struggle to address effectively, but we'll be covering how to solve this in this book – that is, we'll focus on how we apply security principles to secure dynamic Azure environments.
In any discussion on Azure security, it is critical to understand the "shared responsibility model," that is, which security tasks are handled by the cloud provider (Microsoft in this case) and which tasks are handled by the cloud consumers (us). In this chapter, I will introduce this concept and show how cloud security responsibilities vary depending on the type of service that you are using in Azure – Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS). I will also walk you through how to set up an Azure subscription that you can use to follow along with the hands-on sections of this book.
In this chapter, we're going to cover the following topics; however, feel free to skip to the next chapter if the information covered is already familiar to you:
  • Shared responsibility model
  • Setting up a practice environment

Technical requirements

To follow along with the instructions in this chapter, you'll need the following:
  • An outlook.com account that you will use to sign up for your Azure subscription. Make sure that this is an account that you have not previously used to sign up for a free trial Azure subscription. This is because every Microsoft account is entitled to only one free trial signup. You can sign up for a new outlook.com account by going to https://outlook.live.com/owa/ and clicking Create free account.
  • A PC with a web browser: The PC can run Windows, macOS, or GUI-based Linux, as long as it has a web browser installed and it has internet connectivity.
  • A credit card: This will be needed during the sign-up process to validate your identity. The credit card will not be charged during the trial. You have to explicitly convert a free trial subscription to a pay-as-you-go subscription for it to be charged.
  • A valid phone number: This will also be needed to validate your identity.

Shared responsibility model

As organizations transition their workloads from their on-premises data centers to the Azure cloud platform, the responsibility of security also shifts. One of these shifts is that you are no longer solely responsible (as an organization) for all aspects of security as you may be used to in a traditional environment. Security is now a concern that both the cloud provider (Microsoft) and the cloud customers (us) share. This is called the shared responsibility model and all cloud providers, including Microsoft's competitors such as AWS and GCP, follow this model as well.
The diagram in Figure 1.1 clearly highlights this. It is from a whitepaper on the shared security model that was published by Microsoft. You can download the whitepaper from this URL: https://azure.microsoft.com/en-gb/resources/shared-responsibility-for-cloud-computing/. In the diagram, the gray represents the security responsibilities that are transferred to Microsoft when we adopt Azure, while the blue represents security...

Inhaltsverzeichnis

  1. Microsoft Azure Security Technologies Certification and Beyond
  2. Contributors
  3. Preface
  4. Section 1: Implement Identity and Access Security for Azure
  5. Chapter 1: Introduction to Azure Security
  6. Chapter 2: Understanding Azure AD
  7. Chapter 3: Azure AD Hybrid Identity
  8. Chapter 4: Azure AD Identity Security
  9. Chapter 5: Azure AD Identity Governance
  10. Section 2: Implement Azure Platform Protection
  11. Chapter 6: Implementing Perimeter Security
  12. Chapter 7: Implementing Network Security
  13. Chapter 8: Implementing Host Security
  14. Chapter 9: Implementing Container Security
  15. Section 3: Secure Storage, Applications, and Data
  16. Chapter 10: Implementing Storage Security
  17. Chapter 11: Implementing Database Security
  18. Chapter 12: Implementing Secrets, Keys, and Certificate Management with Key Vault
  19. Chapter 13: Azure Cloud Governance and Security Operations
  20. Assessments
  21. Other Books You May Enjoy
Zitierstile für Microsoft Azure Security Technologies Certification and Beyond

APA 6 Citation

Okeyode, D. (2021). Microsoft Azure Security Technologies Certification and Beyond (1st ed.). Packt Publishing. Retrieved from https://www.perlego.com/book/3043242/microsoft-azure-security-technologies-certification-and-beyond-pdf (Original work published 2021)

Chicago Citation

Okeyode, David. (2021) 2021. Microsoft Azure Security Technologies Certification and Beyond. 1st ed. Packt Publishing. https://www.perlego.com/book/3043242/microsoft-azure-security-technologies-certification-and-beyond-pdf.

Harvard Citation

Okeyode, D. (2021) Microsoft Azure Security Technologies Certification and Beyond. 1st edn. Packt Publishing. Available at: https://www.perlego.com/book/3043242/microsoft-azure-security-technologies-certification-and-beyond-pdf (Accessed: 15 October 2022).

MLA 7 Citation

Okeyode, David. Microsoft Azure Security Technologies Certification and Beyond. 1st ed. Packt Publishing, 2021. Web. 15 Oct. 2022.