Microsoft Azure Security Technologies Certification and Beyond
eBook - ePub

Microsoft Azure Security Technologies Certification and Beyond

David Okeyode

  1. 526 pagine
  2. English
  3. ePUB (disponibile sull'app)
  4. Disponibile su iOS e Android
eBook - ePub

Microsoft Azure Security Technologies Certification and Beyond

David Okeyode

Dettagli del libro
Anteprima del libro
Indice dei contenuti
Citazioni

Informazioni sul libro

Excel at AZ-500 and implement multi-layered security controls to protect against rapidly evolving threats to Azure environments – now with the the latest updates to the certificationKey Features• Master AZ-500 exam objectives and learn real-world Azure security strategies• Develop practical skills to protect your organization from constantly evolving security threats• Effectively manage security governance, policies, and operations in AzureBook DescriptionExam preparation for the AZ-500 means you'll need to master all aspects of the Azure cloud platform and know how to implement them. With the help of this book, you'll gain both the knowledge and the practical skills to significantly reduce the attack surface of your Azure workloads and protect your organization from constantly evolving threats to public cloud environments like Azure. While exam preparation is one of its focuses, this book isn't just a comprehensive security guide for those looking to take the Azure Security Engineer certification exam, but also a valuable resource for those interested in securing their Azure infrastructure and keeping up with the latest updates. Complete with hands-on tutorials, projects, and self-assessment questions, this easy-to-follow guide builds a solid foundation of Azure security. You'll not only learn about security technologies in Azure but also be able to configure and manage them. Moreover, you'll develop a clear understanding of how to identify different attack vectors and mitigate risks. By the end of this book, you'll be well-versed with implementing multi-layered security to protect identities, networks, hosts, containers, databases, and storage in Azure – and more than ready to tackle the AZ-500.What you will learn• Manage users, groups, service principals, and roles effectively in Azure AD• Explore Azure AD identity security and governance capabilities• Understand how platform perimeter protection secures Azure workloads• Implement network security best practices for IaaS and PaaS• Discover various options to protect against DDoS attacks• Secure hosts and containers against evolving security threats• Configure platform governance with cloud-native tools• Monitor security operations with Azure Security Center and Azure SentinelWho this book is forThis book is a comprehensive resource aimed at those preparing for the Azure Security Engineer (AZ-500) certification exam, as well as security professionals who want to keep up to date with the latest updates. Whether you're a newly qualified or experienced security professional, cloud administrator, architect, or developer who wants to understand how to secure your Azure environment and workloads, this book is for you. Beginners without foundational knowledge of the Azure cloud platform might progress more slowly, but those who know the basics will have no trouble following along.

Domande frequenti

Come faccio ad annullare l'abbonamento?
È semplicissimo: basta accedere alla sezione Account nelle Impostazioni e cliccare su "Annulla abbonamento". Dopo la cancellazione, l'abbonamento rimarrà attivo per il periodo rimanente già pagato. Per maggiori informazioni, clicca qui
È possibile scaricare libri? Se sì, come?
Al momento è possibile scaricare tramite l'app tutti i nostri libri ePub mobile-friendly. Anche la maggior parte dei nostri PDF è scaricabile e stiamo lavorando per rendere disponibile quanto prima il download di tutti gli altri file. Per maggiori informazioni, clicca qui
Che differenza c'è tra i piani?
Entrambi i piani ti danno accesso illimitato alla libreria e a tutte le funzionalità di Perlego. Le uniche differenze sono il prezzo e il periodo di abbonamento: con il piano annuale risparmierai circa il 30% rispetto a 12 rate con quello mensile.
Cos'è Perlego?
Perlego è un servizio di abbonamento a testi accademici, che ti permette di accedere a un'intera libreria online a un prezzo inferiore rispetto a quello che pagheresti per acquistare un singolo libro al mese. Con oltre 1 milione di testi suddivisi in più di 1.000 categorie, troverai sicuramente ciò che fa per te! Per maggiori informazioni, clicca qui.
Perlego supporta la sintesi vocale?
Cerca l'icona Sintesi vocale nel prossimo libro che leggerai per verificare se è possibile riprodurre l'audio. Questo strumento permette di leggere il testo a voce alta, evidenziandolo man mano che la lettura procede. Puoi aumentare o diminuire la velocità della sintesi vocale, oppure sospendere la riproduzione. Per maggiori informazioni, clicca qui.
Microsoft Azure Security Technologies Certification and Beyond è disponibile online in formato PDF/ePub?
Sì, puoi accedere a Microsoft Azure Security Technologies Certification and Beyond di David Okeyode in formato PDF e/o ePub, così come ad altri libri molto apprezzati nelle sezioni relative a Computer Science e Cyber Security. Scopri oltre 1 milione di libri disponibili nel nostro catalogo.

Informazioni

Editore
Packt Publishing
Anno
2021
ISBN
9781800567047
Edizione
1
Argomento
Computer Science
Categoria
Cyber Security

Section 1: Implement Identity and Access Security for Azure

A common attack entry point for Azure environments is identity compromise. This is why mitigating identity security risks and configuring secure access is a key component of a comprehensive Azure security strategy. In this section, you will gain a clear understanding of Azure Active Directory (Azure AD), Microsoft's cloud-based identity and access management service, and how to secure your cloud identities using features such as multi-factor authentication, password protection, conditional access, identity protection, and privileged identity management. Not only will just the concepts and theory be made clear; we will also walk through many exercises as well!
This part of the book comprises the following chapters:
  • Chapter 1, Introduction to Azure Security
  • Chapter 2, Understanding Azure AD
  • Chapter 3, Azure AD Hybrid Identity
  • Chapter 4, Azure AD Identity Security
  • Chapter 5, Azure AD Identity Governance

Chapter 1: Introduction to Azure Security

Security is a core component of any well-architected environment, and this is no different for Azure. Every workload that your organization implements in Azure needs to be implemented with security in mind. The risk associated with not doing this could range from an attacker being able to use your Azure resources to mine cryptocurrency at your expense to an attacker being able to gain access to sensitive customer data that could result in massive fines or sanctions against your company. It could also lead to reputation damage that may lead to customers moving to a competitor.
But how does cloud security work? Is it different from traditional security? Do you have to unlearn everything that you know about managing on-premises security and start from the beginning? You'll be glad that the answer to that latter question is "No." The principles of digital security are the same whether your workload sits in a traditional on-premises data center or in a cloud environment such as Microsoft Azure. The way you apply those principles, however, is quite different. Some of those differences are due to the dynamic and elastic nature of cloud environments. The ability to rapidly provision and release resources introduces new challenges that traditional security models struggle to address effectively, but we'll be covering how to solve this in this book – that is, we'll focus on how we apply security principles to secure dynamic Azure environments.
In any discussion on Azure security, it is critical to understand the "shared responsibility model," that is, which security tasks are handled by the cloud provider (Microsoft in this case) and which tasks are handled by the cloud consumers (us). In this chapter, I will introduce this concept and show how cloud security responsibilities vary depending on the type of service that you are using in Azure – Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS). I will also walk you through how to set up an Azure subscription that you can use to follow along with the hands-on sections of this book.
In this chapter, we're going to cover the following topics; however, feel free to skip to the next chapter if the information covered is already familiar to you:
  • Shared responsibility model
  • Setting up a practice environment

Technical requirements

To follow along with the instructions in this chapter, you'll need the following:
  • An outlook.com account that you will use to sign up for your Azure subscription. Make sure that this is an account that you have not previously used to sign up for a free trial Azure subscription. This is because every Microsoft account is entitled to only one free trial signup. You can sign up for a new outlook.com account by going to https://outlook.live.com/owa/ and clicking Create free account.
  • A PC with a web browser: The PC can run Windows, macOS, or GUI-based Linux, as long as it has a web browser installed and it has internet connectivity.
  • A credit card: This will be needed during the sign-up process to validate your identity. The credit card will not be charged during the trial. You have to explicitly convert a free trial subscription to a pay-as-you-go subscription for it to be charged.
  • A valid phone number: This will also be needed to validate your identity.

Shared responsibility model

As organizations transition their workloads from their on-premises data centers to the Azure cloud platform, the responsibility of security also shifts. One of these shifts is that you are no longer solely responsible (as an organization) for all aspects of security as you may be used to in a traditional environment. Security is now a concern that both the cloud provider (Microsoft) and the cloud customers (us) share. This is called the shared responsibility model and all cloud providers, including Microsoft's competitors such as AWS and GCP, follow this model as well.
The diagram in Figure 1.1 clearly highlights this. It is from a whitepaper on the shared security model that was published by Microsoft. You can download the whitepaper from this URL: https://azure.microsoft.com/en-gb/resources/shared-responsibility-for-cloud-computing/. In the diagram, the gray represents the security responsibilities that are transferred to Microsoft when we adopt Azure, while the blue represents security...

Indice dei contenuti

  1. Microsoft Azure Security Technologies Certification and Beyond
  2. Contributors
  3. Preface
  4. Section 1: Implement Identity and Access Security for Azure
  5. Chapter 1: Introduction to Azure Security
  6. Chapter 2: Understanding Azure AD
  7. Chapter 3: Azure AD Hybrid Identity
  8. Chapter 4: Azure AD Identity Security
  9. Chapter 5: Azure AD Identity Governance
  10. Section 2: Implement Azure Platform Protection
  11. Chapter 6: Implementing Perimeter Security
  12. Chapter 7: Implementing Network Security
  13. Chapter 8: Implementing Host Security
  14. Chapter 9: Implementing Container Security
  15. Section 3: Secure Storage, Applications, and Data
  16. Chapter 10: Implementing Storage Security
  17. Chapter 11: Implementing Database Security
  18. Chapter 12: Implementing Secrets, Keys, and Certificate Management with Key Vault
  19. Chapter 13: Azure Cloud Governance and Security Operations
  20. Assessments
  21. Other Books You May Enjoy
Stili delle citazioni per Microsoft Azure Security Technologies Certification and Beyond

APA 6 Citation

Okeyode, D. (2021). Microsoft Azure Security Technologies Certification and Beyond (1st ed.). Packt Publishing. Retrieved from https://www.perlego.com/book/3043242/microsoft-azure-security-technologies-certification-and-beyond-pdf (Original work published 2021)

Chicago Citation

Okeyode, David. (2021) 2021. Microsoft Azure Security Technologies Certification and Beyond. 1st ed. Packt Publishing. https://www.perlego.com/book/3043242/microsoft-azure-security-technologies-certification-and-beyond-pdf.

Harvard Citation

Okeyode, D. (2021) Microsoft Azure Security Technologies Certification and Beyond. 1st edn. Packt Publishing. Available at: https://www.perlego.com/book/3043242/microsoft-azure-security-technologies-certification-and-beyond-pdf (Accessed: 15 October 2022).

MLA 7 Citation

Okeyode, David. Microsoft Azure Security Technologies Certification and Beyond. 1st ed. Packt Publishing, 2021. Web. 15 Oct. 2022.