Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Microsoft Cybersecurity Architect Exam Ref SC-100
  • Table Of Contents Toc
  • Feedback & Rating feedback
Microsoft Cybersecurity Architect Exam Ref SC-100

Microsoft Cybersecurity Architect Exam Ref SC-100

By : Dwayne Natwick
4.6 (11)
Buy this Book
close
close
Microsoft Cybersecurity Architect Exam Ref SC-100

Microsoft Cybersecurity Architect Exam Ref SC-100

4.6 (11)
By: Dwayne Natwick
Buy this Book

Overview of this book

Microsoft Cybersecurity Architect Exam Ref SC-100 is a comprehensive guide that will help cybersecurity professionals design and evaluate the cybersecurity architecture of Microsoft cloud services. Complete with hands-on tutorials, projects, and self-assessment questions, you’ll have everything you need to pass the SC-100 exam. This book will take you through designing a strategy for a cybersecurity architecture and evaluating the governance, risk, and compliance (GRC) of the architecture. This will include cloud-only and hybrid infrastructures, where you’ll learn how to protect using the principles of zero trust, along with evaluating security operations and the overall security posture. To make sure that you are able to take the SC-100 exam with confidence, the last chapter of this book will let you test your knowledge with a mock exam and practice questions. By the end of this book, you’ll have the knowledge you need to plan, design, and evaluate cybersecurity for Microsoft cloud and hybrid infrastructures, and pass the SC-100 exam with flying colors.
Table of Contents (20 chapters)
close
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1: The Evolution of Cybersecurity in the Cloud
Part 1: The Evolution of Cybersecurity in the Cloud
Free Chapter
2
Chapter 1: Cybersecurity in the Cloud
Chapter 1: Cybersecurity in the Cloud
What is cybersecurity?
Evolution of cybersecurity from on-premises to the cloud
Cybersecurity architecture use cases
Understanding the scope of cybersecurity in the cloud
Summary
3
Part 2: Designing a Zero-Trust Strategy and Architecture
Part 2: Designing a Zero-Trust Strategy and Architecture
4
Chapter 2: Building an Overall Security Strategy and Architecture
chevron up
Chapter 2: Building an Overall Security Strategy and Architecture
Identifying the integration points in an architecture by using the Microsoft Cybersecurity Reference Architecture
Translating business goals into security requirements
Translating security requirements into technical capabilities
Designing security for a resiliency strategy
Integrating a hybrid or multi-tenant environment into a security strategy
Developing a technical and governance strategy for traffic filtering and segmentation
Summary
5
Chapter 3: Designing a Security Operations Strategy
Chapter 3: Designing a Security Operations Strategy
Designing a logging and auditing strategy to support security operations
Developing security operations to support a hybrid or multi-cloud environment
Designing a strategy for SIEM and SOAR
Evaluating security workflows
Evaluating a security operations strategy for the incident management life cycle
Evaluating a security operations strategy for sharing technical threat intelligence
Summary
6
Chapter 4: Designing an Identity Security Strategy
Chapter 4: Designing an Identity Security Strategy
Zero Trust for identity and access management
Designing a strategy for access to cloud resources
Recommending an identity store
Recommending an authentication and authorization strategy
Designing a strategy for CA
Designing a strategy for role assignment and delegation
Designing a security strategy for privileged role access
Designing a security strategy for privileged activities
Case study – designing a Zero Trust architecture
Summary
7
Part 3: Evaluating Governance, Risk, and Compliance (GRC) Technical Strategies and Security Operations Strategies
Part 3: Evaluating Governance, Risk, and Compliance (GRC) Technical Strategies and Security Operations Strategies
8
Chapter 5: Designing a Regulatory Compliance Strategy
Chapter 5: Designing a Regulatory Compliance Strategy
Interpreting compliance requirements and translating them into specific technical capabilities
Evaluating infrastructure compliance by using Microsoft Defender for Cloud
Interpreting compliance scores and recommending actions to resolve issues or improve security
Designing the implementation of Azure Policy
Designing for data residency requirements
Translating privacy requirements into requirements for security solutions
Case study – designing for regulatory compliance
Summary
9
Chapter 6: Evaluating the Security Posture and Recommending Technical Strategies to Manage Risk
Chapter 6: Evaluating the Security Posture and Recommending Technical Strategies to Manage Risk
Evaluating the security posture by using benchmarks
Evaluating the security posture by using Microsoft Defender for Cloud
Evaluating the security posture by using Secure Scores
Evaluating the security posture of cloud workloads
Designing security for an Azure Landing Zone
Interpreting technical threat intelligence and recommending risk mitigations
Recommending security capabilities or controls to mitigate identified risks
Case study – evaluating the security posture
Summary
10
Part 4: Designing Security for Infrastructure
Part 4: Designing Security for Infrastructure
11
Chapter 7: Designing a Strategy for Securing Server and Client Endpoints
Chapter 7: Designing a Strategy for Securing Server and Client Endpoints
Planning and implementing a security strategy across teams
Specifying security baselines for server and client endpoints
Specifying security requirements for servers, including multiple platforms and operating systems
Specifying security requirements for mobile devices and clients, including endpoint protection, hardening, and configuration
Specifying requirements to secure AD DS
Designing a strategy to manage secrets, keys, and certificates
Designing a strategy for secure remote access
Understanding security operations frameworks, processes, and procedures
Case study – designing a secure architecture for endpoints
Summary
12
Chapter 8: Designing a Strategy for Securing SaaS, PaaS, and IaaS
Chapter 8: Designing a Strategy for Securing SaaS, PaaS, and IaaS
Specifying security baselines for SaaS, PaaS, and IaaS services
Specifying security requirements for IoT workloads
Specifying security requirements for data workloads, including SQL, Azure SQL Database, Azure Synapse, and Azure Cosmos DB
Specifying security requirements for storage workloads, including Azure Storage
Specifying security requirements for web workloads, including Azure App Service
Specifying security requirements for containers
Specifying security requirements for container orchestration
Case study – security requirements for IaaS, PaaS, and SaaS
Summary
13
Part 5: Designing a Strategy for Data and Applications
Part 5: Designing a Strategy for Data and Applications
14
Chapter 9: Specifying Security Requirements for Applications
Chapter 9: Specifying Security Requirements for Applications
Specifying priorities for mitigating threats to applications
Specifying a security standard for onboarding a new application
Specifying a security strategy for applications and APIs
Case study – security requirements for applications
Summary
15
Chapter 10: Designing a Strategy for Securing Data
Chapter 10: Designing a Strategy for Securing Data
Specifying priorities for mitigating threats to data
Designing a strategy to identify and protect sensitive data
Specifying an encryption standard for data at rest and in motion
Case study – designing a strategy to secure data
Summary
16
Chapter 11: Case Study Responses and Final Assessment/Mock Exam
Chapter 11: Case Study Responses and Final Assessment/Mock Exam
Case study sample responses
Mock exam practice questions
Mock exam answers and chapter reference
Summary
17
Index
Index
Why subscribe?
18
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book
Appendix: Preparing for Your Microsoft Exam
Appendix: Preparing for Your Microsoft Exam
Technical requirements
Preparing for a Microsoft exam
Resources available and accessing Microsoft Learn
Creating a Microsoft 365 trial subscription
Setting up a free month of Azure services
Exam objectives
Who should take the SC-100 exam?
Summary

Translating security requirements into technical capabilities

Now that we understand the security posture, Defense-in-depth, and shared responsibility as we begin to architect cybersecurity for the cloud, we will discuss the makeup of a security operations team and the levels of a cybersecurity attack.

In Chapter 1, Cybersecurity in the Cloud, the concept of building a defense-in-depth security strategy was discussed. In this section, we will take each of those defense-in-depth requirements and align them with some security products, services, and processes.

Figure 2.3 shows the defense-in-depth strategy:

Figure 2.3 – Defense-in-depth security diagram

Figure 2.3 – Defense-in-depth security diagram

Each of these layers can be protected with controls that a cybersecurity architect should address in the design.

Physical

The physical level of defense includes the actual hardware technology and spans the entire data center facility. In a cloud infrastructure, the cloud provider, such...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 4
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY