Chapter 3: Designing a Security Operations Strategy | Microsoft Cybersecurity Architect Exam Ref SC-100

Book Overview & Buying
Table Of Contents
Feedback & Rating

Microsoft Cybersecurity Architect Exam Ref SC-100

By : Dwayne Natwick

4.6 (11)

Buy this Book

Microsoft Cybersecurity Architect Exam Ref SC-100

4.6 (11)

By: Dwayne Natwick

Buy this Book

Overview of this book

Microsoft Cybersecurity Architect Exam Ref SC-100 is a comprehensive guide that will help cybersecurity professionals design and evaluate the cybersecurity architecture of Microsoft cloud services. Complete with hands-on tutorials, projects, and self-assessment questions, you’ll have everything you need to pass the SC-100 exam. This book will take you through designing a strategy for a cybersecurity architecture and evaluating the governance, risk, and compliance (GRC) of the architecture. This will include cloud-only and hybrid infrastructures, where you’ll learn how to protect using the principles of zero trust, along with evaluating security operations and the overall security posture. To make sure that you are able to take the SC-100 exam with confidence, the last chapter of this book will let you test your knowledge with a mock exam and practice questions. By the end of this book, you’ll have the knowledge you need to plan, design, and evaluate cybersecurity for Microsoft cloud and hybrid infrastructures, and pass the SC-100 exam with flying colors.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Share Your Thoughts

Download a free PDF copy of this book

Part 1: The Evolution of Cybersecurity in the Cloud

Free Chapter

Chapter 1: Cybersecurity in the Cloud

What is cybersecurity?

Evolution of cybersecurity from on-premises to the cloud

Cybersecurity architecture use cases

Understanding the scope of cybersecurity in the cloud

Summary

Part 2: Designing a Zero-Trust Strategy and Architecture

Chapter 2: Building an Overall Security Strategy and Architecture

Identifying the integration points in an architecture by using the Microsoft Cybersecurity Reference Architecture

Translating business goals into security requirements

Translating security requirements into technical capabilities

Designing security for a resiliency strategy

Integrating a hybrid or multi-tenant environment into a security strategy

Developing a technical and governance strategy for traffic filtering and segmentation

Summary

Chapter 3: Designing a Security Operations Strategy

Designing a logging and auditing strategy to support security operations

Developing security operations to support a hybrid or multi-cloud environment

Designing a strategy for SIEM and SOAR

Evaluating security workflows

Evaluating a security operations strategy for the incident management life cycle

Evaluating a security operations strategy for sharing technical threat intelligence

Summary

Chapter 4: Designing an Identity Security Strategy

Zero Trust for identity and access management

Designing a strategy for access to cloud resources

Recommending an identity store

Recommending an authentication and authorization strategy

Designing a strategy for CA

Designing a strategy for role assignment and delegation

Designing a security strategy for privileged role access

Designing a security strategy for privileged activities

Case study – designing a Zero Trust architecture

Summary

Part 3: Evaluating Governance, Risk, and Compliance (GRC) Technical Strategies and Security Operations Strategies

Chapter 5: Designing a Regulatory Compliance Strategy

Interpreting compliance requirements and translating them into specific technical capabilities

Evaluating infrastructure compliance by using Microsoft Defender for Cloud

Interpreting compliance scores and recommending actions to resolve issues or improve security

Designing the implementation of Azure Policy

Designing for data residency requirements

Translating privacy requirements into requirements for security solutions

Case study – designing for regulatory compliance

Summary

Chapter 6: Evaluating the Security Posture and Recommending Technical Strategies to Manage Risk

Evaluating the security posture by using benchmarks

Evaluating the security posture by using Microsoft Defender for Cloud

Evaluating the security posture by using Secure Scores

Evaluating the security posture of cloud workloads

Designing security for an Azure Landing Zone

Interpreting technical threat intelligence and recommending risk mitigations

Recommending security capabilities or controls to mitigate identified risks

Case study – evaluating the security posture

Summary

Part 4: Designing Security for Infrastructure

Chapter 7: Designing a Strategy for Securing Server and Client Endpoints

Planning and implementing a security strategy across teams

Specifying security baselines for server and client endpoints

Specifying security requirements for servers, including multiple platforms and operating systems

Specifying security requirements for mobile devices and clients, including endpoint protection, hardening, and configuration

Specifying requirements to secure AD DS

Designing a strategy to manage secrets, keys, and certificates

Designing a strategy for secure remote access

Understanding security operations frameworks, processes, and procedures

Case study – designing a secure architecture for endpoints

Summary

Chapter 8: Designing a Strategy for Securing SaaS, PaaS, and IaaS

Specifying security baselines for SaaS, PaaS, and IaaS services

Specifying security requirements for IoT workloads

Specifying security requirements for data workloads, including SQL, Azure SQL Database, Azure Synapse, and Azure Cosmos DB

Specifying security requirements for storage workloads, including Azure Storage

Specifying security requirements for web workloads, including Azure App Service

Specifying security requirements for containers

Specifying security requirements for container orchestration

Case study – security requirements for IaaS, PaaS, and SaaS

Summary

Part 5: Designing a Strategy for Data and Applications

Chapter 9: Specifying Security Requirements for Applications

Specifying priorities for mitigating threats to applications

Specifying a security standard for onboarding a new application

Specifying a security strategy for applications and APIs

Case study – security requirements for applications

Summary

Chapter 10: Designing a Strategy for Securing Data

Specifying priorities for mitigating threats to data

Designing a strategy to identify and protect sensitive data

Specifying an encryption standard for data at rest and in motion

Case study – designing a strategy to secure data

Summary

Chapter 11: Case Study Responses and Final Assessment/Mock Exam

Case study sample responses

Mock exam practice questions

Mock exam answers and chapter reference

Summary

Index

Why subscribe?

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Download a free PDF copy of this book

Appendix: Preparing for Your Microsoft Exam

Technical requirements

Preparing for a Microsoft exam

Resources available and accessing Microsoft Learn

Creating a Microsoft 365 trial subscription

Setting up a free month of Azure services

Exam objectives

Who should take the SC-100 exam?

Summary

Customer Reviews

4.6 (11)

5 star

90.9%

4 star

3 star

2 star

1 star

9.1%

Microsoft Cybersecurity Architect Exam Ref SC-100

By : Dwayne Natwick

Microsoft Cybersecurity Architect Exam Ref SC-100

By: Dwayne Natwick

Overview of this book

Evaluating a security operations strategy for the incident management life cycle

Unlock full access

Continue reading for free

Microsoft Cybersecurity Architect Exam Ref SC-100

By : Dwayne Natwick

Microsoft Cybersecurity Architect Exam Ref SC-100

By: Dwayne Natwick

Overview of this book

Evaluating a security operations strategy for the incident management life cycle

Unlock full access

Continue reading for free

Create a Note

Delete Bookmark

Delete Note

Confirmation

Buy this book with your credits?