This course provides IT Security Professionals with the knowledge and skills needed to implement security controls, maintain an organisation’s security posture, and identify and remediate security vulnerabilities. This course includes security for identity and access, platform protection, data and applications and security operations.

As the Azure security engineer, you implement, manage, and monitor security for resources in Azure, multi-cloud, and hybrid environments as part of an end-to-end infrastructure. You implement and manage security components and configurations by using Microsoft Defender for Cloud and other tools. You ensure that the infrastructure aligns with standards and best practices such as the Microsoft Cloud Security Benchmark (MCSB).

Your responsibilities as an Azure security engineer include:

• Managing the security posture.
• Implementing threat protection.
• Identifying and remediating vulnerabilities.

You are responsible for implementing regulatory compliance controls for Azure infrastructure including identity and access, network, compute, storage, data, applications, asset management, backup and recovery, and devops security.

As an Azure security engineer, you work with architects, administrators, and developers to plan and implement solutions that meet security and compliance requirements. You may also collaborate with security operations in responding to security incidents in Azure.

Module 1: Secure Identity and Access

Module 2: Secure Networking

Module 3: Secure Compute, Storage and Databases

Module 4: Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel

By the end of the course, you should be able to: 

Successful learners will have prior knowledge and understanding of:

• Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model.
• Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods.
• Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.
• Have experience with Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI.

You should have:

• Practical experience in administration of Microsoft Azure and hybrid environments.
• Strong familiarity with Microsoft Entra ID, as well as compute, network, and storage in Azure.

The Microsoft Identity and Access Administrator course explores how to design, implement, and operate an organisation’s identity and access management systems by using Microsoft Entra ID. The end goal is to provide you knowledge to modernise identity solutions, to implement hybrid identity solutions, and to implement identity governance.

As a Microsoft identity and access administrator, you design, implement, and operate an organisation’s identity and access management by using Microsoft Entra. You configure and manage identities throughout their lifecycles for users, devices, Microsoft Azure resources, and applications. You are responsible for ensuring the application of Zero Trust principles for identity and access solutions.

As an identity and access administrator, you provide seamless experiences and self-service management capabilities for users. You plan and implement identity, authentication, and authorisation to enable access across applications and resources. You’re also responsible for troubleshooting, monitoring, and reporting on identity and access.

You collaborate with many other roles in the organisation to drive strategic identity projects, modernise identity solutions, implement hybrid identity solutions, and implement identity governance.

Module 1: Explore identity in Microsoft Entra ID

Module 2: Implement an identity management solution

Module 3: Implement an Authentication and Access Management solution

Module 4: Implement Access Management for Apps

Module 5: Plan and implement an identity governance strategy

Learn to manage tasks such as providing secure authentication and authorisation access to enterprise applications.

You will also learn to provide seamless experiences and self-service management capabilities for all users.

Finally, learn to create adaptive access and governance of your identity and access management solutions ensuring you can troubleshoot, monitor, and report on your environment.

The Identity and Access Administrator may be a single individual or a member of a larger team. Learn how this role collaborates with many other roles in the organisation to drive strategic identity projects.

You should be familiar with Azure, Microsoft 365 services and workloads, and Active Directory Domain Services (AD DS). You should also be familiar with PowerShell and Kusto Query Language (KQL).

Audience Profile

This course is for the Identity and Access Administrators who are planning to take the associated certification exam, or who are performing identity and access administration tasks in their day-to-day job. This course would also be helpful to an administrator or engineer that wants to specialise in providing identity solutions and access management systems for Azure-based solutions; playing an integral role in protecting an organisation.

The Information Security Administrator course equips you with the skills needed to plan and implement information security for sensitive data using Microsoft Purview and related services. The course covers essential topics such as information protection, data loss prevention (DLP), retention, and insider risk management. You learn how to protect data within Microsoft 365 collaboration environments from internal and external threats. Additionally, you learn how to manage security alerts and respond to incidents by investigating activities, responding to DLP alerts, and managing insider risk cases. You also learn how to protect data used by AI services within Microsoft environments and implement controls to safeguard content in these environments.

As an Information Security Administrator, you plan and implement information security of sensitive data by using Microsoft Purview and related services. You’re responsible for mitigating risks by protecting data inside collaboration environments that are managed by Microsoft 365 from internal and external threats and protecting data used by AI services. You also implement information protection, data loss prevention, retention, insider risk management, and manage information security alerts and activities.

You work with other roles that are responsible for governance, data, and security to evaluate and develop policies to address an organisation’s information security and risk reduction goals. You collaborate with workload administrators, business application owners, and governance stakeholders to implement technology solutions that support the necessary policies and controls. This role also participates in responding to information security incidents.

Module 1: Implement Microsoft Purview Information Protection

Module 2: Implement and manage Microsoft Purview Data Loss Prevention

Module 3: Implement and manage Microsoft Purview Insider Risk Management

Module 4: Protect data in AI environments with Microsoft Purview

Module 5: Implement and manage Microsoft 365 retention and recovery

Module 6: Audit and search activity in Microsoft Purview

By the end of the course, you should be able to:

• Implement Information Protection
• Implement and manage data loss prevention
• Implement and manage Microsoft Purview Insider Risk Management
• Protect data in AI environments with Microsoft Purview
• Implement and manage retention and recovery in Microsoft Purview
• Audit and search activity in Microsoft Purview

You should be familiar with all Microsoft 365 services, PowerShell, Microsoft Entra, the Microsoft Defender portal, and Microsoft Defender for Cloud Apps.

Audience Profile

As an Information Security Administrator, you plan and implement information security for sensitive data using Microsoft Purview and related services. You’re responsible for mitigating risks by protecting data within Microsoft 365 collaboration environments from internal and external threats, as well as safeguarding data used by AI services. Your role involves implementing information protection, data loss prevention (DLP), retention, and insider risk management. You also manage security alerts and respond to incidents by investigating activities, responding to DLP alerts, and managing insider risk cases. In this role, you collaborate with other roles responsible for governance, data, and security to develop policies that address your organisation’s information security and risk reduction goals. You work with workload administrators, business application owners, and governance stakeholders to implement technology solutions that support these policies and controls.

Learn how to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender XDR and  Microsoft Defender for Cloud. In this course you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Microsoft Sentinel as well as utilise Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst.

As a candidate for this certification, you’re a Microsoft security operations analyst who reduces organisational risk by:

• Rapidly remediating active attacks in cloud and on-premises environments.
• Advising on improvements to threat protection practices.
• Identifying violations of organisational policies.

As a security operations analyst, you:

• Perform triage.
• Respond to incidents.
• Mitigate risk by using exposure management.
• Hunt for threats by using threat intelligence.
• Use KQL for reporting, detections, and investigations

You also monitor, identify, investigate, and respond to threats in cloud and on-premises environments by using:

• Microsoft Defender XDR
• Security Copilot
• Microsoft Sentinel
• Microsoft Defender for Cloud workload protections
• Third-party security solutions

You collaborate with business and security leadership to define security standards for the organisation. You work with other roles across the digital enterprise to implement the standards, to enhance the security posture of an organisation, and to raise security awareness.

Module 1: Mitigate threats using Microsoft Defender XDR

Module 2: Mitigate threats using Microsoft Security Copilot

Module 3: Mitigate threats using Microsoft Purview

Module 4: Mitigate threats using Microsoft Defender for Endpoint

Module 5: Mitigate threats using Microsoft Defender for Cloud

Module 6: Create queries for Microsoft Sentinel using Kusto Query Language (KQL)

Module 7: Configure your Microsoft Sentinel environment

By the end of the course, you should be able to:

• Manage threat mitigation using Microsoft Defender XDR
• Manage threat mitigation using Microsoft Purview
• Manage threat mitigation using Microsoft Defender for Endpoint
• Manage threat mitigation using Microsoft Defender for Cloud
• Create KQL queries for Microsoft Sentinel
• Configure your environment in Microsoft Sentinel
• Manage log connection to Microsoft Sentinel
• Detect and remediate threats using Microsoft Sentinel
• Manage threat hunting in Microsoft Sentinel.

The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst.

The Microsoft Security Operations Analyst collaborates with organisational stakeholders to secure information technology systems for the organisation. Their goal is to reduce organisational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organisational policies to appropriate stakeholders.