Book Image

Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900

By : Dwayne Natwick
Book Image

Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900

By: Dwayne Natwick

Overview of this book

Cloud technologies have made building a defense-in-depth security strategy of paramount importance. Without proper planning and discipline in deploying the security posture across Microsoft 365 and Azure, you are compromising your infrastructure and data. Microsoft Security, Compliance, and Identity Fundamentals is a comprehensive guide that covers all of the exam objectives for the SC-900 exam while walking you through the core security services available for Microsoft 365 and Azure. This book starts by simplifying the concepts of security, compliance, and identity before helping you get to grips with Azure Active Directory, covering the capabilities of Microsoft’s identity and access management (IAM) solutions. You'll then advance to compliance center, information protection, and governance in Microsoft 365. You'll find out all you need to know about the services available within Azure and Microsoft 365 for building a defense-in-depth security posture, and finally become familiar with Microsoft's compliance monitoring capabilities. By the end of the book, you'll have gained the knowledge you need to take the SC-900 certification exam and implement solutions in real-life scenarios.
Table of Contents (24 chapters)
1
Section 1: Exam Overview
3
Section 2: The Key Concepts of Security, Compliance, and Identity
7
Section 3: The Microsoft Identity Management Solutions
11
Section 4: The Microsoft Security Solutions for Microsoft 365 and Azure
17
Section 5: The Microsoft Compliance Monitoring Capabilities within Microsoft 365 and Azure

Chapter 8: Describing Basic Security Services and Management Capabilities in Azure

The previous chapter covered understanding about identity and access protection and governance in Azure AD with Conditional Access policies, Azure Identity Protection, entitlement management, and Privileged Identity Management. In this chapter, we will describe the various security services within Azure for network, compute, and data protection. This will include perimeter and application security services.

In this chapter, we're going to cover the following main topics:

  • Describe network segmentation
  • Describe Azure Network Security Groups
  • Describe Azure DDoS protection
  • Describe Azure Firewall and Web Application Firewall
  • Describe secure remote management of virtual machines
  • Describe Azure data encryption