Book Image

Microsoft Cybersecurity Architect Exam Ref SC-100

By : Dwayne Natwick
5 (1)
Book Image

Microsoft Cybersecurity Architect Exam Ref SC-100

5 (1)
By: Dwayne Natwick

Overview of this book

Microsoft Cybersecurity Architect Exam Ref SC-100 is a comprehensive guide that will help cybersecurity professionals design and evaluate the cybersecurity architecture of Microsoft cloud services. Complete with hands-on tutorials, projects, and self-assessment questions, you’ll have everything you need to pass the SC-100 exam. This book will take you through designing a strategy for a cybersecurity architecture and evaluating the governance, risk, and compliance (GRC) of the architecture. This will include cloud-only and hybrid infrastructures, where you’ll learn how to protect using the principles of zero trust, along with evaluating security operations and the overall security posture. To make sure that you are able to take the SC-100 exam with confidence, the last chapter of this book will let you test your knowledge with a mock exam and practice questions. By the end of this book, you’ll have the knowledge you need to plan, design, and evaluate cybersecurity for Microsoft cloud and hybrid infrastructures, and pass the SC-100 exam with flying colors.

Related Content you might be interested in

Current Title:

Small book image
Microsoft Cybersecurity Architect Exam Ref SC-100
Dwayne Natwick
Jan, 2023 | 272 pages
Small book image
Microsoft Identity and Access Administrator Exam Guide
Dwayne Natwick
Mar, 2022 | 452 pages
Small book image
Mastering Azure Security,
Tom Janetscheck | Mustafa Toroman
Apr, 2022 | 320 pages
Small book image
Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide
Trevor Stuart | Joe Anich
Mar, 2022 | 288 pages
Table of Contents (20 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1: The Evolution of Cybersecurity in the Cloud
Part 1: The Evolution of Cybersecurity in the Cloud
Free Chapter
2
Chapter 1: Cybersecurity in the Cloud
Chapter 1: Cybersecurity in the Cloud
What is cybersecurity?
Evolution of cybersecurity from on-premises to the cloud
Cybersecurity architecture use cases
Understanding the scope of cybersecurity in the cloud
Summary
3
Part 2: Designing a Zero-Trust Strategy and Architecture
Part 2: Designing a Zero-Trust Strategy and Architecture
4
Chapter 2: Building an Overall Security Strategy and Architecture
Chapter 2: Building an Overall Security Strategy and Architecture
Identifying the integration points in an architecture by using the Microsoft Cybersecurity Reference Architecture
Translating business goals into security requirements
Translating security requirements into technical capabilities
Designing security for a resiliency strategy
Integrating a hybrid or multi-tenant environment into a security strategy
Developing a technical and governance strategy for traffic filtering and segmentation
Summary
5
Chapter 3: Designing a Security Operations Strategy
Chapter 3: Designing a Security Operations Strategy
Designing a logging and auditing strategy to support security operations
Developing security operations to support a hybrid or multi-cloud environment
Designing a strategy for SIEM and SOAR
Evaluating security workflows
Evaluating a security operations strategy for the incident management life cycle
Evaluating a security operations strategy for sharing technical threat intelligence
Summary
6
Chapter 4: Designing an Identity Security Strategy
Chapter 4: Designing an Identity Security Strategy
Zero Trust for identity and access management
Designing a strategy for access to cloud resources
Recommending an identity store
Recommending an authentication and authorization strategy
Designing a strategy for CA
Designing a strategy for role assignment and delegation
Designing a security strategy for privileged role access
Designing a security strategy for privileged activities
Case study – designing a Zero Trust architecture
Summary
7
Part 3: Evaluating Governance, Risk, and Compliance (GRC) Technical Strategies and Security Operations Strategies
Part 3: Evaluating Governance, Risk, and Compliance (GRC) Technical Strategies and Security Operations Strategies
8
Chapter 5: Designing a Regulatory Compliance Strategy
Chapter 5: Designing a Regulatory Compliance Strategy
Interpreting compliance requirements and translating them into specific technical capabilities
Evaluating infrastructure compliance by using Microsoft Defender for Cloud
Interpreting compliance scores and recommending actions to resolve issues or improve security
Designing the implementation of Azure Policy
Designing for data residency requirements
Translating privacy requirements into requirements for security solutions
Case study – designing for regulatory compliance
Summary
9
Chapter 6: Evaluating the Security Posture and Recommending Technical Strategies to Manage Risk
Chapter 6: Evaluating the Security Posture and Recommending Technical Strategies to Manage Risk
Evaluating the security posture by using benchmarks
Evaluating the security posture by using Microsoft Defender for Cloud
Evaluating the security posture by using Secure Scores
Evaluating the security posture of cloud workloads
Designing security for an Azure Landing Zone
Interpreting technical threat intelligence and recommending risk mitigations
Recommending security capabilities or controls to mitigate identified risks
Case study – evaluating the security posture
Summary
10
Part 4: Designing Security for Infrastructure
Part 4: Designing Security for Infrastructure
11
Chapter 7: Designing a Strategy for Securing Server and Client Endpoints
Chapter 7: Designing a Strategy for Securing Server and Client Endpoints
Planning and implementing a security strategy across teams
Specifying security baselines for server and client endpoints
Specifying security requirements for servers, including multiple platforms and operating systems
Specifying security requirements for mobile devices and clients, including endpoint protection, hardening, and configuration
Specifying requirements to secure AD DS
Designing a strategy to manage secrets, keys, and certificates
Designing a strategy for secure remote access
Understanding security operations frameworks, processes, and procedures
Case study – designing a secure architecture for endpoints
Summary
12
Chapter 8: Designing a Strategy for Securing SaaS, PaaS, and IaaS
Chapter 8: Designing a Strategy for Securing SaaS, PaaS, and IaaS
Specifying security baselines for SaaS, PaaS, and IaaS services
Specifying security requirements for IoT workloads
Specifying security requirements for data workloads, including SQL, Azure SQL Database, Azure Synapse, and Azure Cosmos DB
Specifying security requirements for storage workloads, including Azure Storage
Specifying security requirements for web workloads, including Azure App Service
Specifying security requirements for containers
Specifying security requirements for container orchestration
Case study – security requirements for IaaS, PaaS, and SaaS
Summary
13
Part 5: Designing a Strategy for Data and Applications
Part 5: Designing a Strategy for Data and Applications
14
Chapter 9: Specifying Security Requirements for Applications
Chapter 9: Specifying Security Requirements for Applications
Specifying priorities for mitigating threats to applications
Specifying a security standard for onboarding a new application
Specifying a security strategy for applications and APIs
Case study – security requirements for applications
Summary
15
Chapter 10: Designing a Strategy for Securing Data
Chapter 10: Designing a Strategy for Securing Data
Specifying priorities for mitigating threats to data
Designing a strategy to identify and protect sensitive data
Specifying an encryption standard for data at rest and in motion
Case study – designing a strategy to secure data
Summary
16
Chapter 11: Case Study Responses and Final Assessment/Mock Exam
Chapter 11: Case Study Responses and Final Assessment/Mock Exam
Case study sample responses
Mock exam practice questions
Mock exam answers and chapter reference
Summary
17
Index
Index
Why subscribe?
18
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book
Appendix: Preparing for Your Microsoft Exam
Appendix: Preparing for Your Microsoft Exam
Technical requirements
Preparing for a Microsoft exam
Resources available and accessing Microsoft Learn
Creating a Microsoft 365 trial subscription
Setting up a free month of Azure services
Exam objectives
Who should take the SC-100 exam?
Summary

Designing a strategy for SIEM and SOAR

As stated in the previous section, an important aspect of the security operations strategy is the ability to create an architecture that utilizes tools for the SOC team to hunt and investigate activity and event log data from multiple sources. SIEM and SOAR solutions can facilitate this capability. Let’s define the two for clarity.

A security information event management (SIEM) solution is usually deployed within a security operations center that gathers logs and events from various appliances and software within an IT infrastructure. A SIEM solution then analyzes the logs and events for potential threats by searching for behavior that is not typical of best practices or may be seen as anomalous or atypical. The benefit of a SIEM is that without one, security operations personnel would need to review each of these log and event files manually. Since there are thousands of log and event files within companies, this option has the potential...

Previous Section
End of Section 4
Next Section