Preface

• Who this book is for
• What this book covers
• To get the most out of this book
• Download the color images
• Conventions used
• Get in touch
• Share Your Thoughts

1. Part 1: The Evolution of Cybersecurity in the Cloud

2. Chapter 1: Cybersecurity in the Cloud FREE CHAPTER

• What is cybersecurity?
• Evolution of cybersecurity from on-premises to the cloud
• Cybersecurity architecture use cases
• Understanding the scope of cybersecurity in the cloud
• Summary

3. Part 2: Designing a Zero-Trust Strategy and Architecture

4. Chapter 2: Building an Overall Security Strategy and Architecture

• Identifying the integration points in an architecture by using the Microsoft Cybersecurity Reference Architecture
• Translating business goals into security requirements
• Translating security requirements into technical capabilities
• Designing security for a resiliency strategy
• Integrating a hybrid or multi-tenant environment into a security strategy
• Developing a technical and governance strategy for traffic filtering and segmentation
• Summary

5. Chapter 3: Designing a Security Operations Strategy

• Designing a logging and auditing strategy to support security operations
• Developing security operations to support a hybrid or multi-cloud environment
• Designing a strategy for SIEM and SOAR
• Evaluating security workflows
• Evaluating a security operations strategy for the incident management life cycle
• Evaluating a security operations strategy for sharing technical threat intelligence
• Summary

6. Chapter 4: Designing an Identity Security Strategy

• Zero Trust for identity and access management
• Designing a strategy for access to cloud resources
• Recommending an identity store
• Recommending an authentication and authorization strategy
• Designing a strategy for CA
• Designing a strategy for role assignment and delegation
• Designing a security strategy for privileged role access
• Designing a security strategy for privileged activities
• Case study – designing a Zero Trust architecture
• Summary

7. Part 3: Evaluating Governance, Risk, and Compliance (GRC) Technical Strategies and Security Operations Strategies

8. Chapter 5: Designing a Regulatory Compliance Strategy

• Interpreting compliance requirements and translating them into specific technical capabilities
• Evaluating infrastructure compliance by using Microsoft Defender for Cloud
• Interpreting compliance scores and recommending actions to resolve issues or improve security
• Designing the implementation of Azure Policy
• Designing for data residency requirements
• Translating privacy requirements into requirements for security solutions
• Case study – designing for regulatory compliance
• Summary

9. Chapter 6: Evaluating the Security Posture and Recommending Technical Strategies to Manage Risk

• Evaluating the security posture by using benchmarks
• Evaluating the security posture by using Microsoft Defender for Cloud
• Evaluating the security posture by using Secure Scores
• Evaluating the security posture of cloud workloads
• Designing security for an Azure Landing Zone
• Interpreting technical threat intelligence and recommending risk mitigations
• Recommending security capabilities or controls to mitigate identified risks
• Case study – evaluating the security posture
• Summary

10. Part 4: Designing Security for Infrastructure

11. Chapter 7: Designing a Strategy for Securing Server and Client Endpoints

• Planning and implementing a security strategy across teams
• Specifying security baselines for server and client endpoints
• Specifying security requirements for servers, including multiple platforms and operating systems
• Specifying security requirements for mobile devices and clients, including endpoint protection, hardening, and configuration
• Specifying requirements to secure AD DS
• Designing a strategy to manage secrets, keys, and certificates
• Designing a strategy for secure remote access
• Understanding security operations frameworks, processes, and procedures
• Case study – designing a secure architecture for endpoints
• Summary

12. Chapter 8: Designing a Strategy for Securing SaaS, PaaS, and IaaS

• Specifying security baselines for SaaS, PaaS, and IaaS services
• Specifying security requirements for IoT workloads
• Specifying security requirements for data workloads, including SQL, Azure SQL Database, Azure Synapse, and Azure Cosmos DB
• Specifying security requirements for storage workloads, including Azure Storage
• Specifying security requirements for web workloads, including Azure App Service
• Specifying security requirements for containers
• Specifying security requirements for container orchestration
• Case study – security requirements for IaaS, PaaS, and SaaS
• Summary

13. Part 5: Designing a Strategy for Data and Applications

14. Chapter 9: Specifying Security Requirements for Applications

• Specifying priorities for mitigating threats to applications
• Specifying a security standard for onboarding a new application
• Specifying a security strategy for applications and APIs
• Case study – security requirements for applications
• Summary

15. Chapter 10: Designing a Strategy for Securing Data

• Specifying priorities for mitigating threats to data
• Designing a strategy to identify and protect sensitive data
• Specifying an encryption standard for data at rest and in motion
• Case study – designing a strategy to secure data
• Summary

16. Chapter 11: Case Study Responses and Final Assessment/Mock Exam

• Case study sample responses
• Mock exam practice questions
• Mock exam answers and chapter reference
• Summary

17. Index

• Why subscribe?

18. Other Books You May Enjoy

• Packt is searching for authors like you
• Share Your Thoughts
• Download a free PDF copy of this book

Appendix: Preparing for Your Microsoft Exam

• Technical requirements
• Preparing for a Microsoft exam
• Resources available and accessing Microsoft Learn
• Creating a Microsoft 365 trial subscription
• Setting up a free month of Azure services
• Exam objectives
• Who should take the SC-100 exam?
• Summary