MCE Microsoft Certified Expert Cybersecurity Architect Study Guide: Exam SC-100 9781394180226, 9781394180219, 9781394180233, 2022950346
Prep for the SC-100 exam like a pro with Sybex' latest Study Guide In the MCE Microsoft Certified Expert Cybersecu
331 161 8MB
English Pages 512 Year 2023
Table of contents :
Table of Contents
1 Cover
2 Title Page
3 Copyright
4 Dedication
5 Acknowledgments
6 About the Authors
1 About the Technical Editor
2 Introduction
1 What Is Azure?
2 About the SC-100 Certification Exam
3 Why Become a Certified Microsoft Azure Cybersecurity Architect?
4 Preparing to Become a Certified Microsoft Cybersecurity Architect
5 How to Become a Certified Microsoft Cybersecurity Architect
6 Who Should Buy This Book
7 How This Book Is Organized
8 Bonus Digital Contents
9 Conventions Used in This Book
10 Using This Book
11 SC-100 Exam Objectives
12 How to Contact the Publisher
13 Assessment Test
14 Answers to Assessment Test
15 Chapter 1: Define and Implement an Overall Security Strategy and Architecture
1 Basics of Cloud Computing
2 Introduction to Cybersecurity
3 Cybersecurity Domains
4 Getting Started with Zero Trust
5 Design Integration Points in an Architecture
6 Design Security Needs to Be Based on Business Goals
7 Decode Security Requirements to Technical Abilities
8 Design Security for a Resiliency Approach
9 Identify the Security Risks Associated with Hybrid and Multi-Tenant Environments
10 Plan Traffic Filtering and Segmentation Technical and Governance Strategies
11 Summary
12 Exam Essentials
13 Review Questions
14 Chapter 2: Define a Security Operations Strategy
1 Foundation of Security Operations and Strategy
to Support Security Operations
3 Develop Security Operations to Support a Hybrid or Multi-Cloud Environment
4 Design a Strategy for SIEM and SOAR
5 Evaluate Security Workflows
6 Evaluate a Security Operations Strategy for the Incident Management Life Cycle
7 Evaluate a Security Operations Strategy for Sharing Technical Threat Intelligence
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 3: Define an Identity Security Strategy
1 Design a Strategy for Access to Cloud Resources
2 Recommend an Identity Store (Tenants, B2B, B2C, Hybrid)
3 Recommend an Authentication and Authorization Strategy
4 Design a Strategy for Conditional Access
5 Design a Strategy for Role Assignment and Delegation
6 Design a Security Strategy for Privileged Role Access to Infrastructure Including Identity-Based Firewall Rules and Azure PIM
7 Design a Security Strategy for Privileged Activities Including PAM, Entitlement Management, and Cloud Tenant Administration
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 4: Identify a Regulatory Compliance Strategy
1 Interpret Compliance Requirements and Translate into Specific Technical Capabilities
2 Evaluate Infrastructure Compliance by Using Microsoft Defender for Cloud
3 Interpret Compliance Scores and Recommend Actions to Resolve Issues or Improve Security
4 Design and Validate Implementation of Azure Policy
5 Design for Data Residency Requirements
6 Translate Privacy Requirements into Requirements for Security Solutions
7 Summary
8 Exam Essentials
9 Review Questions
10 Chapter 5: Identify Security Posture and Recommend Technical Strategies to Manage Risk
Security
Azure Security Benchmark
2 Analyze Security Posture by Using Microsoft Defender for Cloud
3 Assess the Security Hygiene of Cloud Workloads
4 Evaluate the Security Posture of Cloud Workloads
5 Design Security for an Azure Landing Zone
6 Evaluate Security Postures by Using Secure Scores
7 Identify Technical Threats and Recommend Mitigation Measures
8 Recommend Security Capabilities or Controls to Mitigate Identified Risks
9 Summary
10 Exam Essentials
11 Review Questions
12 Chapter 6: Define a Strategy for Securing Infrastructure
1 Plan and Deploy a Security Strategy Across Teams
2 Deploy a Process for Proactive and Continuous Evolution of a Security Strategy
3 Specify Security Baselines for Server and Client Endpoints
4 Specify Security Baselines for the Server, Including Multiple Platforms and Operating Systems
5 Specify Security Requirements for Mobile Devices and Clients, Including Endpoint Protection, Hardening, and Configuration
6 Specify Requirements for Securing Active Directory Domain Services
7 Design a Strategy to Manage Secrets, Keys, and Certificates
8 Design a Strategy for Secure Remote Access
9 Design a Strategy for Securing Privileged Access
10 Summary
11 Exam Essentials
12 Review Questions
13 Chapter 7: Define a Strategy and Requirements for Securing PaaS, IaaS, and SaaS Services
1 Establish Security Baselines for SaaS, PaaS, and IaaS Services
2 Establish Security Requirements for IoT Workloads
3 Establish Security Requirements for Data Workloads, Including SQL Server, Azure SQL, Azure Synapse, and Azure Cosmos DB
4 Define the Security Requirements for Web Workloads
Determine the Security Requirements for Storage Workloads
6 Define Container Security Requirements
7 Define Container Orchestration Security Requirements
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 8: Define a Strategy and Requirements for Applications and Data
1 Knowing the Application Threat Intelligence Model
2 Specify Priorities for Mitigating Threats to Applications
3 Specify a Security Standard for Onboarding a New Application
4 Specify a Security Strategy for Applications and APIs
5 Specify Priorities for Mitigating Threats to Data
6 Design a Strategy to Identify and Protect Sensitive Data
7 Specify an Encryption Standard for Data at Rest and in Motion
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 9: Recommend Security Best Practices and Priorities
1 Recommend Best Practices for Cybersecurity Capabilities and Controls
2 Recommend Best Practices for Protecting from Insider and External Attacks
3 Recommend Best Practices for Zero Trust Security
4 Recommend Best Practices for Zero Trust Rapid Modernization Plan
5 Recommend a DevSecOps Process
6 Recommend a Methodology for Asset Protection
7 Recommend Strategies for Managing and Minimizing Risk
8 Plan for Ransomware Protection and Extortion-Based Attacks
9 Protect Assets from Ransomware Attacks
10 Recommend Microsoft Ransomware Best Practices
11 Summary
12 Exam Essentials
13 Review Questions
14 Appendix: Answers to Review Questions
1 Chapter 1: Define and Implement an Overall Security Strategy and Architecture
2 Chapter 2: Define a Security Operations
Strategy
3 Chapter 3: Define an Identity Security Strategy
4 Chapter 4: Identify a Regulatory Compliance Strategy
5 Chapter 5: Identify Security Posture and Recommend Technical Strategies to Manage Risk
6 Chapter 6: Define a Strategy for Securing Infrastructure
7 Chapter 7: Define a Strategy and Requirements for Securing PaaS, IaaS, and SaaS Services
8 Chapter 8: Define a Strategy and Requirements for Applications and Data
9 Chapter 9: Recommend Security Best Practices and Priorities
10 Index
11 End User License Agreement
Table of Contents
1 Cover
2 Title Page
3 Copyright
4 Dedication
5 Acknowledgments
6 About the Authors
1 About the Technical Editor
2 Introduction
1 What Is Azure?
2 About the SC-100 Certification Exam
3 Why Become a Certified Microsoft Azure Cybersecurity Architect?
4 Preparing to Become a Certified Microsoft Cybersecurity Architect
5 How to Become a Certified Microsoft Cybersecurity Architect
6 Who Should Buy This Book
7 How This Book Is Organized
8 Bonus Digital Contents
9 Conventions Used in This Book
10 Using This Book
11 SC-100 Exam Objectives
12 How to Contact the Publisher
13 Assessment Test
14 Answers to Assessment Test
15 Chapter 1: Define and Implement an Overall Security Strategy and Architecture
1 Basics of Cloud Computing
2 Introduction to Cybersecurity
3 Cybersecurity Domains
4 Getting Started with Zero Trust
5 Design Integration Points in an Architecture
6 Design Security Needs to Be Based on Business Goals
7 Decode Security Requirements to Technical Abilities
8 Design Security for a Resiliency Approach
9 Identify the Security Risks Associated with Hybrid and Multi-Tenant Environments
10 Plan Traffic Filtering and Segmentation Technical and Governance Strategies
11 Summary
12 Exam Essentials
13 Review Questions
14 Chapter 2: Define a Security Operations Strategy
1 Foundation of Security Operations and Strategy
to Support Security Operations
3 Develop Security Operations to Support a Hybrid or Multi-Cloud Environment
4 Design a Strategy for SIEM and SOAR
5 Evaluate Security Workflows
6 Evaluate a Security Operations Strategy for the Incident Management Life Cycle
7 Evaluate a Security Operations Strategy for Sharing Technical Threat Intelligence
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 3: Define an Identity Security Strategy
1 Design a Strategy for Access to Cloud Resources
2 Recommend an Identity Store (Tenants, B2B, B2C, Hybrid)
3 Recommend an Authentication and Authorization Strategy
4 Design a Strategy for Conditional Access
5 Design a Strategy for Role Assignment and Delegation
6 Design a Security Strategy for Privileged Role Access to Infrastructure Including Identity-Based Firewall Rules and Azure PIM
7 Design a Security Strategy for Privileged Activities Including PAM, Entitlement Management, and Cloud Tenant Administration
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 4: Identify a Regulatory Compliance Strategy
1 Interpret Compliance Requirements and Translate into Specific Technical Capabilities
2 Evaluate Infrastructure Compliance by Using Microsoft Defender for Cloud
3 Interpret Compliance Scores and Recommend Actions to Resolve Issues or Improve Security
4 Design and Validate Implementation of Azure Policy
5 Design for Data Residency Requirements
6 Translate Privacy Requirements into Requirements for Security Solutions
7 Summary
8 Exam Essentials
9 Review Questions
10 Chapter 5: Identify Security Posture and Recommend Technical Strategies to Manage Risk
Security
Azure Security Benchmark
2 Analyze Security Posture by Using Microsoft Defender for Cloud
3 Assess the Security Hygiene of Cloud Workloads
4 Evaluate the Security Posture of Cloud Workloads
5 Design Security for an Azure Landing Zone
6 Evaluate Security Postures by Using Secure Scores
7 Identify Technical Threats and Recommend Mitigation Measures
8 Recommend Security Capabilities or Controls to Mitigate Identified Risks
9 Summary
10 Exam Essentials
11 Review Questions
12 Chapter 6: Define a Strategy for Securing Infrastructure
1 Plan and Deploy a Security Strategy Across Teams
2 Deploy a Process for Proactive and Continuous Evolution of a Security Strategy
3 Specify Security Baselines for Server and Client Endpoints
4 Specify Security Baselines for the Server, Including Multiple Platforms and Operating Systems
5 Specify Security Requirements for Mobile Devices and Clients, Including Endpoint Protection, Hardening, and Configuration
6 Specify Requirements for Securing Active Directory Domain Services
7 Design a Strategy to Manage Secrets, Keys, and Certificates
8 Design a Strategy for Secure Remote Access
9 Design a Strategy for Securing Privileged Access
10 Summary
11 Exam Essentials
12 Review Questions
13 Chapter 7: Define a Strategy and Requirements for Securing PaaS, IaaS, and SaaS Services
1 Establish Security Baselines for SaaS, PaaS, and IaaS Services
2 Establish Security Requirements for IoT Workloads
3 Establish Security Requirements for Data Workloads, Including SQL Server, Azure SQL, Azure Synapse, and Azure Cosmos DB
4 Define the Security Requirements for Web Workloads
Determine the Security Requirements for Storage Workloads
6 Define Container Security Requirements
7 Define Container Orchestration Security Requirements
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 8: Define a Strategy and Requirements for Applications and Data
1 Knowing the Application Threat Intelligence Model
2 Specify Priorities for Mitigating Threats to Applications
3 Specify a Security Standard for Onboarding a New Application
4 Specify a Security Strategy for Applications and APIs
5 Specify Priorities for Mitigating Threats to Data
6 Design a Strategy to Identify and Protect Sensitive Data
7 Specify an Encryption Standard for Data at Rest and in Motion
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 9: Recommend Security Best Practices and Priorities
1 Recommend Best Practices for Cybersecurity Capabilities and Controls
2 Recommend Best Practices for Protecting from Insider and External Attacks
3 Recommend Best Practices for Zero Trust Security
4 Recommend Best Practices for Zero Trust Rapid Modernization Plan
5 Recommend a DevSecOps Process
6 Recommend a Methodology for Asset Protection
7 Recommend Strategies for Managing and Minimizing Risk
8 Plan for Ransomware Protection and Extortion-Based Attacks
9 Protect Assets from Ransomware Attacks
10 Recommend Microsoft Ransomware Best Practices
11 Summary
12 Exam Essentials
13 Review Questions
14 Appendix: Answers to Review Questions
1 Chapter 1: Define and Implement an Overall Security Strategy and Architecture
2 Chapter 2: Define a Security Operations
Strategy
3 Chapter 3: Define an Identity Security Strategy
4 Chapter 4: Identify a Regulatory Compliance Strategy
5 Chapter 5: Identify Security Posture and Recommend Technical Strategies to Manage Risk
6 Chapter 6: Define a Strategy for Securing Infrastructure
7 Chapter 7: Define a Strategy and Requirements for Securing PaaS, IaaS, and SaaS Services
8 Chapter 8: Define a Strategy and Requirements for Applications and Data
9 Chapter 9: Recommend Security Best Practices and Priorities
10 Index
11 End User License Agreement
- Author / Uploaded
- Kathiravan Udayakumar
- Puthiyavan Udayakumar
![AWS Certified Solutions Architect Study Guide, 3E- Associate SAA-C02 Exam (Aws Certified Solutions Architect Official: Associate Exam) [3 ed.]
9781119713081, 9781119713098, 9781119713104, 1119713080](https://ebin.pub/img/200x200/aws-certified-solutions-architect-study-guide-3e-associate-saa-c02-exam-aws-certified-solutions-architect-official-associate-exam-3nbsped-9781119713081-9781119713098-9781119713104-1119713080.jpg)
![Sun Certified Enterprise Architect for J2EE Study Guide: Exam 310-051 [1 ed.]
9780072226874, 0072226870](https://ebin.pub/img/200x200/sun-certified-enterprise-architect-for-j2ee-study-guide-exam-310-051-1nbsped-9780072226874-0072226870.jpg)
![Sun Certified Enterprise Architect for J2EE Study Guide (Exam 310-051) [2 ed.]
9780071488617, 0071488618](https://ebin.pub/img/200x200/sun-certified-enterprise-architect-for-j2ee-study-guide-exam-310-051-2nbsped-9780071488617-0071488618.jpg)
![AWS Certified Solutions Architect Study Guide: Associate SAA-CO2 Exam [3 ed.]
1119713080, 9781119713081](https://ebin.pub/img/200x200/aws-certified-solutions-architect-study-guide-associate-saa-co2-exam-3nbsped-1119713080-9781119713081.jpg)
![CCIE: Cisco Certified Internetwork Expert Study Guide (Exam# 350-001) [2 ed.]
0782142079, 9780782142075, 9780585488097](https://ebin.pub/img/200x200/ccie-cisco-certified-internetwork-expert-study-guide-exam-350-001-2nbsped-0782142079-9780782142075-9780585488097.jpg)
![Microsoft Certified Azure Fundamentals Study Guide: Exam AZ-900 [1 ed.]
9781119770923, 9781119768203, 9781119771159, 1119770920](https://ebin.pub/img/200x200/microsoft-certified-azure-fundamentals-study-guide-exam-az-900-1nbsped-9781119770923-9781119768203-9781119771159-1119770920.jpg)
