MCE Microsoft Certified Expert Cybersecurity Architect Study Guide: Exam SC-100
9781394180226, 9781394180219, 9781394180233, 2022950346
Prep for the SC-100 exam like a pro with Sybex' latest Study Guide
In the MCE Microsoft Certified Expert Cybersecu
516
215
8MB
English
Pages 512
Year 2023
Report DMCA / Copyright
DOWNLOAD EPUB FILE
Table of contents :
Table of Contents
1 Cover
2 Title Page
3 Copyright
4 Dedication
5 Acknowledgments
6 About the Authors
1 About the Technical Editor
2 Introduction
1 What Is Azure?
2 About the SC-100 Certification Exam
3 Why Become a Certified Microsoft Azure Cybersecurity Architect?
4 Preparing to Become a Certified Microsoft Cybersecurity Architect
5 How to Become a Certified Microsoft Cybersecurity Architect
6 Who Should Buy This Book
7 How This Book Is Organized
8 Bonus Digital Contents
9 Conventions Used in This Book
10 Using This Book
11 SC-100 Exam Objectives
12 How to Contact the Publisher
13 Assessment Test
14 Answers to Assessment Test
15 Chapter 1: Define and Implement an Overall Security Strategy and Architecture
1 Basics of Cloud Computing
2 Introduction to Cybersecurity
3 Cybersecurity Domains
4 Getting Started with Zero Trust
5 Design Integration Points in an Architecture
6 Design Security Needs to Be Based on Business Goals
7 Decode Security Requirements to Technical Abilities
8 Design Security for a Resiliency Approach
9 Identify the Security Risks Associated with Hybrid and Multi-Tenant Environments
10 Plan Traffic Filtering and Segmentation Technical and Governance Strategies
11 Summary
12 Exam Essentials
13 Review Questions
14 Chapter 2: Define a Security Operations Strategy
1 Foundation of Security Operations and Strategy
to Support Security Operations
3 Develop Security Operations to Support a Hybrid or Multi-Cloud Environment
4 Design a Strategy for SIEM and SOAR
5 Evaluate Security Workflows
6 Evaluate a Security Operations Strategy for the Incident Management Life Cycle
7 Evaluate a Security Operations Strategy for Sharing Technical Threat Intelligence
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 3: Define an Identity Security Strategy
1 Design a Strategy for Access to Cloud Resources
2 Recommend an Identity Store (Tenants, B2B, B2C, Hybrid)
3 Recommend an Authentication and Authorization Strategy
4 Design a Strategy for Conditional Access
5 Design a Strategy for Role Assignment and Delegation
6 Design a Security Strategy for Privileged Role Access to Infrastructure Including Identity-Based Firewall Rules and Azure PIM
7 Design a Security Strategy for Privileged Activities Including PAM, Entitlement Management, and Cloud Tenant Administration
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 4: Identify a Regulatory Compliance Strategy
1 Interpret Compliance Requirements and Translate into Specific Technical Capabilities
2 Evaluate Infrastructure Compliance by Using Microsoft Defender for Cloud
3 Interpret Compliance Scores and Recommend Actions to Resolve Issues or Improve Security
4 Design and Validate Implementation of Azure Policy
5 Design for Data Residency Requirements
6 Translate Privacy Requirements into Requirements for Security Solutions
7 Summary
8 Exam Essentials
9 Review Questions
10 Chapter 5: Identify Security Posture and Recommend Technical Strategies to Manage Risk
Security
Azure Security Benchmark
2 Analyze Security Posture by Using Microsoft Defender for Cloud
3 Assess the Security Hygiene of Cloud Workloads
4 Evaluate the Security Posture of Cloud Workloads
5 Design Security for an Azure Landing Zone
6 Evaluate Security Postures by Using Secure Scores
7 Identify Technical Threats and Recommend Mitigation Measures
8 Recommend Security Capabilities or Controls to Mitigate Identified Risks
9 Summary
10 Exam Essentials
11 Review Questions
12 Chapter 6: Define a Strategy for Securing Infrastructure
1 Plan and Deploy a Security Strategy Across Teams
2 Deploy a Process for Proactive and Continuous Evolution of a Security Strategy
3 Specify Security Baselines for Server and Client Endpoints
4 Specify Security Baselines for the Server, Including Multiple Platforms and Operating Systems
5 Specify Security Requirements for Mobile Devices and Clients, Including Endpoint Protection, Hardening, and Configuration
6 Specify Requirements for Securing Active Directory Domain Services
7 Design a Strategy to Manage Secrets, Keys, and Certificates
8 Design a Strategy for Secure Remote Access
9 Design a Strategy for Securing Privileged Access
10 Summary
11 Exam Essentials
12 Review Questions
13 Chapter 7: Define a Strategy and Requirements for Securing PaaS, IaaS, and SaaS Services
1 Establish Security Baselines for SaaS, PaaS, and IaaS Services
2 Establish Security Requirements for IoT Workloads
3 Establish Security Requirements for Data Workloads, Including SQL Server, Azure SQL, Azure Synapse, and Azure Cosmos DB
4 Define the Security Requirements for Web Workloads
Determine the Security Requirements for Storage Workloads
6 Define Container Security Requirements
7 Define Container Orchestration Security Requirements
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 8: Define a Strategy and Requirements for Applications and Data
1 Knowing the Application Threat Intelligence Model
2 Specify Priorities for Mitigating Threats to Applications
3 Specify a Security Standard for Onboarding a New Application
4 Specify a Security Strategy for Applications and APIs
5 Specify Priorities for Mitigating Threats to Data
6 Design a Strategy to Identify and Protect Sensitive Data
7 Specify an Encryption Standard for Data at Rest and in Motion
8 Summary
9 Exam Essentials
10 Review Questions
11 Chapter 9: Recommend Security Best Practices and Priorities
1 Recommend Best Practices for Cybersecurity Capabilities and Controls
2 Recommend Best Practices for Protecting from Insider and External Attacks
3 Recommend Best Practices for Zero Trust Security
4 Recommend Best Practices for Zero Trust Rapid Modernization Plan
5 Recommend a DevSecOps Process
6 Recommend a Methodology for Asset Protection
7 Recommend Strategies for Managing and Minimizing Risk
8 Plan for Ransomware Protection and Extortion-Based Attacks
9 Protect Assets from Ransomware Attacks
10 Recommend Microsoft Ransomware Best Practices
11 Summary
12 Exam Essentials
13 Review Questions
14 Appendix: Answers to Review Questions
1 Chapter 1: Define and Implement an Overall Security Strategy and Architecture
2 Chapter 2: Define a Security Operations
Strategy
3 Chapter 3: Define an Identity Security Strategy
4 Chapter 4: Identify a Regulatory Compliance Strategy
5 Chapter 5: Identify Security Posture and Recommend Technical Strategies to Manage Risk
6 Chapter 6: Define a Strategy for Securing Infrastructure
7 Chapter 7: Define a Strategy and Requirements for Securing PaaS, IaaS, and SaaS Services
8 Chapter 8: Define a Strategy and Requirements for Applications and Data
9 Chapter 9: Recommend Security Best Practices and Priorities
10 Index
11 End User License Agreement