Microsoft Cybersecurity Architect (SC-100)

SC100
Avanzado
Security, compliance and identity
25 horas
625 €
Convocatorias
Inicio - Fin
Horario  
27 mar. - 31 mar. Lun, Mar, Mie, Jue, Vie de 09:00 a 14:00 Sin definir
11 abr. - 20 abr. Mar, Mie, Jue de 15:50 a 20:00 Sin definir
22 may. - 26 may. Lun, Mar, Mie, Jue, Vie de 09:00 a 14:00 Sin definir
Descripción

Este curso prepara a los alumnos con la experiencia para diseñar y evaluar estrategias de ciberseguridad en las siguientes áreas: Confianza cero; gobernanza, riesgo y cumplimiento (GRC), operaciones de seguridad (SecOps) y datos y aplicaciones. Los alumnos también aprenderán a diseñar soluciones siguiendo los principios de confianza cero y a especificar los requisitos de seguridad para la infraestructura en la nube en diferentes modelos de servicio (SaaS, PaaS, IaaS).

Antes de asistir a este curso, los estudiantes deben tener:

  • Se recomienda encarecidamente haber asistido y superado una de las certificaciones de nivel asociado en la cartera de seguridad, cumplimiento e identidad (como AZ-500, SC-200 o SC-300)

  • Experiencia avanzada y conocimientos sobre la identidad y el acceso, la protección de plataformas, las operaciones de seguridad, la protección de datos y la protección de aplicaciones.

  • Experiencia en implementaciones híbridas y en la nube.

Objetivos

Este curso prepara para la obtención de la certificación SC-100: Microsoft Cybersecurity Architect.

Este examen mide su capacidad de llevar a cabo las siguientes tareas técnicas:

  • Diseñar una estrategia y arquitectura de Confianza cero
  • Evaluar estrategias técnicas de cumplimiento de riesgos de gobernanza (GRC) y estrategias de operaciones de seguridad
  • Diseñar la seguridad para la infraestructura
  • Diseñar una estrategia para datos y aplicaciones
  • Recomendar prioridades y procedimientos recomendados de seguridad.
Contenido

Module 1: Build an overall security strategy and architecture

  • Introduction
  • Zero Trust overview
  • Develop Integration points in an architecture
  • Develop security requirements based on business goals
  • Translate security requirements into technical capabilities
  • Design security for a resiliency strategy
  • Design a security strategy for hybrid and multi-tenant environments
  • Design technical and governance strategies for traffic filtering and segmentation

Module 2: Design a security operations strategy

  • Introduction
  • Understand security operations frameworks, processes, and procedures
  • Design a logging and auditing security strategy
  • Develop security operations for hybrid and multi-cloud environments
  • Design a strategy for Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR)
  • Evaluate security workflows
  • Review security strategies for incident management
  • Evaluate security operations strategy for sharing technical threat intelligence
  • Monitor sources for insights on threats and mitigations

Module 3: Design an identity security strategy

  • Introduction
  • Secure access to cloud resources
  • Recommend an identity store for security
  • Recommend secure authentication and security authorization strategies
  • Secure conditional access
  • Design a strategy for role assignment and delegation
  • Define Identity governance for access reviews and entitlement management
  • Design a security strategy for privileged role access to infrastructure
  • Design a security strategy for privileged activities
  • Understand security for protocols

Module 4: Evaluate a regulatory compliance strategy

  • Introduction
  • Interpret compliance requirements and their technical capabilities
  • Evaluate infrastructure compliance by using Microsoft Defender for Cloud
  • Interpret compliance scores and recommend actions to resolve issues or improve security
  • Design and validate implementation of Azure Policy
  • Design for data residency Requirements
  • Translate privacy requirements into requirements for security solutions

Module 5: Evaluate security posture and recommend technical strategies to manage risk

  • Introduction
  • Evaluate security postures by using benchmarks
  • Evaluate security postures by using Microsoft Defender for Cloud
  • Evaluate security postures by using Secure Scores
  • Evaluate security hygiene of Cloud Workloads
  • Design security for an Azure Landing Zone
  • Interpret technical threat intelligence and recommend risk mitigations
  • Recommend security capabilities or controls to mitigate identified risks

Module 6: Understand architecture best practices and how they are changing with the Cloud

  • Introduction
  • Plan and implement a security strategy across teams
  • Establish a strategy and process for proactive and continuous evolution of a security strategy
  • Understand network protocols and best practices for network segmentation and traffic filtering

Module 7: Design a strategy for securing server and client endpoints

  • Introduction
  • Specify security baselines for server and client endpoints
  • Specify security requirements for servers
  • Specify security requirements for mobile devices and clients
  • Specify requirements for securing Active Directory Domain Services
  • Design a strategy to manage secrets, keys, and certificates
  • Design a strategy for secure remote access
  • Understand security operations frameworks, processes, and procedures
  • Understand deep forensics procedures by resource type

Module 8: Design a strategy for securing PaaS, IaaS, and SaaS services

  • Introduction
  • Specify security baselines for PaaS services
  • Specify security baselines for IaaS services
  • Specify security baselines for SaaS services
  • Specify security requirements for IoT workloads
  • Specify security requirements for data workloads
  • Specify security requirements for web workloads
  • Specify security requirements for storage workloads
  • Specify security requirements for containers
  • Specify security requirements for container orchestration

Module 9: Specify security requirements for applications

  • Introduction
  • Understand application threat modeling
  • Specify priorities for mitigating threats to applications
  • Specify a security standard for onboarding a new application
  • Specify a security strategy for applications and APIs

Module 10: Design a strategy for securing data

  • Introduction
  • Prioritize mitigating threats to data
  • Design a strategy to identify and protect sensitive data
  • Specify an encryption standard for data at rest and in motion

Module 11: Recommend security best practices using Microsoft Cybersecurity Reference Architectures (MCRA) and Microsoft Cloud Security Benchmarks

  • Introduction
  • Recommend best practices for cybersecurity capabilities and controls
  • Recommend best practices for protecting from insider and external attacks
  • Recommend best practices for Zero Trust security
  • Recommend best practices for Zero Trust Rapid Modernization Plan


Module 12: Recommend a secure methodology using the Cloud Adoption Framework (CAF)

  • Introduction
  • Recommend a DevSecOps process
  • Recommend a methodology for asset protection
  • Recommend strategies for managing and minimizing risk


Module 13: Recommend a ransomware strategy by using Microsoft Security Best Practices

  • Introduction
  • Plan for ransomware protection and extortion-based attacks
  • Protect assets from ransomware attacks
  • Recommend Microsoft ransomware best practices