Sale!

Azure Security MEAP V03 1st Edition by Bojan Magusic ISBN 9781633438811 1633438813

Name: Azure Security MEAP V03 1st Edition by Bojan Magusic ISBN 9781633438811 1633438813
SKU: EB-47545342
Availability: InStock

Original price was: $50.00.Current price is: $25.00.

Azure Security (MEAP V03) Bojan Magusic Digital Instant Download

Author(s): Bojan Magusic

ISBN(s): 9781633438811, 1633438813

Edition: Chapters 1 to 4 of 11

File Details: PDF, 4.15 MB

Year: 2023

Language: English

SKU: EB-47545342 Category: Computers - Security Tag: Bojan Magusic

Description

Azure Security MEAP V03 1st Edition by Bojan Magusic – Ebook PDF Instant Download/Delivery: 9781633438811 ,1633438813
Full download Azure Security MEAP V03 1st Edition after payment

Product details:

ISBN 10: 1633438813
ISBN 13: 9781633438811
Author: Bojan Magusic

Secure your Azure applications the right way with the expert DevSecOps techniques you’ll learn in this essential handbook.In Azure Security you’ll learn vital security skills, including how to• Configure Conditional Access policies to implement secure access• Implement Azure Web Application Firewall (WAF) on Application Gateway and Azure Front Door• Deploy Azure Firewall Premium to monitor network activities for malicious activity• Enable Microsoft Defender for Cloud to continuously assess your workloads for misconfiguration• Use Microsoft Sentinel to create analytics rules to detect threats and suspicious activity• Set up Azure Policy to ensure that resource states and deployment is compliant with your business rulesAs a Program Manager at Microsoft, Bojan Magusic has helped numerous Fortune 500 companies improve their security posture in Azure. Now, in Azure Security he brings his experience from the cyber security frontline to ensure your Azure cloud-based systems are safe and secure. Correctly set up out-of-the-box Azure services to protect your web apps against both common and sophisticated threats, learn to continuously assess your systems for vulnerabilities, and discover cutting-edge operations for security hygiene, monitoring, and DevSecOps.about the technologyAttacks against cloud-based applications are increasingly common and sophisticated. It’s vital for any developer or resource owner to understand how to properly configure their Azure cloud environments and establish reliable security best practices. The Azure platform comes with dozens of built-in security tools to help keep your systems safe. This book will teach you exactly how to set them up for maximum effectiveness.about the bookAzure Security is a practical guide to the native security services of Microsoft Azure. You’ll learn how to use Azure tools to improve your systems security and get an insider’s perspective on establishing a DevSecOps program using the capabilities of Microsoft Defender

Azure Security MEAP V03 1st Edition Table of contents:

Part 1. First steps

1 About Azure security

1.1 Cybersecurity as an infinite game

1.2 Shared responsibility model

1.3 Azure security services

1.4 The threat landscape

1.5 Cloud security challenges

1.6 Digital medievalism

1.7 The zero trust security model

1.8 Defense in depth

1.8.1 Securing identities

1.8.2 Securing infrastructure and networking resources

1.8.3 Securing applications and data

1.8.4 Heroes and villains in this book

Summary

2 Securing identities in Azure: The four pillars of identity and Azure Active Directory

2.1 Four pillars of identity

2.1.1 What is Azure Active Directory?

2.1.2 What is an identity?

2.1.3 Azure AD user identities in action

2.1.4 Azure AD service principals in action

2.1.5 Managed identity in Azure AD

2.1.6 Managed identity in action

2.2 Authentication

2.2.1 Azure AD as an IAM service

2.2.2 Importance of multifactor authentication

2.2.3 Azure MFA

2.2.4 Security defaults in Azure AD

2.2.5 Identity protection

2.2.6 Identity protection in action

2.2.7 Conditional access in Azure AD

2.2.8 Conditional access in action

2.3 Authorization

2.3.1 Azure role-based access control

2.3.2 How does Azure RBAC work?

2.3.3 Role assignment

2.3.4 Azure role-based access control in action

2.4 Custom roles

2.5 Custom roles in action

2.6 Identity governance

2.6.1 Privileged identity management

2.6.2 PIM in action

2.6.3 Access reviews

2.7 Answers to exercises

Exercise 2.1

Exercise 2.2

Exercise 2.3

Exercise 2.4

Exercise 2.5

Exercise 2.6

Summary

Part 2. Securing Azure resources

3 Implementing network security in Azure: Firewall, WAF, and DDoS protection

3.1 Azure network security

3.1.1 The importance of network segmentation

3.1.2 Positive security model

3.2 Azure Firewall

3.2.1 Azure Firewall Standard vs. Premium

3.2.2 Azure Firewall Standard in action

3.2.3 Creating an Azure Firewall instance

3.2.4 Routing traffic to Azure Firewall

3.2.5 Routing to direct traffic

3.2.6 Associating a route table to a subnet

3.2.7 Allowing Azure Firewall traffic

3.2.8 Azure Firewall Premium

3.2.9 Azure Firewall policy

3.2.10 Azure Firewall Manager

3.3 Azure Web Application Firewall

3.3.1 Azure WAF on Azure Application Gateway in action

3.3.2 Azure WAF on Azure Front Door in action

3.3.3 Tuning Azure WAF

3.4 Mitigating DDoS attacks

3.4.1 DDoS Protection in Azure

3.4.2 Creating an Azure DDoS Protection plan

3.5 Answers to exercises

Exercise 3.1

Summary

4 Securing compute resources in Azure: Azure Bastion, Kubernetes, and Azure App Service

4.1 Azure compute resources

4.2 Azure Bastion

4.2.1 Basic vs. Standard SKU

4.2.2 Azure Bastion in action

4.2.3 Connecting to Azure Bastion using your browser and Azure portal

4.2.4 Connecting to Azure Bastion using the native RDP or SSH client

4.3 Securing Kubernetes clusters

4.3.1 What are containers?

4.3.2 What is a container registry?

4.3.3 What is Kubernetes?

4.3.4 How does Kubernetes work?

4.3.5 Managed vs. unmanaged Kubernetes

4.4 What makes container security different?

4.4.1 Typical challenges when securing Kubernetes clusters

4.4.2 Securing Azure Kubernetes Service and Azure Container Registry

4.4.3 Security monitoring for Azure Kubernetes Service and Azure Container Registry

4.5 Securing Azure App Service

4.5.1 Authentication and authorization

4.5.2 Access restrictions

4.5.3 Subdomain takeover

4.5.4 OS and application-stack patching

4.6 Answers to exercises

Exercise 4.1

Exercise 4.2

Exercise 4.3

Summary

5 Securing data in Azure Storage accounts: Azure Key Vault

5.1 Securing storage accounts

5.1.1 Azure Storage firewall

5.1.2 Authorizing control plane operations

5.1.3 Authorizing data plane operations

5.1.4 SSE

5.1.5 Encryption key management

5.1.6 Encryption using a customer-managed key

5.1.7 Encryption using a customer-managed key in action

5.1.8 Encryption scopes

5.1.9 Infrastructure encryption

5.2 Securing Azure Key Vault

5.2.1 Authorizing control plane operations

5.2.2 Authorizing data plane operations

5.2.3 Azure Key Vault firewall

Summary

6 Implementing good security hygiene: Microsoft Defender for Cloud and Defender CSPM

6.1 Microsoft Defender for Cloud

6.2 Cloud security posture management

6.2.1 Onboarding your subscriptions to Defender for Cloud

6.2.2 Recommendations

6.2.3 Secure score

6.2.4 Free vs. paid security posture management capabilities in Microsoft Defender for Cloud

6.3 Cloud security graph

6.3.1 Attack paths

6.3.2 Cloud security explorer

6.3.3 Agentless scanning for machines

6.4 Security governance

6.4.1 Manually assigning owners and due dates

6.4.2 When should you use a grace period?

6.4.3 Programmatically assigning owners and due dates

6.5 Regulatory compliance

6.5.1 Regulatory compliance in action

6.5.2 Adding a built-in standard

6.6 Answers to exercises

Exercise 6.1

Exercise 6.2

Summary

7 Security monitoring for Azure resources: Microsoft Defender for Cloud plans

7.1 Cloud workload protection

7.2 Microsoft Defender for Cloud plans

7.2.1 Microsoft Defender for Servers

7.2.2 Microsoft Defender for Containers

7.2.3 Microsoft Defender for App Service

7.2.4 Microsoft Defender for Storage

7.2.5 Microsoft Defender for Databases

7.2.6 Microsoft Defender for Key Vault

7.2.7 Microsoft Defender for Resource Manager

7.2.8 Microsoft Defender for DNS

7.2.9 Email notifications

7.3 Security alerts

7.3.1 Security alerts in action

7.3.2 Investigating security alerts

7.4 Workflow automation

7.4.1 Workflow automation in action

7.5 Exporting data

7.5.1 Continuous export

7.5.2 Continuous export in action

7.6 Workbooks

7.6.1 Using workbooks

7.6.2 Workbooks in action

7.7 Answers to exercises

Exercise 7.1

Exercise 7.2

Exercise 7.3

Summary

Part 3. Going further

8 Security operations and response: Microsoft Sentinel

8.1 Security Information and Event Management

8.2 Microsoft Sentinel

8.2.1 Microsoft Sentinel capabilities

8.2.2 Enabling Microsoft Sentinel

8.3 Data collection

8.3.1 What data should go in a SIEM?

8.3.2 Data connectors

8.3.3 Data connectors in action

8.3.4 Content hub

8.4 Analytics rules

8.4.1 Microsoft security rules

8.4.2 Microsoft security rules in action

8.4.3 Scheduled rules

8.4.4 Scheduled rules in action

8.5 Incidents

8.6 User and entity behavior analytics

8.6.1 When to use UEBA

8.6.2 User and entity behavior analytics in action

8.7 Security orchestration, automation, and response

8.8 Automation rules

8.8.1 Automation elements and trigger events

8.8.2 Automation rules in action

8.9 Answers to Exercises

Exercise 8.1

Exercise 8.2

Exercise 8.3

Summary

9 Audit and log data: Azure Monitor

9.1 Understanding different log types in Azure

9.1.1 Azure tenant logs

9.1.2 Azure subscriptions

9.1.3 Azure resources

9.1.4 Operating system

9.2 Azure Monitor

9.3 Diagnostic settings

9.3.1 Diagnostic settings in action

9.4 Data collection rules

9.4.1 Data collection rules in action

9.5 Alert rules

9.5.1 Types of alerts

9.5.2 Alert rules in action

9.6 Answers to exercises

Exercise 9.1

Exercise 9.2

Exercise 9.3

Summary

10 Importance of governance: Azure Policy and Azure Blueprints

10.1 What is Azure Policy?

10.2 Getting started with Azure Policy

10.2.1 Azure Policy in action

10.2.2 Scope

10.2.3 Policy effects

10.3 Custom policies

10.4 Centralized security policy management

10.5 Azure Blueprints

10.6 Answers to exercises

Exercise 10.1

Exercise 10.2

Summary

11 DevSecOps: Microsoft Defender for DevOps

11.1 Developing code more securely

11.2 What is shifting security left?

11.3 Infrastructure as code

11.3.1 Infrastructure as code in action

11.3.2 Who is responsible for fixing vulnerabilities in code?

11.4 Microsoft Defender for DevOps

11.4.1 Unified DevOps posture visibility

11.4.2 Microsoft Security DevOps application

11.4.3 GitHub Advanced Security

11.4.4 Microsoft Security DevOps for GitHub in action

11.4.5 IaC scanning in GitHub

11.4.6 Microsoft Security DevOps for Azure DevOps in action

11.4.7 IaC scanning in ADO

11.4.8 Secrets scanning

11.4.9 Code-to-cloud contextualization

11.5 Cybersecurity as an infinite game

11.6 Answers to exercises

Exercise 11.1

Exercise 11.2

Summary

Appendix. Setting up Azure CLI on your machine

A.1 Setting up Azure CLI on Windows

A.2 Setting up Azure CLI on Linux

A.3 Setting up Azure CLI on macOS

index

People also search for Azure Security MEAP V03 1st Edition:

azure security tools

azure devops security scanning

storage account azure security

sql azure security

salary of azure security engineer

Tags: Bojan Magusic, Azure Security, MEAP V03

Azure Security MEAP V03 1st Edition by Bojan Magusic ISBN 9781633438811 1633438813

You may also like…

Login