Training: Secure Azure services and workloads with Microsoft Defender for Cloud regulatory compliance controls (SC-5002)

Ref. SC-5002

Download PDF

Duration:

1

day

Exam:

Not certifying

Level:

Intermediate

Funding:

Eligible

Home > Trainings > IT Pro > Audit and Cybersecurity > Secure Azure services and workloads with Microsoft Defender for Cloud regulatory compliance controls (SC-5002)

Secure Azure services and workloads with Microsoft Defender for Cloud regulatory compliance controls (SC-5002)

Secure Your Azure Services and Workloads

Cloud service security is essential to ensure compliance with current regulations. With the training “Securing Azure Services and Workloads with Microsoft Defender for Cloud for Regulatory Compliance Controls (SC-5002),” you will learn how to enhance the protection of your Azure infrastructures. This program guides you through implementing best security practices using Microsoft Defender for Cloud.

Master Key Compliance Tools

In this course, you will discover how Microsoft Defender for Cloud simplifies regulatory compliance. You will learn to analyze and address vulnerabilities using tools such as Azure Key Vault, Azure Log Analytics, and Azure Private Link. Additionally, you will see how to configure network security groups and enhance the monitoring of Azure virtual machines.

Participant Profiles

Cloud and security administrators
Cybersecurity engineers
Cloud architects
Compliance and information security consultants
IT managers looking to enhance Azure service security

Objectives

Use Microsoft Defender for Cloud to ensure regulatory compliance
Activate and configure Defender for Cloud on an Azure subscription
Set up network security groups to filter traffic
Create and manage an Azure Log Analytics workspace
Deploy and configure the Azure Monitor agent to collect data
Manage secure access to Azure virtual machines with Just-in-Time access
Configure Azure Key Vault networking to protect secrets
Connect an Azure SQL Server with Azure Private Endpoint

Prerequisites

Basic knowledge of Azure services and concepts
Understanding of fundamental cybersecurity principles
Experience in managing cloud resources and Azure subscriptions

Course Content

Module 1: Examine Defender for Cloud regulatory compliance standards

Regulatory compliance standards in Defender for Cloud
Microsoft cloud security benchmark in Defender for Cloud
Improve your regulatory compliance in Defender for Cloud

Module 2: Enable Defender for Cloud on your Azure subscription

Connect your Azure subscriptions
Configure Microsoft Defender for Cloud for enhanced protection

Module 3: Filter network traffic with a network security group using the Azure portal

Azure resource group
Azure Virtual Network
How network security groups filter network traffic
Application security groups
Create a virtual network infrastructure

Module 4: Create a Log Analytics workspace

Log Analytics workspace
Create a Log Analytics workspace

Module 5: Collect guest operating system monitoring data from Azure and hybrid virtual machines using Azure Monitor Agent

Deploy the Azure Monitor Agent
Collect data with Azure Monitor Agent
Create a data collection rule and install the Azure Monitor Agent

Module 6: Explore just-in-time virtual machine access

Understand just-in-time virtual machine access
Enable just-in-time access on virtual machines

Module 7: Configure Azure Key Vault networking settings

Azure Key Vault basic concepts
Best practices for Azure Key Vault
Azure Key Vault network security
Configure Azure Key Vault firewalls and virtual networks
Configure Key Vault networking settings
Azure Key Vault soft delete overview
Virtual network service endpoints for Azure Key Vault
Enable soft delete in Azure Key Vault

Module 8: Connect an Azure SQL server using an Azure Private Endpoint

Azure Private Endpoint
Azure Private Link
Connect to an Azure SQL server using an Azure Private Endpoint using the Azure portal

Documentation

Access to Microsoft Learn, Microsoft’s online learning platform, offering interactive resources and educational content to deepen your knowledge and develop your technical skills.

Lab / Exercises

This course provides you with exclusive access to the official Microsoft lab, enabling you to practice your skills in a professional environment.

Complementary Courses

Eligible Funding

ITTA is a partner of a continuing education fund dedicated to temporary workers. This fund can subsidize your training, provided that you are subject to the “Service Provision” collective labor agreement (CCT) and meet certain conditions, including having worked at least 88 hours in the past 12 months.

Additional Information

Master Security and Compliance on Microsoft Azure (SC-5002)

Managing cloud security is a major challenge for businesses. With the increasing adoption of Azure, ensuring the protection of services and workloads while meeting regulatory requirements is essential. This training equips you with advanced skills to secure your Azure infrastructures using Microsoft Defender for Cloud. You will learn to monitor, detect, and prevent threats by leveraging dedicated tools such as Azure Key Vault, Azure Private Link, and Azure Log Analytics.

Why Secure Your Azure Services?

Cyberattacks are becoming more sophisticated, and security regulations are becoming stricter. Failing to secure your cloud services can lead to data breaches, service disruptions, and financial penalties. This training helps you:

Implement compliance controls to mitigate non-compliance risks
Detect vulnerabilities and apply real-time security patches
Automate Azure service monitoring for proactive management
Strengthen database and network isolation using best security practices

A Comprehensive Approach to Azure Security

This training guides you through the key steps of securing cloud services. You will start by evaluating compliance standards, then learn how to configure Microsoft Defender for Cloud for continuous threat and vulnerability monitoring. You will also explore advanced access protection strategies, including network security groups and just-in-time access for virtual machines.

Optimize Database and Network Protection

Databases and networks are prime targets for attackers. This training teaches you how to secure sensitive resources using:

Azure Key Vault: Advanced protection for secrets and encryption keys
Azure Private Endpoint: Secure isolation of Azure SQL Database connections
Network Security Groups: Traffic filtering and access restrictions
Azure Monitor: Log collection and analysis for enhanced visibility

A Program Designed for Cybersecurity Professionals

Whether you are a cloud administrator, cybersecurity engineer, or compliance consultant, this training provides hands-on expertise for implementing robust security measures on Azure. You will learn how to integrate advanced security solutions and automate monitoring tasks to protect your data and infrastructures.

FAQ

Is this training suitable for beginners?

It is primarily designed for professionals with experience in Azure administration and cybersecurity. However, if you have basic knowledge of cloud services and security best practices, you can successfully follow this program.

What tools will I learn to use?

This training covers advanced use of Microsoft Defender for Cloud and associated services such as Azure Key Vault, Azure Private Link, Azure Log Analytics, and Azure SQL Database. You will also learn how to configure network security groups and automate monitoring with Azure Monitor.

What are the concrete benefits of this training?

By completing this program, you will be able to: