Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

Protect compute, storage, and databases

Microsoft via Microsoft Learn

Go to class Write review
CodeSignal Ad

Free AI-powered learning to build in-demand skills

Learn More → Boot.dev Ad

The Most Addictive Python and SQL Courses

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
  • This module is designed to provide administrators with the knowledge and skills needed to plan and implement advanced security measures for Azure compute resources, safeguarding applications and data against evolving security threats.

    By the end of this module, participants will be able to:

    • Enhance Azure compute resources' security against vulnerabilities and attacks with advanced measures.

    • Secure remote access via Azure Bastion (Developer, Basic, Standard, and Premium SKUs) and Just-in-Time (JIT) VM access, and implement network isolation for AKS.

    • Configure AKS authentication using workload identity and Microsoft Entra ID, strengthen AKS clusters' security, monitor Azure Container Instances and Apps, and manage access to Azure Container Registry.

    • Implement disk encryption methods like ADE and encryption at host, and manage API access securely in Azure API Management.

  • This module is designed to provide administrators with the knowledge and skills required to plan and implement comprehensive security measures for Azure storage resources, safeguarding data integrity, confidentiality, and availability.

    By the end of this module, participants will be able to:

    • Develop security strategies for Azure storage resources, ensuring data protection during rest and transit.

    • Manage storage account access with effective access control and secure key lifecycle management.

    • Tailor access methods for Azure Files, Blob Storage, Tables, and Queues to specific use cases.

    • Strengthen data security with soft delete, backups, versioning, immutable storage, BYOK, and double encryption.

  • This module is designed to empower administrators with the knowledge and skills needed to plan and implement robust security measures for Azure SQL Database and Azure SQL Managed Instance, ensuring data protection and regulatory compliance.

    By the end of this module, participants will be able to:

    • Implement security for Azure SQL Managed Instance to safeguard sensitive data.

    • Use Microsoft Enterprise Identity for database authentication and conduct database auditing for compliance.

    • Utilize Microsoft Purview for data governance and classification to protect sensitive information.

    • Apply dynamic masking and Transparent Database Encryption, and recommend Always Encrypted for client-side data protection.

Syllabus

  • Plan and implement advanced security for compute
    • Introduction
    • Plan and implement remote access to public endpoints, Azure Bastion and just-in-time (JIT) virtual machine (VM) access
    • What is Azure Kubernetes Service?
    • Configure network isolation for Azure Kubernetes Service (AKS)
    • Secure and monitor Azure Kubernetes Service
    • Configure authentication for Azure Kubernetes Service
    • Configure security for Azure Container Instances (ACIs)
    • Configure security for Azure Container Apps (ACAs)
    • Manage access to Azure Container Registry (ACR)
    • Configure disk encryption, Azure Disk Encryption (ADE), encryption as host, and confidential disk encryption
    • Recommend security configurations for Azure API Management
    • Module assessment
    • Summary
  • Plan and implement security for storage
    • Introduction
    • Azure Storage
    • Configure access control for storage accounts
    • Manage life cycle for storage account access keys
    • Select and configure an appropriate method for access to Azure Files
    • Select and configure an appropriate method for access to Azure Blobs
    • Select and configure an appropriate method for access to Azure Tables
    • Select and configure an appropriate method for access to Azure Queues
    • Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage
    • Configure Bring your own key (BYOK)
    • Enable double encryption at the Azure Storage infrastructure level
    • Module assessment
    • Summary
  • Plan and implement security for Azure SQL Database and Azure SQL Managed Instance
    • Introduction
    • Azure SQL Database and SQL Managed Instance security
    • Enable Microsoft Entra database authentication
    • Enable and monitor database audit
    • Identify use cases for the Microsoft Purview governance portal
    • Implement data classification of sensitive information by using the Microsoft Purview governance portal
    • Plan and implement dynamic mask
    • Implement transparent data encryption​
    • Recommend when to use Azure SQL Database Always Encrypted
    • Implement an Azure SQL Database firewall
    • Module assessment
    • Summary

Tags

Reviews

Start your review of Protect compute, storage, and databases

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.