Azure SQL Database has built-in data security capabilities collectively known as Microsoft Defender for Cloud (previously known as Azure Defender). Microsoft Defender for Cloud provides multiple security pillars to improve your database security posture:

1. Data discovery & classification
2. Vulnerability assessment
3. Advanced threat protection

In this lab, you will demonstrate the capabilities of each of these services and understand how Microsoft Defender for Cloud provides security as a service for your database. Specifically, you will see how Microsoft Defender for Cloud can help your organization achieve security compliance, proactively remediate vulnerabilities, and protect your data from attacks. You will also see how Microsoft Defender for Cloud can alert you to any threats it discovers and also enrich your database audit logs with security sensitivity information.

Lab Objectives

Upon completion of this Lab you will be able to:

• Configure Microsoft Defender for Cloud and auditing for Azure SQL Databases
• Explain the benefits of each of the security services provided by Microsoft Defender for Cloud
• Use Microsoft Defender for Cloud to remediate vulnerabilities and threats in your database
• Use Microsoft Defender for Cloud to improve your compliance with various security 

Intended Audience

This lab is intended for:

• DP-200 Implementing an Azure Data Solution exam candidates
• Anyone interested in securing Azure SQL Database instances

Prerequisites

You should be familiar with:

• Azure Storage and SQL Database basics

You can complete the Designing an Azure Data Implementation course to gain this knowledge.

Updates

May 19th, 2023 - Resolved storage account issue

December 30th, 2022 - Updated screenshots and instructions to reflect UI change

December 2nd, 2021 - Updated the instructions and screenshots to match the latest portal experience.

December 2nd, 2021 - Updated lab for Azure Defender/Azure Security Center re-branding to Microsoft Defender for Cloud.

January 7th, 2021 - Updated lab for ADS re-branding to Azure Defender.

May 13th, 2021 - Updated the instructions to match the latest portal experience.

July 3rd, 2020 - Updated the instructions for viewing the ADS server settings to match the latest portal experience.

March 12th, 2020 - Updated the lab startup template to automatically enable ADS to avoid an issue preventing the ability of students to configure the ADS storage account.