Learning Path Overview

Microsoft made security a key pillar of the Azure platform because they understand that you need to trust the cloud to realize its full benefits, which is why Azure boasts the most compliance certifications of any cloud provider. But security in the cloud is a shared responsibility. Azure provides services that you can leverage to secure your cloud resources and applications. 

This is true regardless of whether you are making use of IaaS, PaaS, or SaaS offerings in Azure. This learning path will teach you how to take advantage of these security features and services to enable strong security practices in your organization and to protect and secure your own cloud applications.

What you will learn

Identity and Access Management: Securely manage users, groups, devices, and applications that integrate with Azure Active Directory (AAD) and role-based access controls.

Storage: Defend against data breaches by utilizing encryption support for storage accounts, virtual hard drives, and Azure-managed databases.

Networking: Use encrypted VPN tunnels to connect to networks in Azure from on-premises and remote machines, or to avoid the public internet entirely by connecting your company to Azure directly through a private ExpressRoute connection. Incorporate different types of firewalls to secure traffic in your network, including network security groups, web application firewalls, next-generation firewalls, and Azure-managed database firewalls.

Auditing and Threat Prevention: Proactively monitor your cloud resources for vulnerabilities and take action to close any identified security gaps with Azure Security Center.

Secrets Management: Securely store and provide secure access to keys, passwords, and application secrets inside of Azure's Key Vault service.

Prerequisites

To uphold your end of the shared responsibility, you need to know:

• The security services that are available
• How to properly use each service