My Account Log in

1 option

Microsoft Cybersecurity Architect Exam Ref SC-100 : Ace the SC-100 Exam and Develop Cutting-Edge Cybersecurity Strategies / Dwayne Natwick, Graham Gold, and Abu Zobayer.

O'Reilly Online Learning: Academic/Public Library Edition Available online

View online
Format:
Book
Author/Creator:
Natwick, Dwayne, author.
Gold, Graham, author.
Zobayer, Abu, author.
Language:
English
Subjects (All):
Computer networks--Security measures--Examinations--Study guides.
Computer networks.
Computer security--Examinations--Study guides.
Computer security.
Physical Description:
1 online resource (301 pages)
Edition:
Second edition.
Place of Publication:
Birmingham, England : Packt Publishing Ltd., [2023]
System Details:
Mode of access: World Wide Web.
Biography/History:
Natwick Dwayne: Dwayne Natwick is the Global Principal Cloud Security Lead at Atos, a multi-cloud GSI. He has been working in IT, security design, and architecture for over 30 years. His love of teaching led him to become a Microsoft Certified Trainer (MCT) Regional Lead and a Microsoft Most Valuable Professional (MVP). Dwayne has a master's degree in Business IT from Walsh College, the CISSP and CCSP certifications from ISC2, and 18 Microsoft certifications, including Identity and Access Administrator, Azure Security Engineer, and Microsoft 365 Security Administrator. Dwayne can be found providing and sharing information on social media, at industry conferences, on his blog site, and on his YouTube channel. Originally from Maryland, Dwayne currently resides in Michigan with his wife and three children. Gold Graham: Graham Gold is a Senior Cloud Security Engineer at Admiral Group. He has 27 years' experience in financial services IT, now specializing in cloud security as of 2020. He has been instrumental in designing, building, securing, and running complex systems at enterprise scale across mainframes, Windows, Linux, and networks, on both on-premises systems and cloud platforms. He is a multi-cloud certified professional, holding the Microsoft Cybersecurity Architect Expert, Azure Security Engineer, Google Certified Professional Cloud Security Engineer, and Google Certified Professional Cloud Architect certifications. Graham is passionate about identity security and privileged access management, and loves to help his colleagues and community, sharing his knowledge on his blog and across social media platforms. Outside of work, he lives in Scotland with his wife and cats, and they share a love of world travel. Zobayer Abu: Abu Zobayer works as a Senior Cloud Solutions Architect at Microsoft, bringing over two decades of experience in the IT industry. Over the course of his career, he has taken on various key roles, such as Principal Microsoft Technical Trainer and Senior Customer Engineer. His credentials include a range of certifications: Microsoft Cybersecurity Architect Expert, Azure Security Engineer, Azure DevOps Expert, and Azure Solutions Architect Expert. Abu holds a master's degree in cybersecurity from the University of Texas. He has played a crucial role in designing, deploying, and securing advanced cloud architectures, ensuring reliable and scalable solutions for enterprise-level clients. Abu has a strong interest in cybersecurity and cloud innovations, and he frequently shares his expertise through training programs and community initiatives. Outside of his professional life, he enjoys experimenting with new technologies and spending quality time with his family in San Antonio, Texas.
Summary:
This Second Edition of Microsoft Cybersecurity Architect Exam Ref SC-100 is a comprehensive guide that will help cybersecurity professionals design and evaluate the cybersecurity architecture of Microsoft cloud services. Packed with practice questions, mock exams, interactive flashcards, and invaluable exam tips, this comprehensive resource gives you everything you need to conquer the SC-100 exam with confidence. This book will take you through designing a strategy for a cybersecurity architecture and evaluating the governance, risk, and compliance (GRC) of the architecture of both cloud-only and hybrid infrastructures. You'll discover how to implement zero trust principles, enhance security operations, and elevate your organization's security posture. By the end of this book, you'll be fully equipped to plan, design, and assess cybersecurity frameworks for Microsoft cloud environments—and pass the SC-100 exam with flying colors. Ready to take your cybersecurity expertise to the next level? This guide is your key to success.
Contents:
Cover
FM
Copyright
Contributors
Table of Contents
Preface
Chapter 1: Cybersecurity in the Cloud
Making the Most of This Book - Your Certification and Beyond
What Is Cybersecurity?
Significance in Modern Business
Cybersecurity in the Context of the SC-100 Exam
Evolution of Cybersecurity from On-Premises to the Cloud
Defense-in-Depth Security Strategy
Building a Defense-in-Depth Security Posture
Shared Responsibility in Cloud Security
Understanding the Stages of a Cyber-Attack
How Cybersecurity Architecture Can Protect Against These Threats
Security Operations
Understanding the Scope of Cybersecurity in the Cloud
Shared Responsibility Scope
Principles of the Zero-Trust Methodology
Common Threats and Attacks
Internal Threats
External Threats
Defense in Depth: A Real-Life Example
Additional Example: Okta
Initial Signs of Compromise
Impact
Remediation
Defense in Depth
Summary
Exam Readiness Drill - Chapter Review Section
Chapter 2: Build an Overall Security Strategy and Architecture
Identifying the Integration Points in an Architecture by Using the Microsoft Cybersecurity Reference Architectures
How is the MCRA Used?
What Are the Components of the MCRA?
Translating Business Goals into Security Requirements
Threat Analysis
Translating Security Requirements into Technical Capabilities
Physical
Identity and A ccess
Perimeter security
Network Security
Compute
Applications
Data
Designing Security for a Resiliency Strategy
Integrating a Hybrid or Multi-Tenant Environment into a Security Strategy
Developing a Technical and Governance Strategy for Traffic Filtering and Segmentation
North-South/East-West Network Traffic and Segmentation
Exam Readiness Drill - Chapter Review Section.
Chapter 3: Design a Security Operations Strategy
Designing a Logging and Auditing Strategy to Support Security Operations, Including Microsoft Purview Audit
Security Operations Overview
Microsoft Security Operations Tools
Logging and Auditing for Threat and Vulnerability Detection
Microsoft Purview Audit
Developing Security Operations to Support a Hybrid or Multi-Cloud Environment
Designing a strategy for SIEM and SOAR
Evaluating Security Workflows
Security Strategies for Incident Management and Response
Security Workflows
Evaluating a Security Operations Strategy for the Incident Management Life Cycle
Evaluating a Security Operations Strategy to Share Technical Threat Intelligence
Leveraging Artificial Intelligence to Enhance Security Operations
Microsoft Copilot for Security
Chapter 4: Design an Identity Security Strategy
Zero Trust for Identity and Access Management
Designing a Strategy for Access to Cloud Resources
Recommending an Identity Store
Microsoft Entra Tenant Synchronization with SCIM
External Identities
Recommending an Authentication and Authorization Strategy
Hybrid Identity Infrastructure
Secure Authorization Methods
Designing a Strategy for CA
Microsoft Entra Identity Protection
Designing a Strategy for CAE
Designing a Strategy for Role Assignment and Delegation
Designing a Security Strategy for Privileged Role Access
Microsoft Entra ID PIM
Designing a Security Strategy for Privileged Activities
Privileged Access Reviews
Entitlement Management (aka Permission Management)
Cloud Tenant Administration
Case study - Designing a Zero-Trust Architecture
Chapter 5: Design a Regulatory Compliance Strategy.
Interpreting Compliance Requirements and Translating Them into Specific Technical Capabilities
Evaluating Infrastructure Compliance by Using Microsoft Defender for Cloud
Interpreting Compliance Scores and Recommending Actions to Resolve Issues or Improve Security
Designing an Implementation of Azure Policy
Designing for Data Residency Requirements
Translating Privacy Requirements into Requirements for Security Solutions
Case Study - Designing for Regulatory Compliance
Chapter 6: Evaluate Security Posture and Recommend Technical Strategies to Manage Risk
Evaluating the Security Posture Using Benchmarks
Evaluating the Security Posture Using Microsoft Defender for Cloud
Evaluating the Security Posture by Using Secure Score
Evaluating the Security Posture of Cloud Workloads
Designing Security for an Azure Landing Zone
Interpreting Technical Threat Intelligence and Recommending Risk Mitigations
Recommending Security Capabilities or Controls to Mitigate Identified Risks
Evaluating the Security of Internet Assets with Microsoft Defender EASM
Case Study - Evaluating the Security Posture
Chapter 7: Design a Strategy for Securing Server and Client Endpoints
Planning and Implementing a Security Strategy across Teams
Specifying Security Baselines for Server and Client Endpoints
Specifying Security Requirements for Servers, Including Multiple Platforms and Operating Systems
Specifying Security Requirements for Mobile Devices and Clients, Including Endpoint Protection, Hardening, and Configuration
Evaluating Windows LAPS Solutions
How Do You Manage Local Admin Passwords in Windows?
Introduction of Microsoft LAPS
Replacement of Microsoft LAPS with Windows LAPS.
Deployment Considerations for Windows LAPS
Specifying requirements to Secure AD DS
Designing a Strategy to Manage Secrets, Keys, and Certificates
Designing a Strategy for Secure Remote Access
Remote Management of Servers and Applications
Remote Management of Mobile Devices and Clients
Understanding Security Operations Frameworks, Processes, and Procedures
Case Study - Designing a Secure Architecture for Endpoints
Chapter 8: Design a Strategy for Securing SaaS, PaaS, and IaaS
Specifying Security Baselines for SaaS, PaaS, and IaaS Services
Security Baselines for SaaS
Security Baselines for IaaS
Security Baselines for PaaS
Specifying Security Requirements for IoT Devices and Connected Systems
Device Security
Connection Security
Cloud Security
Evaluating Solutions for Securing OT and Industrial Control Systems (ICSs) by Using Microsoft Defender for IoT
Cloud-Connected Sensors
Local OT Sensors
Specifying Security Requirements for Data Workloads, Including SQL, Azure SQL Database, Azure Synapse, and Azure Cosmos DB
Specifying Security Requirements for Storage Workloads, Including Azure Storage
Specifying Security Requirements for Web Workloads, Including Azure App Service
Specifying Security Requirements for Containers
Specifying Security Requirements for Container Orchestration
Evaluating Solutions That Include Azure AI Services Security
What Are Azure AI Services?
Security Considerations
Case Study - Security Requirements for IaaS, PaaS, and SaaS
Chapter 9: Specify Security Requirements for Applications
Specifying Priorities for Mitigating Threats to Applications
Identity and Secret Handling and Use
Segmentation and Configuration.
Static and Dynamic Testing
Data Handling and Access
Security Posture Management and Workload Protection
Specifying a Security Standard for Onboarding a New Application
Designing a Security Solution for API Management
Case Study - Security Requirements for Applications
Chapter 10: Design a Strategy for Securing Data
Specifying Priorities for Mitigating Threats to Data
Managing the Risk to Data
Ransomware Protection and Recovery
Designing a Strategy to Identify and Protect Sensitive Data
Specifying an Encryption Standard for Data at Rest and in Motion
Encryption at Rest
Data Masking
Encryption in Transit
Managing Data Encryption Security with Azure Key Vault
Case Study - Designing a Strategy to Secure Data
Chapter 11: Accessing the Online Practice Resources
Index
Other Books You May Enjoy.
Notes:
Includes bibliographical references and index.
Description based on publisher supplied metadata and other sources.
Description based on print version record.
Other Format:
Print version: Natwick, Dwayne Microsoft Cybersecurity Architect Exam Ref SC-100
ISBN:
9781836208501
OCLC:
1468098716

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account