Microsoft Cybersecurity Architect

Introduction to Zero Trust and best practice frameworks

You learn what best practices are and how cybersecurity architects use them as well as some key best practice frameworks for Microsoft cybersecurity capabilities. You also learn about the concept of Zero Trust, and how to get started with Zero Trust in an organization.

• Introduction to best practices
• Introduction to Zero Trust
• Zero Trust initiatives
• Zero Trust technology pillars part 1
• Zero Trust technology pillars part 2
• Knowledge check - Introduction to Zero Trust and best practice frameworks
• Summary - Introduction to Zero Trust and best practice frameworks

Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)

You'll learn about the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF) and how you can use them to design more secure solutions.

• Define a security strategy
• Introduction to the Cloud Adoption Framework
• Cloud Adoption Framework secure methodology
• Introduction to Azure Landing Zones
• Design security with Azure Landing Zones
• Introduction to the Well-Architected Framework
• The Well-Architected Framework security pillar
• Knowledge check - Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)
• Summary - Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF)

Design solutions that align with the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft cloud security benchmark (MCSB)

You learn about the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft cloud security benchmark (MCSB) and how you can use them to design more secure solutions.

• Introduction to Microsoft Cybersecurity Reference Architecture and cloud security benchmark
• Design solutions with best practices for capabilities and controls
• Design solutions with best practices for attack protection
• Knowledge check - Design solution with Microsoft Cybersecurity Reference Architecture and Microsoft cloud security benchmark
• Summary - Design solution with Microsoft Cybersecurity Reference Architecture and Microsoft cloud security benchmark

Design a resiliency strategy for common cyberthreats like ransomware

You'll learn about common cyberthreats like ransomware and what kinds of attack patterns an organization must be prepared for.

• Common cyberthreats and attack patterns
• Support business resiliency
• Ransomware protection
• Configurations for secure backup and restore
• Security updates
• Knowledge check - Design a resiliency strategy for common cyberthreats
• Summary - Design a resiliency strategy for common cyberthreats like ransomware

Case study: Design solutions that align with security best practices and priorities

Apply your cybersecurity architect skills on a real business scenario in the area of security operations, identity and compliance. You will analyze design requirements, answer conceptual and technical questions and design a solution to meet the business needs.

• Case study description
• Case study answers
• Conceptual walkthrough
• Technical walkthrough

Design solutions for regulatory compliance

You'll learn how to interpret and translate regulatory requirements into technical solutions. You'll also learn how to use capabilities found in Microsoft Purview, Microsoft Priva, and Defender for Cloud for compliance.

• Introduction to regulatory compliance
• Translate compliance requirements into a security solution
• Address compliance requirements with Microsoft Purview
• Address privacy requirements with Microsoft Priva
• Address security and compliance requirements with Azure policy
• Evaluate infrastructure compliance with Defender for Cloud
• Summary - Design solutions for regulatory requirements

Design solutions for identity and access management

You learn about various strategies for managing identities and access to resources, including hybrid and multicloud scenarios, external identities, and conditional access.

• Introduction to Identity and Access Management
• Design cloud, hybrid and multicloud access strategies (including Azure AD)
• Design a solution for external identities
• Design modern authentication and authorization strategies
• Align conditional access and Zero Trust
• Specify requirements to secure Active Directory Domain Services (AD DS)
• Design a solution to manage secrets, keys, and certificates
• Knowledge check - Design solutions for identity and access management
• Summary - Design solutions for identity and access management

Design solutions for securing privileged access

You learn advanced techniques for designing solutions that manage privileged access effectively.

• Introduction to privileged access
• The enterprise access model
• Design identity governance solutions
• Design a solution to secure tenant administration
• Design a solution for cloud infrastructure entitlement management (CIEM)
• Design a solution for privileged access workstations and bastion services
• Knowledge check - Design solutions for securing privileged access management
• Summary - Design solutions for securing privileged access

Design solutions for security operations

You learn techniques to design security operations capabilities including logging, auditing, Security Event Management (SIEM), Security Orchestration and Automated Response (SOAR), and security workflows.

• Introduction to Security operations (SecOps)
• Design security operations capabilities in hybrid and multicloud environments
• Design centralized logging and auditing
• Design security information and event management (SIEM) solutions
• Design solutions for detection and response
• Design a solution for security orchestration, automation, and response (SOAR)
• Design security workflows
• Design threat detection coverage
• Knowledge check - Design solutions for security operations
• Summary - Design solutions for security operations

Case study: Design security operations, identity and compliance capabilities

Apply your cybersecurity architect skills on a real business scenario in the area of security operations, identity and compliance. You analyze design requirements, answer conceptual and technical questions and design a solution to meet the business needs.

• Case study description
• Case study answers
• Conceptual walkthrough
• Technical walkthrough

Design solutions for securing Microsoft 365

You learn how to design security solutions for Exchange, Sharepoint, OneDrive and Teams.

• Introduction to security for Exchange, Sharepoint, OneDrive and Teams
• Evaluate security posture for collaboration and productivity workloads
• Design a Microsoft 365 Defender solution
• Design configurations and operational practices for Microsoft 365
• Knowledge check - Design solutions for securing Microsoft 365
• Summary - Design solutions for securing Microsoft 365

Design solutions for securing applications

You learn how to secure applications, APIs and the development process using techniques like posture management, threat modeling, and secure access for workload identities.

• Introduction to application security
• Design and implement standards to secure application development
• Evaluate security posture of existing application portfolios
• Evaluate application threats with threat modeling
• Design security lifecycle strategy for applications
• Secure access for workload identities
• Design a solution for API management and security
• Design a solution for secure access to applications
• Knowledge check - Design solutions for securing applications
• Summary - Design solutions for securing applications

Design solutions for securing an organization's data

You learn about designing solutions that secure an organization's data using capabilities like Microsoft Purview, Defender for SQL, Defender for Storage.

• Introduction to data security
• Design a solution for data discovery and classification using Microsoft Purview
• Design a solution for data protection
• Design data security for Azure workloads
• Design security for Azure Storage
• Design a security solution with Microsoft Defender for SQL and Microsoft Defender for Storage
• Knowledge check - Design solutions for securing an organization's data
• Summary - Design solutions for securing an organization's data

Case study: Design security solutions for applications and data

Apply your cybersecurity architect skills on a real business scenario in the area of securing applications and data. You will analyze design requirements, answer conceptual and technical questions and design a solution to meet the business needs.

• Case study description
• Case study answers
• Conceptual walkthrough
• Technical walkthrough

Specify requirements for securing SaaS, PaaS, and IaaS services

You learn how to analyze security requirements for different cloud offerings (SaaS, PaaS, and IaaS), IoT workloads, web workloads and containers.

• Introduction to security for SaaS, PaaS, and IaaS
• Specify security baselines for SaaS, PaaS, and IaaS services
• Specify security requirements for web workloads
• Specify security requirements for containers and container orchestration
• Knowledge check - Specify requirements for securing SaaS, PaaS and IaaS services
• Summary - Specify requirements for securing SaaS, PaaS, and IaaS services

Design solutions for security posture management in hybrid and multicloud environments

You learn how to design security posture management solutions that integrate into hybrid and multicloud scenarios using capabilities in Microsoft Defender for Cloud, Azure Arc and Microsoft Cloud Security Benchmark (MCSB).

• Introduction to hybrid and multicloud posture management
• Evaluate security posture by using Microsoft Cloud Security Benchmark
• Design integrated posture management and workload protection
• Evaluate security posture by using Microsoft Defender for Cloud
• Posture evaluation with Microsoft Defender for Cloud secure score
• Design cloud workload protection with Microsoft Defender for Cloud
• Integrate hybrid and multicloud environments with Azure Arc
• Design a solution for external attack surface management
• Knowledge check - Design solutions for security posture management in hybrid and multicloud environments
• Summary - Design solutions for security posture management in hybrid and multicloud environments

Design solutions for securing server and client endpoints

You learn how to analyze the security requirements for different types of endpoints including servers, clients, IoT, OT, mobile, and embedded devices. These requirements will take into account different platforms and operating systems and set standards for endpoint protection, hardening and configuration.

• Introduction to endpoint security
• Specify server security requirements
• Specify requirements for mobile devices and clients
• Specify internet of things (IoT) and embedded device security requirements
• Secure operational technology (OT) and industrial control systems (ICS) with Microsoft Defender for IoT
• Specify security baselines for server and client endpoints
• Design a solution for secure remote access
• Knowledge check - Design solutions for securing server and client endpoints
• Summary - Design solutions for securing server and client endpoints

Design solutions for network security

You learn how to design secure network solutions using techniques like network segmentation, traffic filtering, network monitoring and posture management.

• Design solutions for network segmentation
• Design solutions for traffic filtering with network security groups
• Design solutions for network posture management
• Design solutions for network monitoring
• Knowledge check - Design solutions for network security
• Summary - Design solutions for network security

Case study: Design security solutions for infrastructure

Apply your cybersecurity architect skills on a real business scenario in the area of infrastructure security. You analyze design requirements, answer conceptual and technical questions and design a solution to meet the business needs.

• Case study description
• Case study answers
• Conceptual walkthrough
• Technical walkthrough