MCE Microsoft ® Certified Expert Cybersecurity Architect Study Guide. Exam SC- 100

Cover
Title Page
Copyright Page
Acknowledgments
About the Authors
About the Technical Editor
Contents at a Glance
Contents
Introduction
	What Is Azure?
	About the SC-100 Certification Exam
	Why Become a Certified Microsoft Azure Cybersecurity Architect?
	Preparing to Become a Certified Microsoft Cybersecurity Architect
	How to Become a Certified Microsoft Cybersecurity Architect
	Who Should Buy This Book
	How This Book Is Organized
		Chapter Features
	Bonus Digital Contents
	Conventions Used in This Book
	Using This Book
		Technology Requirements
	SC-100 Exam Objectives
	How to Contact the Publisher
	Assessment Test
	Answers to Assessment Test
Chapter 1 Define and Implement an Overall Security Strategy and Architecture
	Basics of Cloud Computing
		The Need for the Cloud
		Cloud Service Models
		Cloud Deployment Models
	Introduction to Cybersecurity
		The Need for Cybersecurity
	Cybersecurity Domains
	Getting Started with Zero Trust
		NIST Abstract Definition of Zero Trust
		Key Benefits of Zero Trust
		Guiding Principles of Zero Trust
		Zero Trust Architecture
	Design Integration Points in an Architecture
		Security Operations Center
		Software as a Service
		Hybrid Infrastructure—IaaS, PaaS, On-Premises
		Endpoints and Devices
		Information Protection
		Identity and Access
		People Security
		IOT and Operational Technology
	Design Security Needs to Be Based on Business Goals
		Define Strategy
		Prepare Plan
		Get Ready
		Adopt
		Secure
		Manage
		Govern
	Decode Security Requirements to Technical Abilities
		Resource Planning and Hardening
	Design Security for a Resiliency Approach
		Before an Incident
		During an Incident
		After an Incident
		Feedback Loop
	Identify the Security Risks Associated with Hybrid and Multi-Tenant Environments
		Deploy a Secure Hybrid Identity Environment
		Deploy a Secure Hybrid Network
		Design a Multi-Tenancy Environment
		Responsiveness to Individual Tenants’ Needs
	Plan Traffic Filtering and Segmentation Technical and Governance Strategies
		Logically Segmented Subnets
		Deploy Perimeter Networks for Security Zones
		Avoid Exposure to the Internet with Dedicated WAN Links
		Use Virtual Network Appliances
	Summary
	Exam Essentials
	Review Questions
Chapter 2 Define a Security Operations Strategy
	Foundation of Security Operations and Strategy
		SOC Operating Model
		SOC Framework
		SOC Operations
		Microsoft SOC Strategy for Azure Cloud
		Microsoft SOC Function for Azure Cloud
		Microsoft SOC Integration Among SecOps and Business Leadership
		Microsoft SOC People and Process
		Microsoft SOC Metrics
		Microsoft SOC Modernization
		SOC MITRE ATT&CK
	Design a Logging and Auditing Strategy to Support Security Operations
		Overview of Azure Logging Capabilities
	Develop Security Operations to Support a Hybrid or Multi-Cloud Environment
		Integrated Operations for Hybrid and Multi-Cloud Environments
		Customer Processes
		Primary Cloud Controls
		Hybrid, Multi-Cloud Gateway, and Enterprise Control Plane
		Azure Security Operation Services
		Using Microsoft Sentinel and Defender for Cloud to Monitor Hybrid Security
	Design a Strategy for SIEM and SOAR
		Security Operations Center Best Practices for SIEM and SOAR
	Evaluate Security Workflows
		Microsoft Best Practices for Incident Response
		Microsoft Best Practices for Recovery
		Azure Workflow Automation Uses a Few Key Technologies
	Evaluate a Security Operations Strategy for the Incident Management Life Cycle
		Preparation
		Detection and Analysis
		Containment, Eradication, and Recovery
	Evaluate a Security Operations Strategy for Sharing Technical Threat Intelligence
		Microsoft Sentinel’s Threat Intelligence
		Defender for Endpoint’s Threat Intelligence
		Defender for IoT’s Threat Intelligence
		Defender for Cloud’s Threat Intelligence
		Microsoft 365 Defender’s Threat Intelligence
	Summary
	Exam Essentials
	Review Questions
Chapter 3 Define an Identity Security Strategy
	Design a Strategy for Access to Cloud Resources
		Deployment Objectives for Identity Zero Trust
		Microsoft’s Method to Identity Zero Trust Deployment
	Recommend an Identity Store (Tenants, B2B, B2C, Hybrid)
	Recommend an Authentication and Authorization Strategy
		Cloud Authentication
		Federated Authentication
		Secure Authorization
	Design a Strategy for Conditional Access
		Conditional Access Zero Trust Architecture
		Verify Explicitly
		Use Least-PrivilegedAccess
		Assume Breach
		Conditional Access Zero Trust Architecture
		Summary of Personas
	Design a Strategy for Role Assignment and Delegation
	Design a Security Strategy for Privileged Role Access to Infrastructure Including Identity-Based Firewall Rules and Azure PIM
		Securing Privileged Access
		Develop a Road Map
		Best Practices for Managing Identity and Access on the Microsoft Platform
	Design a Security Strategy for Privileged Activities Including PAM, Entitlement Management, and Cloud Tenant Administration
		Developing a Privileged Access Strategy
		Azure AD Entitlement Management
	Summary
	Exam Essentials
	Review Questions
Chapter 4 Identify a Regulatory Compliance Strategy
	Interpret Compliance Requirements and Translate into Specific Technical Capabilities
		Review the Organization Requirements
		Design a Compliance Strategy
		Key Compliance Consideration
	Evaluate Infrastructure Compliance by Using Microsoft Defender for Cloud
		Protect All of Your IT Resources Under One Roof
	Interpret Compliance Scores and Recommend Actions to Resolve Issues or Improve Security
	Design and Validate Implementation of Azure Policy
	Design for Data Residency Requirements
		Storage of Data for Regional Services
		Storage of Data for Nonregional Services
		Data Sovereignty
		Personal Data
		Azure Policy Consideration
		Azure Blueprints Consideration
		Protecting Organizational Data
		Encryption of Data at Rest
		Encryption of Data in Transit
		Encryption During Data Processing
		Azure Customer Lockbox
	Translate Privacy Requirements into Requirements for Security Solutions
		Leverage Azure Policy
	Summary
	Exam Essentials
	Review Questions
Chapter 5 Identify Security Posture and Recommend Technical Strategies to Manage Risk
	Analyze Security Posture by Using Azure Security Benchmark
		Evaluating Security Posture in Azure Workloads
	Analyze Security Posture by Using Microsoft Defender for Cloud
	Assess the Security Hygiene of Cloud Workloads
	Evaluate the Security Posture of Cloud Workloads
	Design Security for an Azure Landing Zone
		Design Security Review
		Security Design Considerations
		Security in the Azure Landing Zone Accelerator
		Improve Security in the Azure Landing Zone
	Evaluate Security Postures by Using Secure Scores
	Identify Technical Threats and Recommend Mitigation Measures
	Recommend Security Capabilities or Controls to Mitigate Identified Risks
	Summary
	Exam Essentials
	Review Questions
Chapter 6 Define a Strategy for Securing Infrastructure
	Plan and Deploy a Security Strategy Across Teams
		Security Roles and Responsibilities
		Security Strategy Considerations
		Deliverables
		Best Practices for Building a Security Strategy
		Strategy Approval
	Deploy a Process for Proactive and Continuous Evolution of a Security Strategy
		Considerations in Security Planning
		Establish Essential Security Practices
		Security Management Strategy
		Continuous Assessment
		Continuous Strategy Evolution
	Specify Security Baselines for Server and Client Endpoints
		What Are Security Baselines?
		What Is Microsoft Intune?
		What Are Security Compliance Toolkits?
		Foundation Principles of Baselines
		Selecting the Appropriate Baseline
	Specify Security Baselines for the Server, Including Multiple Platforms and Operating Systems
		Analyze Security Configuration
		Secure Servers (Domain Members)
	Specify Security Requirements for Mobile Devices and Clients, Including Endpoint Protection, Hardening, and Configuration
		App Isolation and Control
		Choose Between Device Management and Application Management
		Device Settings
		Client Requirements
	Specify Requirements for Securing Active Directory Domain Services
		Securing Domain Controllers Against Attack
		Microsoft Defender for Identity
	Design a Strategy to Manage Secrets, Keys, and Certificates
		Manage Access to Secrets, Certificates, and Keys
		Restrict Network Access
	Design a Strategy for Secure Remote Access
	Design a Strategy for Securing Privileged Access
	Summary
	Exam Essentials
	Review Questions
Chapter 7 Define a Strategy and Requirements for Securing PaaS, IaaS, and SaaS Services
	Establish Security Baselines for SaaS, PaaS, and IaaS Services
		PaaS Security Baseline
		IaaS Security Baseline
	Establish Security Requirements for IoT Workloads
	Establish Security Requirements for Data Workloads, Including SQL Server, Azure SQL, Azure Synapse, and Azure Cosmos DB
		Security Posture Management for Data
		Databases
	Define the Security Requirements for Web Workloads
		Security Posture Management for App Service
	Determine the Security Requirements for Storage Workloads
		Security Posture Management for Storage
	Define Container Security Requirements
		Security Posture Management for Containers
	Define Container Orchestration Security Requirements
	Summary
	Exam Essentials
	Review Questions
Chapter 8 Define a Strategy and Requirements for Applications and Data
	Knowing the Application Threat Intelligence Model
		Analyze the Application Design Progressively
		Mitigation Categories
		Mitigate the Identified Threats
	Specify Priorities for Mitigating Threats to Applications
		Identify and Classify Applications
		Assess the Potential Impact or Risk of Applications
	Specify a Security Standard for Onboarding a New Application
		Onboarding New Applications
		Security Standards for Onboarding Applications
	Specify a Security Strategy for Applications and APIs
		Enforcing Security for DevOps
		Security Strategy Components
		Strategies for Mitigating Threats
	Specify Priorities for Mitigating Threats to Data
		Ransomware Protection
	Design a Strategy to Identify and Protect Sensitive Data
		Data Discovery: Know Your Data
		Data Classification
		Data Protection
	Specify an Encryption Standard for Data at Rest and in Motion
		Encryption of Data at Rest
		Encryption of Data in Transit
		Azure Data Security and Encryption Best Practices
		Manage with Secure Workstations
		Key Management with Key Vault
	Summary
	Exam Essentials
	Review Questions
Chapter 9 Recommend Security Best Practices and Priorities
	Recommend Best Practices for Cybersecurity Capabilities and Controls
		Essential Best Practices in the MCRA
	Recommend Best Practices for Protecting from Insider and External Attacks
	Recommend Best Practices for Zero Trust Security
	Recommend Best Practices for Zero Trust Rapid Modernization Plan
	Recommend a DevSecOps Process
		Plan and Develop
		Commit the Code
		Build and Test
		Go to Production and Operate
	Recommend a Methodology for Asset Protection
		Get Secure
		Stay Secure
		Dilemmas Surrounding Patches
		Network Isolation
		Getting Started
		Key Information
	Recommend Strategies for Managing and Minimizing Risk
		What Is Cybersecurity Risk?
		Align Your Security Risk Management
		Knowing Cybersecurity Risk
	Plan for Ransomware Protection and Extortion-Based Attacks
		Regain Access for a Fee
		Avoid Disclosure by Paying
	Protect Assets from Ransomware Attacks
		Strategy for Privileged Access
	Recommend Microsoft Ransomware Best Practices
		Remote Access
		Email and Collaboration
		Endpoints
		Accounts
	Summary
	Exam Essentials
	Review Questions
Answers to Review Questions
	Chapter 1: Define and Implement an Overall Security Strategy and Architecture
	Chapter 2: Define a Security Operations Strategy
	Chapter 3: Define an Identity Security Strategy
	Chapter 4: Identify a Regulatory Compliance Strategy
	Chapter 5: Identify Security Posture and Recommend Technical Strategies to Manage Risk
	Chapter 6: Define a Strategy for Securing Infrastructure
	Chapter 7: Define a Strategy and Requirements for Securing PaaS, IaaS, and SaaS Services
	Chapter 8: Define a Strategy and Requirements for Applications and Data
	Chapter 9: Recommend Security Best Practices and Priorities
Index
EULA