Duration 3 Days – 21 hrs
Overview
The Azure Security, Identity and Compliance Training Course is designed to provide participants with a practical understanding of how to secure Microsoft Azure environments using identity management, access control, security monitoring, governance, and compliance tools.
This course covers Microsoft Entra ID, Azure role-based access control, privileged access concepts, security monitoring, Microsoft Defender for Cloud, Azure Policy, regulatory compliance, data protection, encryption, and cloud security best practices. Participants will learn how to apply security controls, manage user and application access, monitor cloud risks, and support compliance requirements in an Azure environment.
The course is suitable for organizations that want to strengthen their Azure security posture and ensure that cloud resources are managed according to internal policies, regulatory expectations, and industry best practices.
Objectives
- Understand Azure security, identity, and compliance concepts.
- Explain the shared responsibility model in cloud security.
- Understand Microsoft Entra ID and its role in Azure identity management.
- Apply Azure role-based access control and least privilege access principles.
- Understand authentication, authorization, multi-factor authentication, and Conditional Access concepts.
- Identify key Azure security services and monitoring tools.
- Understand Microsoft Defender for Cloud and security posture management.
- Use Azure Policy and governance controls to support compliance.
- Understand encryption, key management, and data protection options in Azure.
- Recognize common cloud compliance requirements and audit considerations.
- Develop basic security and compliance controls for Azure resources.
- Support cloud governance, risk management, and security operations activities
Target Audience
- Cloud administrators
- Systems administrators
- Network administrators
- Security administrators
- IT governance, risk, and compliance teams
- IT audit and compliance officers
- Cloud support engineers
- Infrastructure engineers
- DevOps and platform teams
- IT managers and technical leads
- Application support teams
- Professionals involved in Azure security, identity, and compliance activities
Prerequisites
- Basic knowledge of cloud computing concepts
- Basic familiarity with Microsoft Azure services
- Basic understanding of networking, servers, and IT operations
- Awareness of information security concepts is helpful
- No advanced Azure security experience is required
Course Outline
Day 1: Azure Security and Identity Fundamentals
Module 1: Introduction to Azure Security
- Overview of Azure security concepts
- Shared responsibility model
- Cloud security challenges
- Zero Trust security model
- Defense-in-depth approach
- Common Azure security risks
- Security roles and responsibilities in Azure
Module 2: Microsoft Entra ID Fundamentals
- Introduction to Microsoft Entra ID
- Users, groups, roles, and tenants
- Identity lifecycle management
- Authentication and authorization concepts
- Single sign-on overview
- Multi-factor authentication overview
- Conditional Access overview
- Identity protection concepts
Module 3: Azure Role-Based Access Control
- Azure RBAC overview
- Difference between Microsoft Entra roles and Azure roles
- Role assignments and scopes
- Built-in roles and custom roles overview
- Least privilege access
- Access reviews and role governance concepts
- Common RBAC design mistakes
Module 4: Privileged Access and Identity Security
- Privileged access risks
- Administrative account protection
- Privileged Identity Management overview
- Break-glass account concept
- Service principals and managed identities
- Application permissions overview
- Best practices for identity security
Day 2: Azure Security Controls and Monitoring
Module 5: Securing Azure Resources
- Secure configuration of Azure resources
- Network security groups
- Azure Firewall overview
- Private endpoints overview
- Secure remote access concepts
- Storage account security
- Database security considerations
- Secure application access concepts
Module 6: Data Protection and Encryption
- Data protection principles in Azure
- Encryption at rest and in transit
- Azure Key Vault overview
- Key, secret, and certificate management
- Managed keys and customer-managed keys overview
- Backup and recovery security considerations
- Data classification and protection concepts
Module 7: Microsoft Defender for Cloud
- Overview of Microsoft Defender for Cloud
- Secure score concept
- Security recommendations
- Workload protection overview
- Vulnerability assessment overview
- Regulatory compliance dashboard overview
- Security posture management
- Remediation tracking
Module 8: Azure Monitoring and Security Operations
- Azure Monitor overview
- Activity logs and diagnostic logs
- Log Analytics overview
- Security alerts and incidents
- Microsoft Sentinel overview
- Security event monitoring
- Incident response workflow overview
- Reporting and escalation practices
Day 3: Azure Governance, Compliance, and Best Practices
Module 9: Azure Governance for Security and Compliance
- Cloud governance overview
- Governance versus security operations
- Azure management groups
- Subscription and resource group structure
- Naming and tagging standards
- Resource locks
- Governance roles and ownership
- Policy-based governance model
Module 10: Azure Policy and Compliance Management
- Azure Policy overview
- Policy definitions and initiatives
- Assigning policies to scopes
- Compliance assessment
- Remediation tasks overview
- Built-in security and compliance policies
- Policy reporting and monitoring
- Common governance use cases
Module 11: Regulatory Compliance and Audit Readiness
- Cloud compliance concepts
- Compliance responsibilities in Azure
- Regulatory compliance dashboard overview
- Microsoft Cloud Security Benchmark overview
- Audit evidence and documentation
- Security baseline alignment
- Risk and control mapping
- Compliance review cycle
Module 12: Security Best Practices and Implementation Workshop
- Designing a secure Azure access model
- Creating a basic RBAC structure
- Defining security and compliance policies
- Creating a tagging and ownership standard
- Reviewing a sample security posture report
- Identifying high-risk misconfigurations
- Preparing a basic Azure security and compliance checklist
- Developing an Azure security improvement action plan

