Mastering Azure Security

Arnav Sharma

This audiobook is narrated by a digital voice. DESCRIPTION The adoption of the Cloud brings many security challenges. Securing identities, data, and workloads while trying to stay on the right side of compliance regulations has become a priority for...

Premium Chapters

Premium

Title Page

1/30/2025

Copyright Page

1/30/2025

Dedication Page

1/30/2025

About the Author

1/30/2025

About the Reviewers

1/30/2025

Acknowledgement

1/30/2025

Preface

1/30/2025

1. Introduction to Azure Security

1/30/2025

Introduction

1/30/2025

Structure

1/30/2025

Objectives

1/30/2025

Threat landscape

1/30/2025

Understanding the current threat environment

1/30/2025

Cloud and associated threats

1/30/2025

Azure's threat intelligence

1/30/2025

Key features of Azure's threat intelligence

1/30/2025

Shared responsibility model

1/30/2025

The core principle

1/30/2025

Microsoft's responsibilities for cloud security

1/30/2025

Customer responsibilities for cloud security

1/30/2025

Responsibility distribution across cloud service models

1/30/2025

Shared responsibility in practice

1/30/2025

Misconceptions and clarifications

1/30/2025

Cloud security posture management

1/30/2025

The tools that make CSPM work in Azure

1/30/2025

Zero Trust security model

1/30/2025

Understanding the Zero Trust security model

1/30/2025

Core principles

1/30/2025

Implementing Zero Trust in Azure

1/30/2025

Zero Trust architecture example

1/30/2025

Deploying Zero Trust

1/30/2025

Zero Trust principles

1/30/2025

Threat protection with Microsoft Defender for Cloud

1/30/2025

Defense-in-depth

1/30/2025

Understanding the defense-in-depth security strategy

1/30/2025

Layers of defense

1/30/2025

Best practices

1/30/2025

Advantages of defense-in-depth

1/30/2025

Conclusion

1/30/2025

2. Securing Identity and Access

1/30/2025

Introduction to Entra ID

1/30/2025

Overview of Entra ID

1/30/2025

Importance of identity in security

1/30/2025

Key features of Entra ID

1/30/2025

Microsoft Entra ID authentication

1/30/2025

Understanding authorisation

1/30/2025

Comparison of password-based vs. passwordless authentication

1/30/2025

Authentication flows

1/30/2025

Implementing authentication best practices

1/30/2025

Microsoft Entra ID authorisation

1/30/2025

Comparing RBAC vs. PIM

1/30/2025

Privileged Identity Management

1/30/2025

Types of roles

1/30/2025

Best practices for authorisation

1/30/2025

Microsoft Entra ID Secure Score

1/30/2025

Understanding what Secure Score is

1/30/2025

How Secure Score works

1/30/2025

Importance of Secure Score

1/30/2025

Components of Secure Score

1/30/2025

Improving your Secure Score

1/30/2025

Microsoft Entra ID tenant security

1/30/2025

Securing the Microsoft Entra ID tenant

1/30/2025

Appropriate use of security use

1/30/2025

Best practices for Microsoft Entra ID tenant security

1/30/2025

Microsoft Entra ID identities and protection

1/30/2025

Types of identities

1/30/2025

User accounts

1/30/2025

Guest accounts

1/30/2025

Service principals

1/30/2025

Managed Identities

1/30/2025

Identity protection features

1/30/2025

Enhancing identity security in Microsoft Entra ID

1/30/2025

Microsoft Entra ID secure application access

1/30/2025

Securing access to applications with Microsoft Entra ID

1/30/2025

Single sign-on for seamless and secure authentication

1/30/2025

Conditional Access for intelligent security enforcement

1/30/2025

Securing on-premises applications with Azure AD application proxy

1/30/2025

Enhancing application security with Microsoft Entra ID

1/30/2025

Managed Identity-based secure authentication

1/30/2025

Updating applications helps to reduce vulnerabilities

1/30/2025

Session management and monitoring

1/30/2025

Risk-based access management and identity protection

1/30/2025

Ensuring compliance and governance with identity access reviews

1/30/2025

3. Securing Networks

1/30/2025

Overview of virtual networks

1/30/2025

Network segmentation

1/30/2025

Network Security Group vs. Application Security Group

1/30/2025

Simple Azure network architecture

1/30/2025

Traffic filtering and protection

1/30/2025

NSG vs. Azure Firewall

1/30/2025

Best practices for securing Azure Virtual Networks

1/30/2025

Securing private access to Azure resources

1/30/2025

Introduction to private access

1/30/2025

Key features

1/30/2025

Private Link vs. Service Endpoints comparison table

1/30/2025

Hybrid connectivity

1/30/2025

Hybrid connectivity decision matrix

1/30/2025

Enhancing security with ExpressRoute private access

1/30/2025

Azure VPN Gateway

1/30/2025

Types of Azure VPN Gateway connections

1/30/2025

How Azure VPN Gateway works

1/30/2025

Benefits of Azure VPN Gateway

1/30/2025

ExpressRoute

1/30/2025

Types of ExpressRoute circuits

1/30/2025

ExpressRoute connectivity models

1/30/2025

Working of ExpressRoute

1/30/2025

Benefits of Azure ExpressRoute

1/30/2025

Azure Virtual WAN

1/30/2025

Types of Azure Virtual WAN

1/30/2025

Working of Azure Virtual WAN

1/30/2025

Securing public access to Azure resources

1/30/2025

Public Access considerations

1/30/2025

Tools for securing public access

1/30/2025

Azure Application Gateway

1/30/2025

Azure Front Door

1/30/2025

Web Application Firewall

1/30/2025

Predefined rules and custom policy configurations

1/30/2025

Azure DDoS protection

1/30/2025

How Azure DDoS protection works

1/30/2025

Two tiers of Azure DDoS protection

1/30/2025

Endpoint security

1/30/2025

Azure Traffic Manager

1/30/2025

How Traffic Manager boosts endpoint security

1/30/2025

Custom DNS and Azure DNS

1/30/2025

How Azure DNS enhances endpoint security

1/30/2025

Certificates

1/30/2025

How certificates enhance security in Azure

1/30/2025

Managing certificates in Azure

1/30/2025

Azure Key Vault for secure certificate storage

1/30/2025

Automating TLS certificate rotation with Azure Key Vault

1/30/2025

4. Securing Compute

1/30/2025

Securing Azure Virtual Machines

1/30/2025

Overview of Azure Virtual Machines

1/30/2025

Key security features for Azure VMs

1/30/2025

Best practices for securing virtual machines

1/30/2025

Azure Virtual Machines baseline architecture

1/30/2025

Securing Azure Container Services

1/30/2025

Overview of container services

1/30/2025

Baseline architecture for an Azure Kubernetes Service Cluster

1/30/2025

Securing Azure App Service

1/30/2025

Overview of Azure App Service

1/30/2025

Key security features of Azure App Service

1/30/2025

Securing Azure Serverless

1/30/2025

Overview of serverless security

1/30/2025

Key security features

1/30/2025

Best practices for securing serverless applications

1/30/2025

Securing Azure API Management

1/30/2025

Overview of API Management

1/30/2025

Key security features of Azure API Management

1/30/2025

Best practices for securing Azure API Management

1/30/2025

Baseline architecture for APIM

1/30/2025

5. Securing Data

1/30/2025

Access control for storage services

1/30/2025

Overview of storage access control

1/30/2025

Access control methods for storage

1/30/2025

Managing access policies for storage services

1/30/2025

Best practices for securing Azure Storage access

1/30/2025

Data protection for storage services

1/30/2025

Introduction to data protection

1/30/2025

Governance and data classification

1/30/2025

Encryption for storage services

1/30/2025

Overview of encryption

1/30/2025

Encryption methods

1/30/2025

Encryption methods comparison

1/30/2025

Key management

1/30/2025

Security of database services

1/30/2025

Overview of Azure database security

1/30/2025

Authentication and access control

1/30/2025

Auditing and monitoring

1/30/2025

Data protection techniques

1/30/2025

Best practices for securing Azure database services

1/30/2025

Comparing security capabilities

1/30/2025

6. Security Governance

1/30/2025

Cloud Adoption Framework

1/30/2025

Overview of CAF

1/30/2025

CAF Governance Model

1/30/2025

Best practices for CAF

1/30/2025

CAF sample architecture

1/30/2025

Well-Architected Framework

1/30/2025

Overview of WAF

1/30/2025

Comparing CAF and WAF

1/30/2025

Best practices for WAF

1/30/2025

WAF review tool

1/30/2025

Microsoft Purview data governance

1/30/2025

Overview of Microsoft Purview

1/30/2025

Best practices for Purview

1/30/2025

Purview sample architecture

1/30/2025

Azure management groups

1/30/2025

Overview of management groups

1/30/2025

Best practices for management group

1/30/2025

Azure management groups sample architecture

1/30/2025

Azure Blueprints

1/30/2025

Overview of Azure Blueprints

1/30/2025

Best practices for Blueprints

1/30/2025

Azure Blueprint Sample

1/30/2025

Azure Landing Zones

1/30/2025

Overview of Landing Zones

1/30/2025

Best practices for Landing Zones

1/30/2025

Azure Landing Zone Architecture

1/30/2025

Mastering Azure Security

Arnav Sharma

This audiobook is narrated by a digital voice. DESCRIPTION The adoption of the Cloud brings many security challenges. Securing identities, data, and workloads while trying to stay on the right side of compliance regulations has become a priority for...

Title Page

Copyright Page

Dedication Page

About the Author

About the Reviewers

Acknowledgement

Preface

Table of Contents

1. Introduction to Azure Security

Introduction

Structure

Objectives

Threat landscape

Understanding the current threat environment

Cloud and associated threats

Azure's threat intelligence

Key features of Azure's threat intelligence

Shared responsibility model

The core principle

Microsoft's responsibilities for cloud security

Customer responsibilities for cloud security

Responsibility distribution across cloud service models

Shared responsibility in practice

Misconceptions and clarifications

Cloud security posture management

The tools that make CSPM work in Azure

Zero Trust security model

Understanding the Zero Trust security model

Core principles

Implementing Zero Trust in Azure

Zero Trust architecture example

Deploying Zero Trust

Zero Trust principles

Threat protection with Microsoft Defender for Cloud

Defense-in-depth

Understanding the defense-in-depth security strategy

Layers of defense

Best practices

Advantages of defense-in-depth

Conclusion

2. Securing Identity and Access

Introduction to Entra ID

Overview of Entra ID

Importance of identity in security

Key features of Entra ID

Microsoft Entra ID authentication

Understanding authorisation

Comparison of password-based vs. passwordless authentication

Authentication flows

Implementing authentication best practices

Microsoft Entra ID authorisation

Comparing RBAC vs. PIM

Privileged Identity Management

Types of roles

Best practices for authorisation

Microsoft Entra ID Secure Score

Understanding what Secure Score is

How Secure Score works

Importance of Secure Score

Components of Secure Score

Improving your Secure Score

Microsoft Entra ID tenant security

Securing the Microsoft Entra ID tenant

Appropriate use of security use

Best practices for Microsoft Entra ID tenant security

Microsoft Entra ID identities and protection

Types of identities

User accounts

Guest accounts

Service principals

Managed Identities

Identity protection features

Enhancing identity security in Microsoft Entra ID

Microsoft Entra ID secure application access

Securing access to applications with Microsoft Entra ID

Single sign-on for seamless and secure authentication

Conditional Access for intelligent security enforcement