Module 01: Design solutions that align with security best practices and priorities
Design a resiliency strategy for ransomware and other attacks based on Microsoft Security Best Practices
- Design a security strategy to support business resiliency goals, including identifying and prioritizing threats to business-critical assets
- Design solutions for business continuity and disaster recovery (BCDR), including secure backup and restore for hybrid and multicloud environments
- Design solutions for mitigating ransomware attacks, including prioritization of BCDR and privileged access
- Evaluate solutions for security updates
Design solutions that align with the Microsoft Cybersecurity Reference Architectures (MCRA) and Microsoft cloud security benchmark (MCSB)
- Design solutions that align with best practices for cybersecurity capabilities and controls
- Design solutions that align with best practices for protecting against insider, external, and supply chain attacks
- Design solutions that align with best practices for Zero Trust security, including the Zero Trust Rapid Modernization Plan (RaMP)
- Design solutions that align with the Microsoft Cloud Adoption Framework for Azure and the Microsoft Azure Well-Architected Framework
Design a new or evaluate an existing strategy for security and governance based on the Microsoft Cloud Adoption Framework (CAF) for Azure and the Microsoft Azure Well-Architected Framework
- Recommend solutions for security and governance based on the Microsoft Cloud Adoption Framework for Azure and the Microsoft Azure Well-Architected Framework
- Design solutions for implementing and governing security by using Azure landing zones
- Design a DevSecOps process that aligns with best practices in the Microsoft Cloud Adoption Framework (CAF)
Module 02: Design security operations, identity, and compliance capabilities
Design solutions for security operations
- Design a solution for detection and response that includes extended detection and response (XDR) and security information and event management (SIEM)
- Design a solution for centralized logging and auditing, including Microsoft Purview Audit
- Design monitoring to support hybrid and multicloud environments
- Design a solution for security orchestration automated response (SOAR), including Microsoft Sentinel and Microsoft Defender XDR
- Design and evaluate security workflows, including incident response, threat hunting, and incident management
- Design and evaluate threat detection coverage by using MITRE ATT&CK matrices, including Cloud, Enterprise, Mobile, and ICS
Design solutions for identity and access management
- Design a solution for access to software as a service (SaaS), platform as a service (PaaS), infrastructure as a service (IaaS), hybrid/on-premises, and multicloud resources, including identity, networking, and application controls
- Design a solution for Microsoft Entra ID, including hybrid and multi-cloud environments
- Design a solution for external identities, including business-to-business (B2B), business-to-customer (B2C), and decentralized identity
- Design a modern authentication and authorization strategy, including Conditional Access, continuous access evaluation, risk scoring, and protected actions
- Validate the alignment of Conditional Access policies with a Zero Trust strategy
- Specify requirements to harden Active Directory Domain Services (AD DS)
- Design a solution to manage secrets, keys, and certificates
Design solutions for securing privileged access
- Design a solution for assigning and delegating privileged roles by using the enterprise access model
- Evaluate the security and governance of Microsoft Entra ID, including Microsoft Entra Privileged Identity Management (PIM), entitlement management, and access reviews
- Evaluate the security and governance of on-premises Active Directory Domain Services (AD DS), including resilience to common attacks
- Design a solution for securing the administration of cloud tenants, including SaaS and multicloud infrastructure and platforms
- Design a solution for cloud infrastructure entitlement management that includes Microsoft Entra Permissions Management
- Evaluate an access review management solution that includes Microsoft Entra Permissions Management
- Design a solution for Privileged Access Workstation (PAW), including remote access
Design solutions for regulatory compliance
- Translate compliance requirements into security controls
- Design a solution to address compliance requirements by using Microsoft Purview
- Design a solution to address privacy requirements, including Microsoft Priva
- Design Azure Policy solutions to address security and compliance requirements
- Evaluate and validate alignment with regulatory standards and benchmarks by using Microsoft Defender for Cloud
Module 03: Design security solutions for infrastructure
Design solutions for security posture management in hybrid and multicloud environments
- Evaluate security posture by using Microsoft Defender for Cloud, including the Microsoft cloud security benchmark (MCSB)
- Evaluate security posture by using Microsoft Secure Score
- Design integrated security posture management solutions that include Microsoft Defender for Cloud in hybrid and multi-cloud environments
- Select cloud workload protection solutions in Microsoft Defender for Cloud
- Design a solution for integrating hybrid and multicloud environments by using Azure Arc
- Design a solution for Microsoft Defender External Attack Surface Management (Defender EASM)
- Specify requirements and priorities for a posture management process that uses Exposure Management attack paths, attack surface reduction, security insights, and initiatives
Specify requirements for securing server and client endpoints
- Specify security requirements for servers, including multiple platforms and operating systems
- Specify security requirements for mobile devices and clients, including endpoint protection, hardening, and configuration
- Specify security requirements for IoT devices and embedded systems
- Evaluate solutions for securing operational technology (OT) and industrial control systems (ICS) by using Microsoft Defender for IoT
- Specify security baselines for server and client endpoints
- Evaluate Windows Local Admin Password Solution (LAPS) solutions
Specify requirements for securing SaaS, PaaS, and IaaS services
- Specify security baselines for SaaS, PaaS, and IaaS services
- Specify security requirements for IoT workloads
- Specify security requirements for web workloads
- Specify security requirements for containers
- Specify security requirements for container orchestration
- Evaluate solutions that include Azure AI Services Security
Evaluate solutions for network security and Security Service Edge (SSE)
- Evaluate network designs to align with security requirements and best practices
- Evaluate solutions that use Microsoft Entra Internet Access as a secure web gateway
- Evaluate solutions that use Microsoft Entra Internet Access to access Microsoft 365, including cross-tenant configurations
- Evaluate solutions that use Microsoft Entra Private Access
Module 04: Design security solutions for applications and data
Evaluate solutions for securing Microsoft 365
- Evaluate security posture for productivity and collaboration workloads by using metrics, including Microsoft Secure Score
- Evaluate solutions that include Microsoft Defender for Office and Microsoft Defender for Cloud Apps
- Evaluate device management solutions that include Microsoft Intune
- Evaluate solutions for securing data in Microsoft 365 by using Microsoft Purview
- Evaluate data security and compliance controls in Microsoft Copilot for Microsoft 365 services
Design solutions for securing applications
- Evaluate the security posture of existing application portfolios
- Evaluate threats to business-critical applications by using threat modeling
- Design and implement a full lifecycle strategy for application security
- Design and implement standards and practices for securing the application development process
- Map technologies to application security requirements
- Design a solution for workload identity to authenticate and access Azure cloud resources
- Design a solution for API management and security
- Design solutions that secure applications by using Azure Web Application Firewall (WAF)
Design solutions for securing an organization’s data
- Evaluate solutions for data discovery and classification
- Specify priorities for mitigating threats to data
- Evaluate solutions for encryption of data at rest and in transit, including Azure KeyVault and infrastructure encryption
- Design a security solution for data in Azure workloads, including Azure SQL, Azure Synapse Analytics, and Azure Cosmos DB
- Design a security solution for data in Azure Storage
- Design a security solution that includes Microsoft Defender for Storage and Microsoft Defender for Databases
