Microsoft Azure Security Infrastructure, 1st edition

Yuri Diogenes
Tom Shinder
Debra Shinder

eTextbook

$33.99

Available for purchase from all major ebook resellers, including InformIT.com.
To request a review copy, click on the "Request a Review Copy" button.

Print

$27.99

A print text (hardcover or paperback)
Free shipping
Also available for purchase as an ebook from all major ebook resellers, including InformIT.com

Cisco Press has the only study guides approved by Cisco for the new CCNA certification. The new edition of the best-selling two-book value-priced CCNA 200-301 Official Cert Guide Library includes updated content, new online practice exercises, more than 600 practice exam questions, and more than 2 hours of video training–PLUS the CCNA Network Simulator Lite Editions with 34 free Network Simulator labs (available via download on the companion web site).

CCNA 200-301 Official Cert Guide Library is a comprehensive review and practice package for the latest CCNA exam and is the only self-study resource approved by Cisco. The two books contained in this package, CCNA 200-301 Official Cert Guide, Volume 1 and CCNA 200-301 Official Cert Guide, Volume 2, present complete reviews and a more challenging and realistic preparation experience. The books have been fully updated to refresh the content for the latest CCNA exam topics and to enhance certain key topics that are critical for exam success.

Best-selling author Wendell Odom shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.

Chapter 1 Cloud security

Cloud security considerations

Compliance

Risk management

Identity and access management

Operational security

Endpoint protection

Data protection

Shared responsibility

Cloud computing

Distributed responsibility in public cloud computing

Assume breach and isolation

Azure security architecture

Azure design principles

Chapter 2 Identity protection in Azure

Authentication and authorization

Azure hierarchy

Role-Based Access Control

On-premises integration

Azure AD Connect

Federation

Suspicious activity identification

Identity protection

User risk policy

Sign-in risk policy

Notification enabling

Vulnerabilities

Multi-Factor Authentication

Azure Multi-Factor Authentication implementation

Azure Multi-Factor Authentication option configuration

Chapter 3 Azure network security

Anatomy of Azure networking

Virtual network infrastructure

Network access control

Routing tables

Remote access (Azure gateway/point-to-site VPN/
RDP/Remote PowerShell/SSH)

Cross-premises connectivity

Network availability

Network logging

Public name resolution

Network security appliances

Reverse proxy

Azure Network Security best practices

Subnet your networks based on security zones

Use Network Security Groups carefully

Use site-to-site VPN to connect Azure Virtual Networks

Configure host-based firewalls on IaaS virtual machines

Configure User Defined Routes to control traffic

Require forced tunneling

Deploy virtual network security appliances

Create perimeter networks for Internet-facing devices

Use ExpressRoute

Optimize uptime and performance

Disable management protocols to virtual machines

Enable Azure Security Center

Extend your datacenter into Azure

Chapter 4 Data and storage security

Virtual machine encryption

Azure Disk Encryption

Storage encryption

File share wire encryption

Hybrid data encryption

Authentication

Wire security

Data at rest

Rights management

Database security

Azure SQL Firewall

SQL Always Encrypted

Row-level security

Transparent data encryption

Cell-level encryption

Dynamic data masking

Chapter 5 Virtual machine protection with Antimalware

Understanding the Antimalware solution

Antimalware deployment

Antimalware deployment to an existing VM

Antimalware deployment to a new VM

Antimalware removal

Chapter 6 Key management in Azure with Key Vault

Key Vault overview

App configuration for Key Vault

Key Vault event monitoring

Chapter 7 Azure resource management security

Azure Security Center overview

Detection capabilities

Onboard resources in Azure Security Center

Apply recommendations

Resource security health

Respond to security incidents

Chapter 8 Internet of Things security

Anatomy of the IoT

Things of the world, unite

Sensors, sensors everywhere

Big data just got bigger: TMI

Artificial intelligence to the rescue

IoT security challenges

IoT: Insecure by design

Ramifications of an insecure IoT

IoT threat modeling

Windows 10 IoT and Azure IoT

Windows 10 IoT editions

Azure IoT Suite and secure Azure IoT infrastructure

Chapter 9 Hybrid environment monitoring

Operations Management Suite Security and Audit solution overview

Log Analytics configuration

Windows Agent installation

Resource monitoring using OMS Security and Audit solution

Security state monitoring

Identity and access control

Alerts and threats

Chapter 10 Operations and management in the cloud

Scenario

Design considerations

Azure Security Center for operations

Azure Security Center for incident response

Azure Security Center for forensics investigation

Index

About the authors

YURI DIOGENES is a Senior Content Developer on the CSI Enterprise Mobility and Security Team, focusing on enterprise mobility solutions, Azure Security Center, and OMS Security. Previously, Yuri worked at Microsoft as a writer for the Windows Security team and as a Support Escalation Engineer for the CSS Forefront team. He has a Master of Science degree in Cybersecurity Intelligence and Forensics from Utica College and an MBA from FGF in Brazil, and he holds several industry certifications. He is co-author of Enterprise Mobility Suite–Managing BYOD and Company-Owned Devices (Microsoft Press, 2015), Microsoft Forefront Threat Management Gateway (TMG) Administrator’s Companion (Microsoft Press, 2010), and three other Forefront titles from Microsoft Press.

DR. THOMAS SHINDER is a program manager in Azure Security Engineering and a 20-year veteran in IT security. Tom is best known for his work with ISA Server and TMG, publishing nine books on those topics. He was also the leading voice at ISAserver.org. After joining Microsoft in 2009, Tom spent time on the UAG DirectAccess team and then took a 3-year vacation from security to be a cloud infrastructure specialist and architect. He’s now back where he belongs in security, and spends a good deal of time hugging his Azure Security Center console and hiding his secrets in Azure Key Vault.

DEBRA LITTLEJOHN SHINDER, MCSE, is a former police officer and police academy instructor who is self-employed as a technol¿ogy consultant, trainer, and writer, specializing in network and cloud security. She has authored a number of books, including Scene of the Cybercrime: Computer Forensics Handbook (Syngress Publishing, 2002) and Computer Networking Essentials (Cisco Press, 2001). She has co-authored more than 20 additional books and worked as a tech editor, developmental editor, and contributor to more than 15 books. Deb is a lead author for WindowSecurity.com and WindowsNetworking.com, and a long-time contributor to the GFI Software blog and other technology publications, with more than 1,500 published articles in print magazines and on websites. Deb focuses on Microsoft products, and has been awarded the Microsoft MVP (Most Valuable Professional) award in the field of enterprise security for 14 years in a row. She lives and works in the Dallas-Fort Worth area and has taught law enforcement, computer networking, and security courses at Eastfield College in Mesquite, Texas. She currently sits on the advisory board of the Eastfield Criminal Justice Training Center Police Academy.

Need help? Get in touch

Privacy and cookies

By watching, you agree Pearson can share your viewership data for marketing and analytics for one year, revocable by deleting your cookies.

Video transcript (PDF | 16KB)

Pearson eTextbook: What’s on the inside just might surprise you

They say you can’t judge a book by its cover. It’s the same with your students. Meet each one right where they are with an engaging, interactive, personalized learning experience that goes beyond the textbook to fit any schedule, any budget, and any lifestyle.

Microsoft Azure Security Infrastructure, 1st edition

eTextbook

Print

Pearson eTextbook: What’s on the inside just might surprise you

Digital Learning NOW

Explore

Products & Services

Support

Extend Your Learning

About us