Description
Security is integrated into every cloud, but this makes users put their guard down as they take cloud security for granted. Although the cloud provides higher security, keeping their resources secure is one of the biggest challenges many organizations face as threats are constantly evolving. Microsoft Azure offers a shared responsibility model that can address any challenge with the right approach.Revised to cover product updates up to early 2022, this book will help you explore a variety of services and features from Microsoft Azure that can help you overcome challenges in cloud security. Youll start by learning the most important security concepts in Azure, their implementation, and then advance to understanding how to keep resources secure. The book will guide you through the tools available for monitoring Azure security and enforcing security and governance the right way. Youll also explore tools to detect threats before they can do any real damage and those that use machine learning and AI to analyze your security logs and detect anomalies.By the end of this cloud security book, youll have understood cybersecurity in the cloud and be able to design secure solutions in Microsoft Azure. Spis treści:Mastering Azure SecuritySecond EditionContributorsAbout the authorsAbout the reviewerPrefaceWho this book is forWhat this book coversTo get the most out of this bookDownload the color imagesDownload the example code filesConventions usedGet in touchShare Your ThoughtsSection 1: Identity and GovernanceChapter 1: An Introduction to Azure SecurityExploring the shared responsibility modelOn-premisesIaaSPaaSSaaSDivision of security in the shared responsibility modelPhysical securityAzure networkAzure infrastructure availabilityAzure infrastructure integrityAzure infrastructure monitoringUnderstanding Azure security foundationsSummaryQuestionsChapter 2: Governance and SecurityUnderstanding governance in AzureUsing common sense to avoid mistakesUsing management locksUsing management groups for governanceUnderstanding Azure PolicyModeParametersPolicy assignmentsInitiative definitionsInitiative assignmentsPolicy exemptionsPolicy best practicesDefining Azure blueprintsBlueprint definitionsBlueprint publishingAzure Resource GraphQuerying Azure Resource Graph with PowerShellQuerying Azure Resource Graph with the Azure CLIAdvanced queriesSummaryQuestionsChapter 3: Managing Cloud IdentitiesExploring passwords and passphrasesDictionary attacks and password protectionUnderstanding MFAHow to enable MFA in Azure ADMFA activation from a users perspectiveIntroducing security defaultsUsing Conditional AccessNamed locationsCustom controlsTerms of useConditional Access policiesIntroducing Azure AD Identity ProtectionAzure AD Identity Protection at a glanceUnderstanding role-based access controlCreating custom RBAC rolesProtecting admin accounts with Azure AD PIMManaging Azure AD roles in PIMManaging Azure resources with PIMHybrid authentication and Single Sign-OnUnderstanding passwordless authenticationGlobal settingsLicensing considerationsSummaryQuestionsSection 2: Cloud Infrastructure SecurityChapter 4: Azure Network SecurityUnderstanding Azure Virtual NetworkConnecting on-premises networks with AzureCreating an S2S connectionConnecting a VNet to another VNetVNet service endpointsPrivate endpointsConsidering other VNet security optionsAzure Firewall deployment and configurationAzure DDoS protectionAzure BastionHub-and-spoke network topologyHub VNetUnderstanding Azure Application GatewayUnderstanding Azure Front DoorSummaryQuestionsChapter 5: Azure Key VaultUnderstanding Azure Key VaultUnderstanding access policiesUnderstanding service-to-service authenticationUnderstanding managed identities for Azure resourcesUsing Azure Key Vault in deployment scenariosCreating an Azure Key Vault and secretAzure VM deploymentSummaryQuestionsChapter 6: Data SecurityTechnical requirementsUnderstanding Azure StorageUnderstanding Azure virtual machine disksWorking on Azure SQL DatabaseSummaryQuestionsSection 3: Security ManagementChapter 7: Microsoft Defender for CloudIntroducing Microsoft Defender for CloudEnabling Microsoft Defender for CloudUsing auto-provisioning to deploy extensionsEnabling Microsoft Defender for Clouds enhanced securityCloud Security Posture Management with Defender for CloudWorking with recommendationsHow to prioritize remediationWorking with resource exemptionsCustom policies and (regulatory) complianceUsing the regulatory compliance dashboardWorking with regulatory compliance standardsCloud workload protection and multi-cloud capabilitiesMicrosoft Defender for ServersMicrosoft Defender for ContainersThreat detection summaryAutomating securityContinuous exportWorkflow automationREST APIsMulti-cloud capabilities in Microsoft Defender for CloudSummaryQuestionsChapter 8: Microsoft SentinelIntroduction to SIEMGetting started with Microsoft SentinelConfiguring data connectors and retentionWorking with Microsoft Sentinel dashboardsSetting up rules and alertsMicrosoft Sentinel automationCreating workbooksUsing threat hunting and notebooksAdvanced threat detectionUsing community resourcesSummaryQuestionsChapter 9: Security Best PracticesLog Analytics design considerationsUnderstanding Azure SQL Database security featuresSecurity in Azure App ServiceStorage account access keysSummaryQuestionsAssessmentsChapter 1 An Introduction to Azure SecurityChapter 2 Governance and SecurityChapter 3 Managing Cloud IdentitiesChapter 4 Azure Network SecurityChapter 5 Azure Key VaultChapter 6 Data SecurityChapter 7 Microsoft Defender for CloudChapter 8 Microsoft SentinelChapter 9 Security Best PracticesWhy subscribe?Other Books You May EnjoyPackt is searching for authors like youShare Your Thoughts
książki po angielsku, podkreślić po angielsku, marta lasota, wszystkie gatunki muzyczne
yyyyy