Corso Microsoft Cybersecurity Architect SC-100

Obiettivi | Certificazione | Contenuti | Tipologia | Prerequisiti | Durata e Frequenza | Docenti | Modalità di Iscrizione | Calendario

Il Corso SC-100 Microsoft Cybersecurity Architect è un programma di formazione avanzato pensato per i partecipanti che mirano a diventare esperti nella progettazione e implementazione di soluzioni di sicurezza informatica all’interno dell’ecosistema Microsoft. Questo corso offre ai partecipanti un’opportunità unica di approfondire la loro conoscenza e competenza nel campo della sicurezza informatica, concentrandosi su argomenti quali la protezione delle informazioni, la gestione delle identità e degli accessi, la prevenzione delle minacce e la conformità normativa. Durante il corso, i partecipanti esploreranno le varie soluzioni e servizi offerti da Microsoft per garantire la sicurezza delle informazioni, i dispositivi e le infrastrutture aziendali. Verranno affrontati argomenti quali la progettazione e l’implementazione di strategie di sicurezza, l’utilizzo di soluzioni basate su cloud come Microsoft Azure e Microsoft 365, e l’integrazione di diverse tecnologie per garantire un approccio olistico alla sicurezza informatica.
Il corso contribuisce alla preparazione dell’esame di Certificazione Microsoft Cybersecurity Architect Expert.

Obiettivi del corso

Ecco una versione rivista degli obiettivi del Corso Microsoft Cybersecurity Architect SC-100:

• Approfondimento delle strategie di sicurezza in ambienti cloud e ibridi.
• Implementazione e gestione di soluzioni di sicurezza avanzate su Microsoft Azure.
• Progettazione di architetture di sicurezza robuste, integrando Microsoft 365.
• Analisi e mitigazione delle vulnerabilità e delle minacce informatiche.
• Utilizzo delle tecnologie Microsoft per il rafforzamento della sicurezza end-to-end

Certificazione del corso

Esame SC-100 Microsoft Cybersecurity Architect; Questo esame mira a valutare la capacità dei candidati di tradurre strategie di sicurezza informatica in soluzioni pratiche. Copre l’architettura di sicurezza su diverse piattaforme, incluse identità, dispositivi, dati, applicazioni, reti e infrastrutture. Gli esaminati devono dimostrare competenze nell’ideazione di soluzioni per la governance e la conformità ai rischi (GRC), operazioni di sicurezza e gestione della postura di sicurezza. Richiede conoscenza approfondita su Zero Trust, Microsoft Security Best Practices, gestione delle identità e accessi, sicurezza delle applicazioni, sicurezza dei dati, e infrastrutture ibride e multicloud.

Contenuti del corso

• Design a security strategy to support business resiliency goals, including identifying and prioritizing threats to business-critical assets
• Design solutions that align with Microsoft ransomware best practices, including backup, restore, and privileged access
• Design configurations for secure backup and restore by using Azure Backup for hybrid and multicloud environments
• Design solutions for security updates

• Design solutions that align with best practices for cybersecurity capabilities and controls
• Design solutions that align with best practices for protecting against insider and external attacks
• Design solutions that align with best practices for Zero Trust security, including the Zero Trust Rapid Modernization Plan (RaMP)

• Design a new or evaluate an existing strategy for security and governance based on the Microsoft Cloud Adoption Framework (CAF) for Azure and the Microsoft Azure Well-Architected Framework
• Recommend solutions for security and governance based on the Microsoft Cloud Adoption Framework for Azure and the Microsoft Azure Well-Architected Framework
• Design solutions for implementing and governing security by using Azure landing zones
• Design a DevSecOps process

• Develop security operations capabilities to support a hybrid or multicloud environment
• Design a solution for centralized logging and auditing
• Design a solution for security information and event management (SIEM), including Microsoft Sentinel
• Design a solution for detection and response that includes extended detection and response (XDR)
• Design a solution for security orchestration automated response (SOAR), including Microsoft Sentinel and Microsoft Defender
• Design and evaluate security workflows, including incident response, threat hunting, incident management, and threat intelligence
• Design and evaluate threat detection coverage by using MITRE ATT&CK

• Design a solution for access to software as a service (SaaS), platform as a service (PaaS), infrastructure as a service (IaaS), hybrid/on-premises, and multicloud resources, including identity, networking, and application controls
• Design a solution for Microsoft Entra ID, including hybrid and multi-cloud environments
• Design a solution for external identities, including business-to-business (B2B), business-to-customer (B2C), and decentralized identity
• Design a modern authentication and authorization strategy, including Conditional Access, continuous access evaluation, threat intelligence integration, and risk scoring
• Validate the alignment of Conditional Access policies with a Zero Trust strategy
• Specify requirements to secure Active Directory Domain Services (AD DS)
• Design a solution to manage secrets, keys, and certificates

• Design a solution for assigning and delegating privileged roles by using the enterprise access model
• Design an identity governance solution, including Microsoft Entra Privileged Identity Management (PIM), privileged access management, entitlement management, and access reviews
• Design a solution for securing the administration of cloud tenants, including SaaS and multicloud infrastructure and platforms
• Design a solution for cloud infrastructure entitlement management that includes Microsoft Entra Permissions Management
• Design a solution for Privileged Access Workstation (PAW) and bastion services

• Translate compliance requirements into a security solution
• Design a solution to address compliance requirements by using Microsoft Purview risk and compliance solutions
• Design a solution to address privacy requirements, including Microsoft Priva
• Design Azure Policy solutions to address security and compliance requirements
• Evaluate infrastructure compliance by using Microsoft Defender for Cloud

• Evaluate security posture by using MCSB
• Evaluate security posture by using Microsoft Defender for Cloud
• Evaluate security posture by using Microsoft Secure Score
• Design integrated security posture management and workload protection solutions in hybrid and multi-cloud environments, including Microsoft Defender for Cloud
• Design cloud workload protection solutions that use Microsoft Defender for Cloud, such as Microsoft Defender for Servers, Microsoft Defender for App Service, and Microsoft Defender for SQL
• Design a solution for integrating hybrid and multicloud environments by using Azure Arc
• Design a solution for Microsoft Defender External Attack Surface Management (Defender EASM)

• Specify security requirements for servers, including multiple platforms and operating systems
• Specify security requirements for mobile devices and clients, including endpoint protection, hardening, and configuration
• Specify security requirements for IoT devices and embedded systems
• Design a solution for securing operational technology (OT) and industrial control systems (ICS) by using Microsoft Defender for IoT
• Specify security baselines for server and client endpoints
• Design a solution for secure remote access

• Specify security baselines for SaaS, PaaS, and IaaS services
• Specify security requirements for IoT workloads
• Specify security requirements for web workloads, including Azure App Service
• Specify security requirements for containers
• Specify security requirements for container orchestration

• Evaluate security posture for productivity and collaboration workloads by using metrics, including Microsoft Secure Score and Microsoft Defender for Cloud secure score
• Design a Microsoft 365 Defender solution
• Design secure configurations and operational practices for Microsoft 365 workloads and data

• Evaluate the security posture of existing application portfolios
• Evaluate threats to business-critical applications by using threat modeling
• Design and implement a full lifecycle strategy for application security
• Design and implement standards and practices for securing the application development process
• Map technologies to application security requirements
• Design a solution for workload identity to authenticate and access Azure cloud resources
• Design a solution for API management and security
• Design a solution for secure access to applications, including Azure Web Application Firewall (WAF) and Azure Front Door

• Design a solution for data discovery and classification by using Microsoft Purview data governance solutions
• Specify priorities for mitigating threats to data
• Design a solution for protection of data at rest, data in motion, and data in use
• Design a security solution for data in Azure workloads, including Azure SQL, Azure Synapse Analytics, and Azure Cosmos DB
• Design a security solution for data in Azure Storage
• Design a security solution that includes Microsoft Defender for Storage and Microsoft Defender for SQL

Tipologia

Corso di Formazione con Docente

Docenti

I docenti sono Istruttori Autorizzati Microsoft e in altre tecnologie IT, con anni di esperienza pratica nel settore e nella Formazione.

Infrastruttura laboratoriale

Per tutte le tipologie di erogazione, il Corsista può accedere alle attrezzature e ai sistemi presenti nei Nostri laboratori o direttamente presso i data center del Vendor o dei suoi provider autorizzati in modalità remota h24. Ogni partecipante dispone di un accesso per implementare le varie configurazioni avendo così un riscontro pratico e immediato della teoria affrontata. Ecco di seguito alcuni scenari tratti dalle attività laboratoriali:

Dettagli del corso

Prerequisiti

Si consiglia la partecipazione al Corso Microsoft Security, Compliance, and Identity Fundamentals (SC-900).

Durata del corso

• Durata Intensiva 4gg;

Frequenza

Varie tipologie di Frequenza Estensiva ed Intensiva.

Date del corso

• Corso Microsoft Cybersecurity Architect (Formula Intensiva) – Su richiesta – 09:00 – 17:00

Le iscrizioni sono a numero chiuso per garantire ai tutti i partecipanti un servizio eccellente.
L’iscrizione avviene richiedendo di essere contattati dal seguente Link, o contattando la sede al numero verde 800-177596 o inviando una richiesta all’email [email protected].