Description
Chapter 1. Reduce Cybersecurity Vulnerabilities from the Identity Layer
In this chapter you learn the foundation of Azure active directory and quickly expand on the different capabilities for custom domains to manage Azure Subscriptions and why Identity is the security perimeter in the cloud. Azure directly supports IAM (Identity Access Management), for any size organization as the IT cloud supports secure connection from any device and any location. In this chapter you gain insight into IAM challenges for blue team defense of cyber security attacks.
- Azure cloud relations to: Azure Tenant, Azure Subscription, Azure AD
o Azure tenant security
o Azure subscription security
o Azure API security
o Azure resource locks
- Managing Azure Active Directory: Users, and Groups
- Azure Active Directory OAuth, SAML, AD Connect
- Security measures:
o Azure Application Permission Scopes, consent
o Configure Multi-Factor Authentication
o Conditional Access Policies- Configure Azure AD Privileged Identity Management
Chapter 2 Azure Network Security Configuration
Software defined network is titled VNet in Azure and introduces new security challenges for cloud security architect when it comes to isolate data and still allow secure communication from valid users, applications and systems. In this chapter you learn security supported networking in Azure with the guides to present TCP/IP, protocol communication ports and what Azure security services are available to learn about notable tactics, techniques and procedures (TTPs) that can be exploited by Advanced Persistent Threats (APT). You learn VNet recommendations to mitigate misconfigurations and provide detection on Incidents of Compromise (IOC) like forensic evidence of potential intrusions.
- Virtual Networks, VNets, Network Peering
- NSG, Port vulnerability, OSI / TCP Model
- Azure Firewall Configurations
- Azure Front Door Service
- Application Security Groups
- Remote Access Management
Chapter 3 Reduce Cybersecurity Vulnerabilities from IaaS and DataOperational frameworks and cyber security frameworks work hand-in-hand to support the business. The framework helps to prepare and enable steps to prevent penetration from globally attacks. In this chapter you learn through examples about advanced persistent threats (APT) using techniques, tactics and procedures to reduce risk to specific threats.
- Harden Azure VMs
- VM Security
- VM Endpoint Security
- VM OS security updates- Database configurations (Best Practices)
o Authentication
o Auditing
o SQL Advanced Threat Protection
- Storage Accounts (data access)
- &
Author: Marshall Copeland, Matthew Jacobs
Publisher: Apress
Published: 01/09/2021
Pages: 278
Binding Type: Paperback
Weight: 1.14lbs
Size: 10.00h x 7.00w x 0.62d
ISBN13: 9781484265307
ISBN10: 1484265300
BISAC Categories:
- Computers | Programming | Microsoft
- Computers | Security | General
About the Author
Marshall Copeland is a cloud security architect focused on helping customers "shift left" with cloud security defenses in Azure public cloud using cloud-native services and third-party network security appliances. He uses Infrastructure as Code (IaC) with ARM templates or Terraform HCL to build cloud infrastructure and disaster recovery solutions. Marshall's Azure security design skills include Azure Sentinel, Security Center, Policy, Firewall and ACL networking, and a few open-source solutions such as ELK stack, Wireshark, and Snort. He partners with security operations to guide cloud investigations to enhance "blue team hunting" efficiencies.
Matthew Jacobs is a system engineer focused on cloud architecture technologies needed to support identity management, security, and collaboration tool sets for small and medium businesses, including enterprise organizations. His work has focused on digital transformation, including on-premise only, hybrid cloud networks, and complete public cloud-only deployment. Matthew brings a hands-on cloud architecture approach for Identity Management (IAM) and enhanced engineering to enable business agility that secures and supports a global remote work force. His current work in the Nashville, Tennessee area includes Fortune 500 media, entertainment, and hospitality companies, and his work history extends into public cloud federal compliance requirements for the banking and healthcare industries.