This advanced security-focused course is designed to equip you with the skills required to monitor, protect, and govern identities, resources, and workloads across Microsoft Entra ID, Azure, and Microsoft 365. You will gain hands-on experience detecting threats, analyzing logs, and responding to incidents using Microsoft’s cloud security stack, including Defender, Sentinel, and Cloud App Security.
Throughout the training, you will learn how to apply security best practices from both blue team and red team perspectives, strengthen identity and access controls, secure cloud resources, and implement governance at scale. The course emphasizes real-world scenarios, labs, and SOC workflows, enabling you to confidently operate, investigate, and improve the security posture of modern cloud and hybrid environments.
Course timeline
Before the course:
You will receive a Student Guide with instruction on how to prepare for the training, information regarding all the technical requirements and your own individual login credentials to the virtual environment.
During the course:
You will be able to exercise and review all learned content on an ongoing basis.
After the course:
You will receive a Certificate of Completion, all the materials which have been created and presented by the trainer as well as an access to our community on the Discord server..
Course syllabus
This Live Virtual Class consists of 6 Modules in terms of Securing the Cloud. They include essential theory combined with individual practice during the exercises as well as loads of hands-on tools and real-case scenarios.
Module 1: Monitoring operations in Entra ID
Entra ID Operations and Logs
Entra ID Roles
Identity Protection – Roles, Review access, alerts, Discovery and Insights
How to deal with Audit Log
Challenging Entra ID settings in Azure and Office from red team perspective
Privileged Identity Management – JITA, Discover and Monitor
Office Management API – Logs around Office 365
Microsoft Azure Policies – getting started, compliance, remediation, assignments, blueprints
Labs
Module 2: Microsoft 365 Security
Secure Score and Security Center
Best Practices for Improving Your
Secure Score
Azure Defender for Servers
Security Benchmark Policy
Labs
STIG & CIS – cloud security baseline
Module 3: Secure resources and Identities in Azure
Secure identity and access (PIM, Identity Protection)
Secure Networking (NSG, Azure Firewall, APIM)
Secure Compute
Secure Storage
Secure Databases
Defender for Cloud
Labs
Module 4: Governance in Azure
Security Baseline
Azure Policy
Azure Role-Based Access Control (RBAC)
Management Groups
Resource Graph
Tagging in Azure
Labs
Module 5: eXtended Detection and Response with Sentinel
Auditing and monitoring your Azure Sentinel workspace
Sentinel configuration with Microsoft Cloud stack and MCAS
Streamlining your SOC Workflow with Automated Notebooks
Customizing Azure Sentinel with Python
Best Practices for Converting Detection Rules from Splunk, QRadar, and ArcSight to Azure Sentinel Rules
Deep Dive into Azure Sentinel Innovations
Investigating Azure Security Center alerts using Azure Sentinel
Customizable Anomalies and How to Use Them
Introduction to Monitoring GitHub with Azure Sentinel for Security Professionals
Hunting in Sentinel
Deep Dive on Threat Intelligence
End-to-End SOC scenario with Sentinel
Modul 6: Microsoft Cloud App Security
Intro do MCAS
Enabling Secure Remote Work
App Discovery and Log Collector Configuration
Extending real-time monitoring & controls to any app
Connecting 3rd party Applications
Automation and integration with Microsoft Flow
Conditional Access App Control
Threat detection
Information Protection
Labs: Protect Your Environment Using MCAS
DLP in Microsoft stack – how to deploy and monitor using MCAS and Sentinel
Who is it for?
Enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security.
To attend this training, you should have a good hands-on experience in administering Windows infrastructure. At least 5 years in the field is recommended. All attendees should have experience with Active Directory Domain Services (AD DS) administration.
Quick and easy registration for the selected course.
*Please fill out all required fields carefully and accurately before submitting the order below (order form), as this is the only way we can ensure your successful registration for the course or exam.
.
Po prejetem plačilu vam bomo poslali dodatne informacije in morebitna navodila glede izvedbe tečaja ali opravljanja izpita, na vaš e-poštni naslov. Hvala
Thank you for a successful application!
Thank you for a successful application!
We will contact you by phone or e-mail as soon as we have processed your application.
Thank you for your trust.
Have a good and successful day!
Not yet subscribed to our newsletter?
Subscribe to Xnet news and stay up to date on new courses, seminars, opportunities to obtain new certifications and special prices.