Certified Cloud Security Professional (CCSP) – Microsoft | IT Training & Certification | Info Trek
Respect Your Dreams
Follow through on your goals with courses

Certified Cloud Security Professional (CCSP) – Microsoft

Location

Format What’s this?
Starting From
RM 6000.00
  1. 5 Day with 08 hours per day
  1. Mon 12 Sep 09:00 - Fri 16 Sep 17:00
  1. HRDF SBL Claimable
  2. Certificate of Attendance available
Starting From
RM 6000
  1. 5 Days
Request more information

Inquiry for: Myself    My Company

By providing your contact details, you agree to our Privacy Policy

 

 

 

Thank You

Our learning consultant will get back to you in 1 business day

Certified Cloud Security Professional (CCSP) – Microsoft

WHAT YOU WILL LEARN

Cybertronium Certified Cloud Security Professional (CCSP) - Microsoft, covers all the security products of Microsoft with respect to latest attack vectors mapped to the Cyber Kill Chain, MITRE ATT&CK Framework Tactics, Techniques, and Procedures (TTP) with hands-on on each attack with its relevant defences. This CCSP certification course equips the security engineers, IT administrators, system engineers, security analysts, azure security engineers, azure administrators with skills to harden the configurations beyond the baseline security and defend their organisation from ever evolving threats.

AUDIENCE

• Security Engineers / Analysts / Consultants

• System Administrators / Engineers

• Certified Azure Associate and Administrators

• Cloud Engineers / Administrators

• IT Managers

• Professionals preparing for Microsoft Azure Exams : SC200, AZ500

• Penetration Testers

• Blue Team members, Defenders, and Forensic Analyst


PREREQUISITES

• Knowledge of Microsoft Windows ecosystem and networking

• Knowledge of Active Directory

• Basic understanding of Microsoft Azure

• Basic understanding of Microsoft 365


HANDS-ON LABS

CCSP is nearly a 100% hands-on training with practical exercises designed to get you be a security professional on a Microsoft security ecosystem from the word, GO!. You will be provided with access to VMs and all necessary licenses of Microsoft Defender, Microsoft 365 and Microsoft Azure products as part of the course to complete the labs.

COURSE OBJECTIVES

• Understand the MITRE ATT&CK Framework with details on techniques, tactics, and procedures (TTP) commonly used by threat actors.

• Learn about each stage of the attack lifecycle from initial compromise to full domain takeover, data hunting, and data exfiltration using various threat vectors.

• Understand how to protect an organisation from known and unknown threats in on-premise and cloud assets using end-to-end Microsoft Defender and Microsoft Azure security technologies.

• Understand how to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders.

• Learn how to configure host level security

• Understand cloud computing vulnerabilities

• Understand how to implement secure infrastructure solutions in the Microsoft Azure platform

• Understand how to configure Key Vault secrets, keys and certificates. Learn to retrieve secrets using Azure web app

• Understand how to implement security controls in Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Cloud, Microsoft 365 Defender, Microsoft Defender for Cloud Apps, Microsoft Intune, and Microsoft Azure Sentinel

• Understand how to maintain the security posture of an organisation using Microsoft security ecosystem

• Understand how to manage Azure Cloud Security Operations

• Understand how to manage identity and access of users and assets

• Implement threat protection from endpoint security to cloud security, end-to-end using Microsoft Defender and Microsoft Azure security technologies: Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Cloud, Microsoft 365 Defender, Microsoft Defender for Cloud Apps, Microsoft Intune, and Microsoft Azure Sentinel

• Implement host security strategies including endpoint protection, remote access management, update management, and disk encryption.

• Implement enterprise governance strategies including role-based access control, Azure policies, and resource locks.

• Implement an Azure AD infrastructure including users, groups, and multi-factor authentication.

• Implement Azure AD Identity Protection including risk policies, conditional access, and access reviews.

• Implement Azure AD Privileged Identity Management including Azure AD roles and Azure resources.

• Implement perimeter security strategies including Azure Firewall.

• Implement network security strategies including Network Security Groups and Application Security Groups.

• Implement Azure Key Vault including certificates, keys, and secrets.

• Implement application security strategies including app registration, managed identities, and service endpoints.

• Implement storage security strategies including shared access signatures, blob retention policies, and Azure Files authentication.

• Implement database security strategies including authentication, data classification, dynamic data masking, and always encrypted.

• Implement Azure Monitor including connected sources, log analytics, and alerts.

• Implement Microsoft Defender for Cloud including policies, recommendations, and just in time virtual machine access.


Expand All

Modules

DAY 1

Microsoft Security Ecosystem – An Introduction


• Evolution of Threat Landscape
• Cybersecurity resilience
• Microsoft Cybersecurity Reference Architecture
o Reference Architecture for Identity and Access
o Reference Architecture for Security Operations Center
o Reference Architecture for PC and Mobile Devices
o Reference Architecture for Hybrid Cloud Infrastructure
o Reference Architecture for Info Protection
• Measuring Cost of Attack
• Disrupting Attacker Return on Investment
• Cloud Security, a Shared Responsibility
• Zero Trust Principles
• Threat Protection Strategy (Detect-Respond-Recover)
• Information Protection Strategy
• Cyber Kill Chain and MITRE ATT&CK Framework TTPs
• Indicators of Compromise (IoC) and Indicators of Attack (IoA)
• Threat Intelligence

Endpoint OS Level Protection

Module 1: Introduction to Endpoint OS Level Protection

Module 2: Endpoint Operating System Level protection
• Lab 1: Setting-up Virus and Threat Protection
• Lab 2: Setting-up Ransomware Protection
• Lab 3: Virus Testing
• Lab 4: Ransomware Malware Testing
• Lab 5: Microsoft Defender SmartScreen
• Lab 6: Setting-up BitLocker

Module 3: Windows 10 Sandbox environment
• Lab 1: Setting-up Sandbox environment with Anti-Malware Protection
Module 4: Windows Admin Centre
• Lab 1: Windows Admin Centre
• Lab 2: Enabling Role-based Access Control
• Lab 3: Secure Password
Module 5: Windows 11 and Windows Server 2022
• Lab 1: SMB Encryption
• Lab 2: SMB Compression File Copy Scenario Simulation
• Lab 3: DNS-Over-HTTPS
• Lab 4: Server Hardening Process

DAY 2

Microsoft Defender for Endpoint


Module 1: Introduction to Microsoft Defender for Endpoint


Module 2: Subscription and configuration

• Lab 1: Onboarding Endpoint device (Windows and Linux)

• Lab 2: Client Offboarding

• Lab 3: Network Assessment

• Lab 4: Roles Access

• Lab 5: Device Group


Module 3: Threat and Vulnerability Management

• Lab 1: Vulnerability Management Dashboard


Module 4: Endpoint Detection and Response (Malware testing)

• Lab 1: Incident Response

• Lab 2: Threat Hunting

• Lab 3: Web Content Filtering

• Lab 4: IOC Blocking

• Lab 5: Execute Antivirus Scan

• Lab 6: Isolated a Device

• Lab 7: Threat Analytics

• Lab 8: Microsoft Threat Experts


DAY 3

Microsoft Defender for Identity (AAD-AD)


Module 1: Introduction to Microsoft Defender for Identity


Module 2: Microsoft Defender for Identity configuration

• Lab 1: Onboarding AD DC to Defender for Identity

• Lab 2: Adding Manual Sensitive Entity

• Lab 3: Adding Honeytoken Accounts


Module 3: Threat and Vulnerability Management

• Lab 2: Secure Score and Remediation


Module 4: Incident and Response

• Lab 1: Configuration of Active directory Protection

• Lab 2: Threat hunting


Microsoft Defender for Cloud


Module 1: Introduction to Microsoft Defender for Cloud


Module 2: Managing Cloud Security Posture

• Lab 1: Secure Score and Remediation

• Lab 2: Inventory - resource health and remediation

• Lab 3: Recommendation - Configure malware detection for existing

• Lab 4: Installing Antimalware in a new VM during creation

• Lab 5: Workbooks for Data analysis and rich visual report creation

• Lab 6: Security Alert and Workflow Automations


Module 3: Regulatory Compliance and Remediation


Module 4: Workload Protection - Enable Just-In-Time VM Access


Module 5: Firewall Manager

Lab 1: Securing Virtual Hub Using Firewall Manager

Lab 2: Connect the Hub and spoke virtual network

Lab 3: Security Hub with firewall policy

Lab 4: Associate Firewall policy

Lab 5: Route traffic to Virtual Hub

Lab 6: Testing Application Rule

Lab 7: Testing Network Rule


DAY 4 & 5

Microsoft 365 Defender (Microsoft Zero Trust)


Module 1: Introduction to Microsoft Defender for Office 365


Module 2: Microsoft Defender for Office 365

• Lab 1: Modify Anti Phishing Policy

• Lab 2: Modify Anti-Spam Policy

• Lab 3: Modify Anti Malware Policy

• Lab 4: Create Safe Attachment Polic

• Lab 5: Create Safe Link Policy

• Lab 6: Spoof Mail Attack Simulation

• Lab 7: Malware with Attachment Attack Simulation

• Lab 8: Hyperlink Malware Attack Simulation

• Lab 9: Test Send Hyperlink Email and Understand Scanning Process


Module 3: Office 365 Security & Compliance

• Lab 1: Configure Retention Policy

• Lab 2: Audit Search

• Lab 3: User Sign-In Log Search

• Lab 4: Mailbox Non-Owner Access Audit


Module 4: Microsoft Sentinel

• Lab 1: Create Sentinel and Link to Defender for Office 365

• Lab 2: Configure Data Retention for Sentinel


Module 5: Microsoft Intune

• Lab 1: Create Auto Enrolment Policy

• Lab 2: Create Compliance Policy

• Lab 3: Create Conditional Access Policy

• Lab 4: Create Apps Policy

• Lab 5: Enrolment PC To Intune


Module 6: Microsoft Defender for Cloud App Security

• Lab 1: Connect Apps to Microsoft Cloud App Security

• Lab 2: Configure IP Addresses and Range in Cloud App Security

• Lab 3: Configure Reporting in Cloud App Security


Clement Arul

Clement Arul

A professional who believes that adaptability of security is directly equal to the affordability of security products, services and trainings. Started creating security products, services and trainings and certifications that are affordable as well as be part of the team in creation Nation Cyber Security Frameworks.Clement is also a two-time recipient award of National Award from Govt of Malaysia: Cyber Security Professional of the Year in 2017 and 2014 as well as a three-time Regional Award winner of Cyber Security Professional of the Year Asia and APAC in 2020, 2019 and 2017. He was also awarded as APAC Cyber Security Educator of the Year in 2020 and 2019. Read More

Course Reviews

No Remarks

0

0 Ratings