May 01, 2024  
2023-2024 Cowley College Academic Catalog 
    
Catalog Navigation
  Catalog Home
  About Cowley
  Degree Requirements
  Programs (By Degree/Award)
  Programs (By Career)
  Course Descriptions
  Kansas Systemwide General Ed. Core
  Admissions Information
  Contact Information
  Current Academic Year
  Academic & Support Student Services
  Veterans Information
  Enrollment Information
  Financial Aid and Scholarships
  Financial Information
  Policies & Procedures
  Student Life & Alumni
  Graduation Information
  Faculty Instructor Credentials
  My Portfolio
HELP
2023-2024 Cowley College Academic Catalog [ARCHIVED CATALOG]

CIS1913 AZURE SECURITY TECHNOLOGIES COURSE PROCEDURE

COWLEY COLLEGE COURSE PROCEDURE

CIS 1913 - AZURE SECURITY TECHNOLOGIES
3 Credit Hours

Student Level:

This course is open to students on the college level in either the Freshman or Sophomore year.

Catalog Description:

CIS1913 - Azure Security Technologies (3 hrs.)

This course will introduce students to the following tasks: managing identity and access; secure networking concepts, secure compute, storage, and databases; and manage security operations.


KRSN: If Kansas Regents Shared Number list that here

Course Classification: 3 Hr. Lecture

Prerequisites:

None

Co-requisites:

None

Controlling Purpose:

The purpose of this course is to provide an overview of Azure security technologies including managing identity and access; secure networking principles; secure compute, storage, and databases; and management of security operations. These concepts provide a foundation for future studies in courses related to computer science and computer engineering.

Learner Outcomes:

Upon completion of the course, the student will:

  1. Manage identity and access
  2. Secure networking
  3. Secure compute, storage, and databases
  4. Manage security operations

Unit Outcomes for Criterion Based Evaluation:

The following outline defines the minimum core content not including the final examination period.  Instructors may add other material as time allows.

UNIT 1: Secure Azure solutions with Azure Active Directory

Outcomes: Upon completion of this unit, the students will be able to:

  • Explore Azure Active Directory features
  • Explore Self-managed Active Directory Domain Services, Azure Active Directory, and managed Azure Active Directory Domain Services
  • Define Azure AD DS and self-managed AD DS
  • Define Azure AD DS and Azure AD
  • Explain Investigate roles in Azure AD
  • List Azure AD built-in roles
  • Deploy Azure AD Domain Services
  • Create and manage Azure AD users
  • Manage users with Azure AD groups
  • Configure Azure AD administrative units
  • Implement passwordless authentication

UNIT 2: Implement Hybrid identity

Outcomes: Upon completion of this unit, the students will be able to:

  • Deploy Azure AD connect
  • Explore authentication options
  • Configure Password Hash Synchronization (PHS)
  • Implement Pass-through Authentication (PTA)
  • Deploy Federation with Azure AD
  • Explore the authentication decision tree
  • Configure password writeback

UNIT 3: Deploy Azure AD identity protection

Outcomes: Upon completion of this unit, the students will be able to:

  • Explore Azure AD identity protection
  • Configure risk event detections
  • Implement user risk policy
  • Implement sign-in risk policy
  • Deploy multifactor authentication in Azure
  • Explore multifactor authentication settings
  • Enable multifactor authentication
  • Implement Azure AD conditional access
  • Configure conditional access conditions
  • Implement access reviews

UNIT 4: Configure Azure AD privileged identity management

Outcomes: Upon completion of this unit, the students will be able to:

  • Explore the zero trust model
  • Review the evolution of identity management
  • Deploy Azure AD privileged identity management
  • Configure privileged identity management scope
  • Implement privileged identity management onboarding
  • Explore privileged identity management configuration settings
  • Implement a privileged identity management workflow

UNIT 5: Design an enterprise governance strategy

Outcomes: Upon completion of this unit, the students will be able to:

  • Review the shared responsibility model
  • Explore the Azure cloud security advantages
  • Review Azure hierarchy of systems
  • Configure Azure policies
  • Enable Azure role-based access control (RBAC)
  • Compare and contrast Azure RBAC vs Azure policies
  • Configure built-in roles
  • Enable resource locks
  • Deploy Azure blueprints
  • Design an Azure subscription management plan

UNIT 6: Implement perimeter security

Outcomes: Upon completion of this unit, the students will be able to:

  • Define defense in depth
  • Explore virtual network security
  • Enable Distributed Denial of Service (DDoS) Protection
  • Configure a distributed denial of service protection implementation
  • Explore Azure Firewall features
  • Deploy an Azure Firewall implementation
  • Configure VPN forced tunneling
  • Create User Defined Routes and Network Virtual Appliances
  • Explore hub and spoke topology

UNIT 7: Configure network security

Outcomes: Upon completion of this unit, the students will be able to:

  • Explore Network Security Groups (NSG)
  • Deploy a Network Security Groups implementation
  • Create Application Security Groups
  • Enable service endpoints
  • Configure service endpoint services
  • Deploy private links
  • Implement an Azure application gateway
  • Deploy a web application firewall
  • Configure and manage Azure front door
  • Review ExpressRoute

UNIT 8: Configure and manage host security

Outcomes: Upon completion of this unit, the students will be able to:

  • Enable endpoint protection
  • Define a privileged access device strategy
  • Deploy privileged access workstations
  • Create virtual machine templates
  • Enable and secure remote access management
  • Configure update management
  • Deploy disk encryption
  • Deploy and configure Windows Defender
  • Explore Microsoft Defender for Cloud recommendations
  • Secure Azure workloads with Azure Security Benchmarks

UNIT 9: Enable Containers security

Outcomes: Upon completion of this unit, the students will be able to:

  • Explore containers
  • Configure Azure Container Instances security​
  • Manage security for Azure Container Instances (ACI)​
  • Explore the Azure Container Registry (ACR)​
  • Enable Azure Container Registry authentication
  • Review Azure Kubernetes Service (AKS)​
  • Implement an Azure Kubernetes Service architecture​
  • Configure Azure Kubernetes Service networking​
  • Deploy Azure Kubernetes Service storage​
  • Secure authentication to Azure Kubernetes Service with Active Directory​
  • Manage access to Azure Kubernetes Service using Azure role-based access controls

UNIT 10: Deploy and secure Azure Key Vault

Outcomes: Upon completion of this unit, the students will be able to:

  • Explore Azure Key Vault
  • Configure Key Vault access
  • Review a secure Key Vault example
  • Deploy and manage Key Vault certificates
  • Create Key Vault keys
  • Manage customer managed keys
  • Enable Key Vault secrets
  • Configure key rotation
  • Manage Key Vault safety and recovery features
  • Perform Try-This exercises
  • Explore the Azure Hardware Security Module

UNIT 11: Configure application security features

Outcomes: Upon completion of this unit, the students will be able to:

  • Review the Microsoft identity platform
  • Explore Azure AD application scenarios
  • Register an application with App Registration
  • Configure Microsoft Graph permissions
  • Enable managed identities
  • List Azure App Services
  • Define App Service Environment
  • Explain Azure App Service plan
  • Explore App Service Environment networking
  • Define Availability Zone Support for App Service Environments
  • List App Service Environment Certificates

UNIT 12: Implement storage security

Outcomes: Upon completion of this unit, the students will be able to:

  • Define data sovereignty
  • Configure Azure storage access
  • Deploy shared access signatures
  • Manage Azure AD storage authentication
  • Implement storage service encryption
  • Configure blob data retention policies
  • Configure Azure files authentication
  • Enable the secure transfer required property

UNIT 13: Configure and manage SQL database security

Outcomes: Upon completion of this unit, the students will be able to:

  • Enable SQL database authentication
  • Configure SQL database firewalls
  • Enable and monitor database auditing
  • Implement data discovery and classification​
  • Explore vulnerability assessment​
  • Enable Defender for SQL (advanced threat protection)
  • Configure dynamic data masking
  • Implement transparent data encryption​
  • Deploy always encrypted​ features
  • Deploy an always encrypted implementation

UNIT 14: Configure and manage Azure Monitor

Outcomes: Upon completion of this unit, the students will be able to:

  • Explore Azure Monitor
  • Configure and monitor metrics and logs
  • Enable Log Analytics
  • Manage connected sources for log analytics
  • Enable Azure monitor Alerts
  • Configure properties for diagnostic logging

UNIT 15: Enable and manage Microsoft Defender for Cloud

Outcomes: Upon completion of this unit, the students will be able to:

  • Review the cyber kill chain
  • Explain Mitre Attack - Cloud Matrix
  • Contrast the clouds kill chain vs. MITRE Attack Cloud Matrix
  • Implement Microsoft Defender for Cloud
  • Deploy Microsoft Defender for Cloud
  • Define Azure Arc
  • Define Azure Arc capabilities
  • Define Microsoft cloud security benchmark
  • Configure Microsoft Defender for Cloud policies
  • View and edit security policies
  • Manage and implement Microsoft Defender for Cloud recommendations
  • Explore secure score
  • Define brute force attacks
  • Define just-in-time VM access
  • Implement just-in-time VM access

UNIT 16: Configure and monitor Microsoft Sentinel

Outcomes: Upon completion of this unit, the students will be able to:

  • Enable Azure Sentinel
  • Configure data connections to Sentinel
  • Create workbooks for explore Sentinel data
  • Enable rules to create incidents
  • Configure playbooks
  • Hunt and investigate potential breaches

Projects Required:

Varies, refer to syllabus.

Textbook:

Contact Bookstore for current textbook.

Materials/Equipment Required:

None

Attendance Policy:

Students should adhere to the attendance policy outlined by the instructor in the course syllabus.

Grading Policy:

The grading policy will be outlined by the instructor in the course syllabus.

Maximum class size:

Based on classroom occupancy

Course Time Frame:

The U.S. Department of Education, Higher Learning Commission and the Kansas Board of Regents define credit hour and have specific regulations that the college must follow when developing, teaching and assessing the educational aspects of the college.  A credit hour is an amount of work represented in intended learning outcomes and verified by evidence of student achievement that is an institutionally-established equivalency that reasonably approximates not less than one hour of classroom or direct faculty instruction and a minimum of two hours of out-of-class student work for approximately fifteen weeks for one semester hour of credit or an equivalent amount of work over a different amount of time.  The number of semester hours of credit allowed for each distance education or blended hybrid courses shall be assigned by the college based on the amount of time needed to achieve the same course outcomes in a purely face-to-face format.

Refer to the following policies:

402.00 Academic Code of Conduct

263.00 Student Appeal of Course Grades

403.00 Student Code of Conduct

Disability Services Program:

Cowley College, in recognition of state and federal laws, will accommodate a student with a documented disability.  If a student has a disability which may impact work in this class and which requires accommodations, contact the Disability Services Coordinator.

Created 3/30/2023