Implement Windows Server IaaS VM Security

  • Learning Path
  • 6 Modules
Intermediate
Administrator
Solution Architect
Technology Manager
Azure
Azure Cloud Shell
Azure Monitor
Azure Portal
Azure Virtual Machines

This learning path deals with securing your Azure resources. After completing the learning path, you’ll be able to determine if your Azure IaaS workloads have any security vulnerabilities, and remediate those potential security vulnerabilities.

Prerequisites

  • Experience with managing Windows Server operating system and Windows Server workloads in on-premises scenarios, including AD DS, DNS, DFS, Hyper-V, and File and Storage Services.
  • Experience with common Windows Server management tools (implied by the first prerequisite).
  • Basic knowledge of core Microsoft compute, storage, networking, and virtualization technologies (implied by the first prerequisite).
  • Basic knowledge of on-premises resiliency Windows Server-based compute and storage technologies (Failover Clustering, Storage Spaces).
  • Basic experience with implementing and managing IaaS services in Microsoft Azure.
  • Basic knowledge of Microsoft Entra ID.
  • Basic understanding security-related technologies (firewalls, encryption, multi-factor authentication, SIEM/SOAR).
  • Basic knowledge of PowerShell scripting.
  • An understanding of the following concepts as related to Windows Server technologies:
    • High Availability and Disaster Recovery
    • Automation
    • Monitoring

Modules in this learning path

Audit the security of Windows Server IaaS Virtual Machines

You'll learn about Azure Security Center and how to onboard Windows Server computers to Security Center. You'll also learn about Azure Sentinel, security information and event management (SIEM), and security orchestration, automation and response (SOAR).

Manage Azure updates

You'll be able to enable Azure Update Management, deploy updates, review an update assessment, and manage updates for your Azure VMs.

Create and implement application allowlists with adaptive application control

You're able to implement Adaptive application controls within your organization to protect your Windows Server IaaS VMs.

Configure BitLocker disk encryption for Windows IaaS Virtual Machines

You'll be able to configure Azure Disk Encryption for Windows IaaS VMs and back up and recover encrypted data.

Implement change tracking and file integrity monitoring for Windows IaaS VMs

In this module, you’ll learn how to monitor Windows Server Azure IaaS VMs for changes in files and the registry, as well as other monitor modifications made to application software.

Implement Windows Server IaaS VM network security

In this module, you will focus on how to improve the network security for Windows Server infrastructure as a service (IaaS) virtual machines (VMs) and how to diagnose network security issues with those VMs.