- Level Foundation
- Duration 8 hours
- Course by Microsoft
-
Offered by
About
In this course, you’ll learn about threat mitigation by following the four stages of threat modeling: design, break, fix, and verify. You’ll learn about access control, secure development, cryptography, as well as asset management. You’ll also be introduced to the types of attacks that IoT (Internet of Things) devices and services face. At the end of this course, you’ll also complete a focused security mitigation strategy plan for a given business. This capstone project integrates the knowledge you’ll have gained from the previous courses into a standalone portfolio piece, demonstrating your new cybersecurity skills. The course will take you one step closer to the Microsoft Cybersecurity Analyst Professional Certificate, which requires no degree or prior experience. After completing this course, you’ll be able to: • Explain threat modeling • Discuss security conscious design • Plan threat mitigation strategies This is also a great way to prepare for the Microsoft SC-900 exam. By passing the SC-900 exam, you’ll earn the Microsoft Security, Compliance, and Identity Fundamentals Certification.Modules
Course introduction
1
Discussions
- What do you hope to learn?
1
Videos
- Introduction to the course
6
Readings
- Course syllabus
- How to be successful in this course
- Microsoft Azure Active Directory name change
- Clean up resources
- How to open an image in a new tab
- Additional resources
Introduction to threat modeling
2
Assignment
- Self-review : Create a threat model for a simple web application
- Knowledge check: Introduction to threat modeling
4
Videos
- Threat modeling process
- Decompose the application
- Determine and rank threats
- STRIDE threat list
6
Readings
- Determine countermeasures and mitigation
- Threat modeling
- Exercise: Create a threat model for a simple web application
- Exemplar: Create a threat model for a simple web application
- Clean up resources
- Additional resources: Introduction to threat modeling
Threat modeling strategies
2
Assignment
- Self-review: Evaluating threats
- Knowledge check: Threat modeling strategies
5
Videos
- Benefits of threat modeling
- Ensure application security – SANS approach
- Process for Attack Simulation and Threat Analysis (PASTA)
- Common Vulnerability Scoring System (CVSS)
- Visual, Agile, and Simple Threat (VAST)
7
Readings
- Cyberthreat modeling
- PASTA in depth
- CVSS Cheat sheet
- Enterprise security methodologies
- Exercise: Evaluating threats
- Exemplar: Evaluating threats
- Additional resources: Threat modeling strategies
Azure and threat modeling
2
Assignment
- Self -review: Web application threat modeling
- Module quiz: Threat modeling
4
Videos
- Microsoft threat modeling tool
- Threat Modeling for Azure Virtual Networks
- Four Question framework for effective threat modeling
- Module summary: Threat modeling
5
Readings
- Activity: Building a model
- Security Development Lifecycle (SDL)
- Exercise: Web application threat modeling
- Exemplar: Web application threat modeling
- Additional resources: Threat modeling
Susceptible infrastructure and types of attack
1
Assignment
- Knowledge check : Susceptible infrastructure
6
Videos
- Understanding susceptible infrastructure
- MITRE ATT&CK Matrix overview
- MITRE ATT&CK Matrix key points
- Attack techniques
- Types of malicious software
- Prevention, detection, and countermeasures
4
Readings
- Understanding susceptible infrastructure in depth
- Activity: Risk assessment
- Mitigation
- Additional resources : Susceptible infrastructure
IoT (Internet of Things) and common attacks
3
Assignment
- Self-review: IoT device analysis
- Knowledge check: IoT (Internet of Things) and common attacks
- Module quiz: Advanced threats and mitigation
8
Videos
- What is an IoT device?
- IoT attacks
- IoT attack risk
- IoT attack prevention strategies
- Azure IoT
- Defender for IOT
- Defender for IoT: Deployment and integration
- Module summary: Advanced threats and mitigation
4
Readings
- A guide to IoT device architecture
- Exercise: IoT device analysis
- Exemplar: IoT device analysis
- Additional resources: IoT (Internet of Things) and common attacks
Entry points and associated risks
1
Assignment
- Knowledge check : Entry points
3
Videos
- Threat landscape and vectors
- Access brokers
- Mitigation approaches
3
Readings
- Antivirus and anti-malware
- Advanced antivirus and antimalware techniques
- Additional resources : Entry points
Secure network design with defense in depth
1
Assignment
- Knowledge check : Secure network design with defense in depth
4
Videos
- Defense in depth (DID)
- Defending your cloud infrastructure
- Azure Security: Building a network with DID
- Modern authentication
4
Readings
- Defense in depth strategy
- Identity infrastructure
- Focused defense
- Additional resources: Secure network design with defense in depth
Mitigation strategies
2
Assignment
- Knowledge check: Mitigation strategies
- Module quiz: Security conscious modeling
6
Videos
- Identity mitigation strategy
- Azure Security mitigation strategies
- Implementing network security on Azure
- Securing data on Azure
- Network security
- Module summary: Security conscious modeling
2
Readings
- Monitoring Azure Security
- Additional resources: Security conscious modeling
Capstone project
6
Assignment
- Self-review: Company requirements
- Self-review: AAD set-up
- Self-review: Roles and access
- Self-review: AAD connections
- Self-review: Policy implementation
- Course quiz: Advanced Cybersecurity Concepts and Capstone Project
2
Videos
- Course recap: Advanced Cybersecurity Concepts
- Capstone introduction
9
Readings
- Recap: Microsoft Cybersecurity Analyst course projects
- Capstone check-in
- Stage One: Company requirements
- Stage Two: AAD set-up
- Stage Three: Roles and access
- Stage Four: AAD connections
- Stage Five: Policy implementation
- Exemplar : Capstone project
- Clean up resources
Wrap-up: Advanced Cybersecurity Concepts and Capstone
1
Discussions
- Reflect on learning
1
Videos
- Congratulations
1
Readings
- Next steps
Auto Summary
Unlock advanced cybersecurity skills with this course focused on threat mitigation, access control, secure development, and cryptography. Ideal for aspiring IT professionals, it includes a hands-on capstone project to create a security strategy plan. No prior experience needed. Prepare for the Microsoft SC-900 exam and earn the Security, Compliance, and Identity Fundamentals Certification. Available on Coursera with flexible subscription options.

Microsoft