Masterclass: Securing the Cloud

During this 5-day course of super intensive training you will gain crucial cybersecurity knowledge and skills in terms of Securing the Cloud.

You´ll be able to:

  • Get the highest quality and unique learning experience – the class is limited to 16 participants by default.
  • Get the opportunity to interact with our world-renowned Experts.
  • Go through CQURE’s custom lab exercises and practice them after the course.
  • Receive a lifelong certification after completing the course!

Why this course?

This advanced security-focused course is designed to equip you with the skills required to monitor, protect, and govern identities, resources, and workloads across Microsoft Entra ID, Azure, and Microsoft 365. You will gain hands-on experience detecting threats, analyzing logs, and responding to incidents using Microsoft’s cloud security stack, including Defender, Sentinel, and Cloud App Security.

Throughout the training, you will learn how to apply security best practices from both blue team and red team perspectives, strengthen identity and access controls, secure cloud resources, and implement governance at scale. The course emphasizes real-world scenarios, labs, and SOC workflows, enabling you to confidently operate, investigate, and improve the security posture of modern cloud and hybrid environments.

Prerequisites

To attend this training, you should have a good hands-on experience in administering Windows infrastructure. At least 5 years in the field is recommended. All attendees should have experience with Active Directory Domain Services (AD DS) administration.

 Target Audience

The course is perfect for security architects, Entra ID administrators, security administrators, and security auditors.

Who is it for?

Enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security.

This Live Virtual Class consists of 6 Modules in terms of Securing the Cloud. They include essential theory combined with individual practice during the exercises as well as loads of hands-on tools and real-case scenarios.

Module 1: Monitoring operations in Entra ID

  1. Entra ID Operations and Logs
  2. Entra ID Roles
  3. Identity Protection – Roles, Review access, alerts, Discovery and Insights
  4. How to deal with Audit Log
  5. Challenging Entra ID settings in Azure and Office from red team perspective
  6. Privileged Identity Management – JITA, Discover and Monitor
  7. Office Management API – Logs around Office 365
  8. Microsoft Azure Policies – getting started, compliance, remediation,
  9. assignments, blueprints
  10. Labs

Module 2: Microsoft 365 security

  1. Secure Score and Security Center
  2. Best Practices for Improving Your Secure Score
  3. Azure Defender for Servers
  4. Security Benchmark Policy
  5. Labs
  6. STIG & CIS – cloud security baseline

Module 3: Secure resources and Identities in Azure

  1. Secure identity and access (PIM, Identity Protection)
  2. Secure Networking (NSG, Azure Firewall, APIM)
  3. Secure Compute
  4. Secure Storage
  5. Secure Databases
  6. Defender for Cloud
  7. Labs

Module 4: Governance in Azure

  1. Security Baseline
  2. Azure Policy
  3. Azure Role-Based Access Control (RBAC)
  4. Management Groups
  5. Resource Graph
  6. Tagging in Azure
  7. Labs

Module 5: eXtended Detection and Response with Sentinel

  1. Sentinel 101 – Azure Sentinel Dashboards, Connectors
  2. Understanding Normalization in Azure Sentinel
  3. Cloud & on-prem architecture
  4. Workbooks deep dive – Visualize your security threats and hunts
  5. Incidents
  6. KQL intro (KQL hands-on lab exercises) and Optimizing Azure Sentinel KQL
  7. queries performance
  8. Auditing and monitoring your Azure Sentinel workspace
  9. Sentinel configuration with Microsoft Cloud stack and MCAS
  10. Streamlining your SOC Workflow with Automated Notebooks
  11. Customizing Azure Sentinel with Python
  12. Best Practices for Converting Detection Rules from Splunk, QRadar, and
  13. ArcSight to Azure Sentinel Rules
  14. Deep Dive into Azure Sentinel Innovations
  15. Investigating Azure Security Center alerts using Azure Sentinel
  16. Customizable Anomalies and How to Use Them
  17. Introduction to Monitoring GitHub with Azure Sentinel for Security Professionals
  18. Hunting in Sentinel
  19. Deep Dive on Threat Intelligence
  20. End-to-End SOC scenario with Sentinel

Module 6: Microsoft Cloud App Security

  1. Intro do MCAS
  2. Enabling Secure Remote Work
  3. App Discovery and Log Collector Configuration
  4. Extending real-time monitoring & controls to any app
  5. Connecting 3rd party Applications
  6. Automation and integration with Microsoft Flow
  7. Conditional Access App Control
  8. Threat detection
  9. Information Protection
  10. Labs: Protect Your Environment Using MCAS
  11. DLP in Microsoft stack – how to deploy and monitor using MCAS and Sentinel

Certification

After finishing the course, you will be granted a CQURE Certificate of Completion. Please note that after completing the course you will also be eligible for CPE points!

 


FAQ – Securing the Cloud

Hva koster kurset?
Prisen er 39 900 NOK for 5 dager. Kurset inkluderer kursmateriell, praktiske lab-øvelser og livslang sertifisering etter fullført kurs.

Hvor lenge varer kurset?
Kurset går over 5 intensive dager fra 09:00 til 16:00 hver dag og gjennomføres som et internasjonalt Live virtuelt kurs.

Hvordan gjennomføres kurset?
Kurset leveres som et live virtuelt kurs ledet av CQUREs cybersikkerhetseksperter. Deltakerne jobber i praktiske lab-miljøer, analyserer realistiske sikkerhetshendelser og lærer å bruke Microsofts sikkerhetsverktøy for overvåking og respons. Klassen er begrenset til maks 16 deltakere for å sikre tett oppfølging.

Hvem passer kurset for?
Kurset er designet for tekniske fagpersoner som jobber med sikkerhet i Microsoft-baserte miljøer, blant annet:

  • Security architects
  • Entra ID administrators
  • Security administrators
  • Security auditors
  • Enterprise administrators
  • Infrastructure architects
  • System engineers
  • Network administrators
  • Security consultants

Hva lærer jeg i løpet av kurset?
Du lærer hvordan moderne cloud-miljøer overvåkes, sikres og styres ved hjelp av Microsofts sikkerhetsplattform. Etter kurset vil du kunne:

  • Overvåke identitet og sikkerhet i Microsoft Entra ID
  • Oppdage og analysere trusler i Microsoft 365 og Azure
  • Sikre identiteter, ressurser og arbeidslaster i Azure
  • Implementere governance og policy i cloud-miljøer
  • Arbeide med SOC-operasjoner i Microsoft Sentinel
  • Implementere sikkerhetskontroller og databeskyttelse med Microsoft Cloud App
  • Security

Er kurset praktisk rettet?
Ja. Kurset inneholder omfattende hands-on lab-øvelser hvor deltakerne arbeider med realistiske scenarier innen cloud security, threat detection, incident investigation og governance.

Hvilke temaer dekkes i kurset?
Kurset dekker blant annet:

  • Overvåking og logging i Entra ID
  • Identity Protection og Privileged Identity Management
  • Microsoft 365 Security Center og Secure Score
  • Sikring av Azure-ressurser og identiteter
  • Azure Policy, RBAC og governance
  • Threat detection og incident response med Microsoft Sentinel
  • KQL-basert trusseljakt
  • Cloud App Security og DLP
  • Automatisering og SOC-arbeidsflyt i Microsofts sikkerhetsplattform

Får jeg sertifisering etter kurset?
Ja. Etter fullført kurs mottar du en livslang sertifisering som dokumenterer kompetanse innen cloud security og Microsofts sikkerhetsverktøy.

Hvilke forkunnskaper anbefales?
Det anbefales at deltakerne har solid erfaring med Windows-infrastruktur og Active Directory. Minimum fem års erfaring innen IT-drift, sikkerhet eller systemadministrasjon er anbefalt.

Hva gjør dette kurset unikt?
Kurset kombinerer identitetssikkerhet, cloud governance, trusseldeteksjon og SOC-arbeid i én helhetlig opplæring. Du lærer både hvordan angripere opererer i cloud-miljøer og hvordan sikkerhetsteam oppdager, analyserer og stopper slike angrep.

See other relevant courses to explore:

Microsoft Security & Identity

Azure & Cloud Security

Cybersecurity & Threat Detection

Advanced Security Certifications

Other relevant courses

MasterClass: Hacking and Securing Windows Infrastructure
13. April
5 days
Virtual Classroom
Masterclass: System Forensics, Incident Handling And Threat Hunting
25. May
5 days
Virtual Classroom
MasterClass: Windows Security and Infrastructure Management with Windows Internals
15. June
4 days
Classroom Virtual
MasterClass: Administering and Configuring Active Directory Federation Services and Claims
15. June
3 days
Classroom