Azure security Monitoring and Detection: Field Guide
RCCE students will learn Microsoft Azure security including Azure Active Directory, Network Security Groups, Azure Sentinel, Microsoft Defender for Cloud, Key Vault, Azure Policy, and managed identity security. RCCE students will learn to secure Azure environments using native security services, configure Azure AD conditional access and privileged identity management, design secure virtual network architectures, deploy and operate Azure Sentinel for security monitoring, implement Azure Policy for compliance enforcement, manage secrets and certificates with Key Vault, detect and remediate misconfigurations using Microsoft Defender for Cloud, and respond to security incidents in Azure environments. This monitoring course teaches comprehensive detection and observability strategies for proactive security operations. At an expert level, RCCE students will learn to instrument systems for security telemetry, build detection pipelines, configure alerting, and maintain monitoring coverage as environments evolve. Students gain the visibility and detection capabilities needed to catch threats early.
- Cloud Security Architects and Engineers
- DevSecOps and Platform Engineers
- Identity and Access Management Specialists
- Security Analysts securing cloud workloads
- Professionals implementing Azure security Monitoring and Detection: Field Guide
- Monitor and audit privilege usage; detect escalation attempts
- Build detections and response workflows for privilege escalation
- Explain Azure Security Ecosystem Overview fundamentals
- Integrate privilege controls with identity providers and SIEM telemetry
- Execute hands-on tasks for network plane — covering Azure AD authentication & authorization.
- Integrate privilege controls with identity providers and SIEM telemetry, including NSGs, Azure Firewall, DDoS Protection.
- Execute hands-on tasks for compute plane — covering Defender for Servers & Containers.
- Monitor and audit privilege usage; detect escalation attempts, including Key Vault for secrets management.
- Explain Azure Active Directory: Security Foundation fundamentals
- Execute hands-on tasks for authentication methods
- Execute hands-on tasks for authorization controls — covering Password hash sync & pass-through auth, Role-Based Access Control (RBAC).
- Execute hands-on tasks for security signals — covering Azure AD Connect sync engine.
| Module 01 | Azure Security Monitoring |
| Module 02 | and Detection: Field Guide |
| Module 03 | Azure Security Ecosystem Overview |
| Module 04 | Identity Plane |
| Module 05 | Network Plane |
| Module 06 | Privileged Identity Management |
| Module 07 | Compute Plane |
| Module 08 | Data & Monitoring |
| Module 09 | Azure Active Directory: Security Foundation |
| Module 10 | Authentication Methods |
| Module 11 | Authorization Controls |
| Module 12 | Security Signals |
| Module 13 | Password writeback & SSPR |
| Module 14 | Conditional Access Policy Engine |
All hands-on labs run on Rocheston Rose X OS. Students practice azure security monitoring and detection: field guide by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Monitor and audit privilege usage; detect escalation attempts
- Lab 2: Build detections and response workflows for privilege escalation
- Lab 3: Explain Azure Security Ecosystem Overview fundamentals
- Lab 4: Integrate privilege controls with identity providers and SIEM telemetry
- Lab 5: Execute hands-on tasks for network plane
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Azure security Monitoring and Detection: Field Guide, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI