🔷

Learning Track · 13 modules

Microsoft Azure & M365

Entra ID, Azure resources, M365 — the Microsoft cloud security stack.

Why this track

Entra ID, Azure resources, M365 — the Microsoft cloud security stack. This track walks you from fundamentals through advanced techniques across 13 practitioner modules — the same body of knowledge senior security professionals build over years, structured for self-paced progression with India-specific context throughout.

Prerequisite: See module 1 for entry context. Most modules are self-contained but follow the suggested sequence for best results.

Modules

7.9 h

Total time

Free modules

∞

Quiz retries

Difficulty mix

Intermediate · 10 Advanced · 3

Module sequence

Microsoft Entra ID Security

Roles, attack patterns (token theft, AitM, consent phishing), Conditional Access, PIM, hybrid AD considerations.

Intermediate 90 min →

Azure Resource Hardening

RBAC hierarchy, network security, Storage/SQL/KeyVault hardening, Defender for Cloud, common misconfigurations.

Intermediate 90 min →

Microsoft 365 Security

Exchange + SharePoint + Teams + Power Platform hardening, Defender stack, Purview, IR in M365.

Advanced 120 min →

Azure RBAC Mastery

Module 9 (Cloud track) covered privesc paths. This module is the operational guide. Scope hierarchy Management Group → Subscription → Resource Group → Resource. Inheritance flows down. Least-privilege principle: assign at the lowest scope possible. Built-in roles to know Owner — full control + can manage access Contributor — full control without manage-access Reader — […]

Intermediate 20 →

Entra ID Conditional Access

Conditional Access = Entra ID’s policy engine. The single highest-leverage security control in any Microsoft-shop enterprise. The if-then structure If [signals] then [decision]. Signals User / group Cloud app Device platform Location Sign-in risk (Identity Protection) User risk Device compliance Authentication strength Decisions Block Require MFA Require compliant device Require Hybrid AAD-joined device Require approved […]

Intermediate 20 →

Microsoft Defender Suite

“Microsoft Defender” is a brand covering many products. Knowing which is which saves money and improves coverage. The portfolio Defender for Endpoint — EDR; replaces traditional AV Defender for Identity — on-prem AD detection (formerly ATA) Defender for Cloud Apps — CASB Defender for Office 365 — email/collab security Defender for Cloud — multi-cloud CSPM […]

Intermediate 20 →

Azure Network Security

Azure has multiple network security products with overlapping but distinct purposes. The layers NSG — Layer 4 ACLs at NIC or subnet level ASG — Application Security Group; tag-based grouping for NSG rules Azure Firewall — managed L4/L7 firewall; full-feature Application Gateway + WAF — L7 load balancer + OWASP CRS WAF Front Door + […]

Intermediate 20 →

Azure Storage Security

Azure Blob Storage is the Azure equivalent of S3. Same misconfigurations, slightly different tooling. Common findings Public-access containers SAS tokens with overly broad permissions / long expiry Account keys instead of Azure AD auth No encryption at rest with customer-managed keys No firewall restricting source IP The hardening Disable public access at storage account level […]

Intermediate 15 →

Sentinel Deployment

Sentinel = Microsoft’s SIEM. Cloud-native, KQL-based, integrates with Defender suite. Architecture Log Analytics Workspace = data store Sentinel = analytics layer on top Connectors = data ingestion Workbooks = dashboards Analytics Rules = detections Playbooks = SOAR automation (Logic Apps) Top connectors Entra ID Microsoft 365 Defender XDR Azure Activity Azure AD audit logs Office […]

Advanced 20 →

M10

Azure Key Vault

Azure Key Vault stores keys, secrets, certificates. Managed Identity integration is the win. What goes in Key Vault Keys (cryptographic; can be HSM-backed in Premium tier) Secrets (passwords, connection strings, API keys) Certificates (managed lifecycle) Access models Vault Access Policy — legacy; granular per-vault RBAC — modern; consistent with rest of Azure RBAC is recommended […]

Intermediate 15 →

M11

Microsoft Purview

Purview is Microsoft’s data governance + protection brand. Components Information Protection — sensitivity labels for documents/emails; classification + encryption DLP — Data Loss Prevention; policies across Office, Teams, endpoints Insider Risk Management — UEBA-style detection eDiscovery — for legal holds and investigations Communication Compliance — monitor specific employee communications Data Map / Data Catalog — […]

Intermediate 15 →

M12

Azure Cost-Aware Security

Azure security tools have free and paid tiers. Wrong choice = either insecure or unnecessarily expensive. The price-conscious choices Defender for Cloud free tier — covers basic CSPM. Standard tier for cloud workload protection. Sentinel pricing — per GB ingested. Tune ingestion; archive low-value data. Log Analytics retention — first 90 days included; longer extra. […]

Intermediate 15 →

M13

Azure Incident Response

Module 7 (Blue Team) covered IR generally. This is the Azure-specific actions. Compromised account playbook Disable user account in Entra ID Revoke active sessions and refresh tokens (Revoke-AzureADUserAllRefreshToken) Reset password Review AD audit logs for the user (last 30 days) Check for created service principals or app registrations Review M365 mailbox forwarding rules Review consent […]

Advanced 15 →

Common questions about this track

How long will this track take me? +

Most learners finish in 4-8 weeks at a sustainable 4-5 hours per week. Modules are self-paced so you can move faster or slower as life allows.

Do I need prior experience? +

Module 1 sets the entry baseline. The first module is always free; if it feels approachable, the track is for you.

Will this prepare me for industry certifications? +

Most modules align with the body of knowledge tested by senior security certifications. The Academy is not a cert-prep course but produces working knowledge that transfers to any cert exam in the same domain.

Ready to start?

Begin with Module 1. Work through at your own pace. Free modules require no signup — everything else unlocks with a free RingSafe Academy account.

Start Module 1 → View pricing tiers 🗺️ Explore Skill Map