Secure AI Solutions in the Cloud Using Microsoft Defender for Cloud and Microsoft Entra (SC-5009)

Course 8777
1 DAY COURSE
Price: $716.00
Course Outline

As organizations adopt AI-powered applications and services, securing AI workloads becomes a critical component of cloud security. This course teaches security and cloud professionals how Microsoft security solutions help protect AI workloads running in Azure.

Students learn how Microsoft Defender for Cloud supports AI security and governance, how to secure Microsoft Foundry environments, and how to implement identity and access controls using Microsoft Entra ID. The course also covers AI guardrails, Azure role-based access control (RBAC), Conditional Access, Identity Protection, and security monitoring capabilities that help organizations manage and secure AI solutions.

Through hands-on exercises, students gain practical experience configuring security controls and managing access for AI workloads in Azure.

Secure AI Solutions in the Cloud Using Microsoft Defender for Cloud and Microsoft Entra (SC-5009) Benefits

  • What You'll Learn

    After completing this course, you will be able to:
    •    Describe AI security risks and governance considerations in Azure 
    •    Use Microsoft Defender for Cloud to assess and protect AI workloads 
    •    Configure AI guardrails and content safety controls in Microsoft Foundry 
    •    Secure Microsoft Foundry environments using Microsoft Entra ID, Azure Key Vault, and network isolation controls 
    •    Implement Azure RBAC and managed identities 
    •    Plan and administer Conditional Access policies 
    •    Manage identity risk using Microsoft Entra Identity Protection 
    •    Monitor and investigate AI security alerts using Microsoft security tools

    Prerequisites

    Students should have:
    •    A basic understanding of Azure services and cloud security concepts
    •    Familiarity with Microsoft Entra ID and Azure role-based access control (RBAC)
    •    Experience working with Microsoft security technologies is helpful but not required

Secure AI Cloud Solutions Training Outline

Learning Objectives

Understand How Microsoft Defender for Cloud Supports AI Security and Governance in Azure

  • Understand AI services in Azure
  • Understand AI security risks in Azure
  • AI guardrails and protections in Azure
  • How Azure security and governance tools support AI workloads

Protect AI Workloads with Microsoft Defender for Cloud

  • Enable the AI Workloads plan
  • Review insights in the Data & AI Security Dashboard
  • Assess and improve AI security posture with Cloud Security Posture Management (CSPM)
  • Detect AI threats at runtime with Cloud Workload Protection (CWP)
  • Investigate AI security alerts with prompt evidence in Microsoft Defender XDR

Configure and Manage Guardrails in Microsoft Foundry

  • Understand guardrails and Microsoft Content Safety
  • Understand safety controls in Microsoft Foundry
  • Try built-in guardrails
  • Create and manage blocklists
  • Configure and apply guardrails
  • Select and refine guardrails for AI workloads

Secure Microsoft Foundry Environments

  • Control access using Microsoft Entra ID
  • Manage access within Microsoft Foundry projects
  • Secure secrets with Azure Key Vault
  • Isolate networks using managed virtual networks and Private Link
  • Enable diagnostic logging

Understand Identity Architecture for AI Workloads

  • Identity as the control layer for AI solutions
  • Management plane and data plane access
  • Authentication flows for AI endpoints
  • Human and workload identities
  • Role assignments and scope management
  • Common identity misconfigurations

Implement Access Management for Azure Resources

  • Assign Azure roles
  • Configure custom Azure roles
  • Create and configure managed identities
  • Access Azure resources using managed identities
  • Analyze Azure role permissions
  • Configure Azure Key Vault RBAC policies
  • Retrieve objects from Azure Key Vault

Plan, Implement, and Administer Conditional Access

  • Plan security defaults
  • Design Conditional Access policies
  • Implement Conditional Access controls and assignments
  • Test and troubleshoot Conditional Access policies
  • Implement application controls
  • Configure session management and continuous access evaluation
  • Use the Microsoft Entra Conditional Access Optimization Agent

Manage Microsoft Entra Identity Protection

  • Review identity protection fundamentals
  • Implement and manage user risk policies
  • Configure sign-in risk policies
  • Configure multifactor authentication registration policies
  • Monitor, investigate, and remediate risky users
  • Secure workload identities
  • Explore Microsoft Defender for Identity
  • Explore the Identity Risk Management Agent
Course Dates
Attendance Method
Additional Details (optional)