SC100 Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies

vaughan mason - 2022-04-21

Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies (20–25%)

Design a regulatory compliance strategy

• interpret compliance requirements and translate into specific technical capabilities (new or existing)
  • Compliance
• evaluate infrastructure compliance by using Microsoft Defender for Cloud
  • Defender for Cloud
• interpret compliance scores and recommend actions to resolve issues or improve security
  • Review Security Recommendation
• design implementation of Azure Policy
  • Azure Policy
• design for data residency requirements
  • Enabling Data Residency and Data Protection in Microsoft Azure Regions
• translate privacy requirements into requirements for security solutions
  • Protection Customer Data

Evaluate security posture and recommend technical strategies to manage risk

• evaluate security posture by using benchmarks (including Azure security benchmarks, ISO 2701, etc.)
  • Compliance
• evaluate security posture by using Microsoft Defender for Cloud
• Defender for Cloud
• evaluate security posture by using Secure Scores
• evaluate security posture of cloud workloads
• design security for an Azure Landing Zone
  • Landing Zone Security
• interpret technical threat intelligence and recommend risk mitigations
  • Threat Detection
• recommend security capabilities or controls to mitigate identified risks
  • Azure Security Technical Capabilities

Useful Links

Go Back

Link

This page was last updated at 2022-04-21

If you don't agree with the content on this page, please click here