Introduction
You can use the Microsoft Defender for Cloud to assess the security configuration of your Azure VM resources and the Windows Server operating system (OS) that's running on the VM.
Scenario
Contoso is a medium-size financial services company in London with a branch office in New York. Most of its compute environment runs on-premises on Windows Server. Contoso has virtualized workloads on Windows Server 2016 hosts. Contoso IT staff are in the process of migrating Contoso servers to Windows Server 2025.
Contoso’s IT director realizes that Contoso has an outdated operational model with limited automation, and reliance on dated technology. The Contoso IT Engineering team is exploring Azure capabilities. They want to determine whether Azure services might assist with modernizing the current operational model through automation, and virtualization.
As part of the initial design, the Contoso IT team asked you, their lead system engineer and server administrator, to set up a proof of concept environment. This environment must verify whether Azure services can help to modernize the IT infrastructure and meet business goals.
Securing VM resources both in Azure and on-premises is important to the IT staff at Contoso. In this module, learn about Microsoft Defender for Cloud and how to enable it in hybrid environments. This module teaches you to onboard Windows Server computers to Microsoft Defender for Cloud, and how to use it to protect your resources. Also learn about Microsoft Sentinel, security information and event management (SIEM), and security orchestration, automation, and response (SOAR).
Learning objectives
After completing this module, you'll be able to:
- Describe Microsoft Defender for Cloud.
- Enable Microsoft Defender for Cloud in hybrid environments.
- Onboard Windows Server computers to Microsoft Defender for Cloud.
- Implement and assess security policies.
- Describe Microsoft Sentinel.
- Implement SIEM and SOAR.
- Protect your resources with Microsoft Defender for Cloud.
Prerequisites
In order to get the best learning experience from this module, it's important that you have knowledge and experience of the following:
- Managing Windows Server operating system and Windows Server workloads in on-premises scenarios, including Active Directory Domain Services (AD DS), Domain Name System (DNS), the Distributed File System (DFS), Microsoft Hyper-V, and file and storage services
- Common Windows Server management tools
- Core Microsoft compute, storage, networking, and virtualization technologies
- On-premises resiliency Windows Server–based compute and storage technologies
- Implementing and managing infrastructure as a service (IaaS) services in Azure
- Microsoft Entra ID
- Security-related technologies (firewalls, encryption, multifactor authentication)
- Windows PowerShell scripting
- Automation and monitoring