Introduction

As a cybersecurity architect, you're responsible for designing security strategies that protect your organization's digital estate. To do this effectively, you need to understand the best practice frameworks available to you and how they work together.

This module introduces you to the concept of Zero Trust, common security antipatterns, and the key best practice frameworks that Microsoft provides for cybersecurity. You explore the Cloud Adoption Framework (CAF), the Azure Well-Architected Framework (WAF), the Microsoft Cybersecurity Reference Architectures (MCRA), and the Microsoft cloud security benchmark (MCSB). You also learn about the Zero Trust adoption framework.

This module is the first in a series that makes up the Cybersecurity Architects training content. Later modules cover these frameworks in greater depth from a design and evaluation perspective. Here, the focus is on understanding what each framework is, what it provides, and when to use it.

Learning objectives

By the end of this module, you're able to:

• Describe common security antipatterns and the role of best practices for cybersecurity architects.
• Describe the concept of Zero Trust and its guiding principles.
• Describe the purpose and scope of CAF, WAF, MCRA, and MCSB.
• Describe the Zero Trust adoption framework.
• Describe how the different best practice frameworks relate to each other.

Prerequisites

• Conceptual knowledge of security policies, requirements, Zero Trust architecture, and management of hybrid environments.
• Working experience with Zero Trust strategies, applying security policies, and developing security requirements based on business goals.