Configure trusted launch security features for Azure virtual machines
Intermediate
Security Engineer
Azure Virtual Machines
Microsoft Defender for Cloud
Azure
Configure Trusted Launch security features for Azure virtual machines. Enable Secure Boot, vTPM, and integrity monitoring to protect against boot-level malware and rootkits. Upgrade existing Gen1 and Gen2 VMs to the Trusted Launch security type and enforce adoption at scale using Azure Policy.
Learning objectives
After completing this module, you can:
- Identify how Trusted Launch protects against boot-level threats using Secure Boot, vTPM, and integrity monitoring
- Enable Trusted Launch and configure its security components on new and existing Azure VMs
- Upgrade existing Gen1 VMs to Gen2 with Trusted Launch enabled
- Enforce Trusted Launch adoption using built-in Azure Policy
Prerequisites
- Working knowledge of Azure Virtual Machines, including deploying and managing VMs
- Familiarity with Azure Policy fundamentals
- Basic understanding of Microsoft Defender for Cloud
Get started with Azure
Choose the Azure account that's right for you. Pay as you go or try Azure free for up to 30 days. Sign up.