Exercise: Design a security operations strategy


This case study exercise is designed to provide experience performing some conceptual design tasks that relate to the subjects learned in this module.

Case study: Design a Security Operations Solution

Tailwind Traders is a fictitious home improvement retailer. It operates retail hardware stores across the globe and online. The Tailwind Traders CISO is aware of the opportunities offered by Azure, but also understands the need for strong security and solid cloud architecture. Without strong security and a great point of reference architecture, the company may have difficulty managing the Azure environment and costs, which are hard to track and control. The CISO is interested in understanding how Azure manages and enforces security standards.


Tailwind Traders is planning to make some significant changes to their Security Operations. They have asked for your assistance with recommendations and questions. Here are the specific requirements.

Security and Activity logs

The company has a new security optimization project for customer environments. The CISO wants to ensure that all available Azure logs are sourced and correlated within Microsoft Sentinel.

Design tasks

  • What are different ways Tailwind Traders could collect events, performance data, or custom data provided through the API? Evaluate a solution and explain your decision-making process.
  • What are the different ways Tailwind Traders could prevent, detect, and respond to threats with increased visibility into (and control over) the security of your Azure resources? Evaluate a solution and explain your decision-making process.
  • How are you incorporating Azure Security Operations services available to users to protect their data, applications, and other assets in Microsoft Azure?