Manage security for Arc-enabled hybrid servers
Intermediate
Security Engineer
Azure Arc
Microsoft Defender for Cloud
Azure
Manage security controls for Azure Arc-enabled hybrid servers. Configure RBAC and extension security to prevent unauthorized agent modifications. Then apply Azure Policy to enforce security baselines on Arc-enrolled machines. Finally, monitor hybrid server security posture in Microsoft Defender for Cloud.
Learning objectives
After completing this module, you can:
- Configure RBAC and extension allow/block lists to protect Arc-enabled servers from unauthorized extension installation
- Assign and manage Azure Policy for Arc-enabled servers to enforce security baselines
- Monitor the security posture of Arc-enrolled servers in Microsoft Defender for Cloud
- Apply machine configuration policies to Arc-enrolled servers
Prerequisites
- Familiarity with Azure Arc-enabled servers, including connecting machines to Azure Arc
- Understanding of Azure role-based access control (RBAC) and Azure Policy fundamentals
- Basic familiarity with Microsoft Defender for Cloud
Get started with Azure
Choose the Azure account that's right for you. Pay as you go or try Azure free for up to 30 days. Sign up.