The workbook helps you to gain better visibility into your cloud architecture from security perspective while reinforcing CMMC principles for building cybersecurity critical thinking skills. The workbook consolidates multiple log sources from your Azure environment:
- Azure Active Directory
- Azure Active Directory Identity Protection
- Azure Activity
- Azure DDoS Protection
- Azure Firewall
- Azure Information Protection
- Azure Security Center
- Common Event Format
- DNS
- Intune
- Microsoft 365 Defender
- Microsoft Cloud App Security
- Microsoft Defender for Endpoint
- Microsoft Defender for Identity
- Office 365
- Security Events
- Syslog
- Threat Intelligence Platforms
- Windows Firewall
- Teams
- User Entity Behavior Analytics
- Windows Virtual Desktop