Monitor and Resolve Security Issues using Security Center
This IT Pro Challenge virtual lab teaches you how to use Remote Desktop Protocol (RDP) to review security recommendations for virtual machines and resolve security and threat protection issues. You will learn how to create a file share and attach storage to it, and view the Microsoft Antimalware installation.
Already have an account? Sign In »
In this IT Pro Challenge lab, learners will review the security settings for a virtual machine, enable endpoint protection, attach storage to a Cloud Shell file share for use with Windows PowerShell, view the installation status of the Microsoft Antimalware and view the Antimalware settings, as well as the successful installation of the Malicious Software Removal Tool. Learners will gain a solid understanding of Windows Powershell commands, which is useful for careers in network or system administration.
Overview
The scenario for this virtual lab is that you are a system administrator. Your company is migrating its virtual machines to Azure. After the initial deployment and configuration of these machines, your job is to review the security recommendations for one of the machines and then resolve the threat protection issues. To do this, you will first use Remote Desktop Protocol (RDP) to connect to an Azure virtual machine. Then, you will review the security issues and resolve one of them. Finally, you will review the Microsoft Antimalware installation details for the virtual machine.
Connect to the DevSystem1 virtual machine using RDP
To begin, you need to sign in to the Azure portal, display the DevSystem1 virtual machine, and use Remote Desktop Protocol (RDP) to connect to the virtual machine. In Server Manager, you need to select Local Server and turn IE Enhanced Security Configuration off.
Review and resolve Azure security alerts
Next, you will access the security settings for DevSystem1 and review the recommendations. Then you will select Endpoint Protection not installed on Azure VMs and then Install on 1 VMs. Then on the Select Endpoint Protection blade, you will select Microsoft Antimalware and configure the endpoint protection installation. When you’re finished, verify that the Endpoint Protection state now says Resolved.
Configure Azure Cloud Shell for use with PowerShell
Now, using the provided storage account, create a file share (cloud-shell) and set the Quota to 6. Launch PowerShell from the Azure portal and select Show advanced settings. You will see the existing storage account settings. In the file share, you will use the one you just created (cloud-shell) and then select to Attach storage to the cloud-shell.
View the Microsoft Antimalware installation on DevSystem1
To conclude the lab, you need to view the Microsoft Antimalware installation on DevSystem1. To do this, you will launch the Azure portal, display the activity log for DevSystem1, and view the installation status. You should see the event initiated by the Windows Azure Security Resource Provider.
Launch Cloud Shell and run the Get-AzureRMVMExtension -ResourceGroupName VMRGlod7329095 -VMName DevSystem1 -Name IaaSAntiMalware command to view the Antimalware settings. Then switch back to the RDP window, open the Task Manager, and confirm that Antimalware Service is running. On DevSystem1, you will open the Event Viewer and confirm the Information event in the System Logs from Windows Update Agent for information on the successful installation of the Malicious Software Removal Tool.
Summary Conclusion
By taking this hands-on lab, you will learn how to use RDP to connect to an Azure virtual machine, review security issues for the virtual machine, resolve those security issues, and view the Microsoft Antimalware Installation details for the virtual machine. You will also learn how to use Windows Powershell to configure Cloud Shell.
