This course helps participants prepare for the AZ-500: Microsoft Azure Security Technologies examination. Clearing this examination is a mandatory requirement for earning the Microsoft Certified: Azure Security Engineer Associate certification. The certificate speaks for the participant’s ability to implement security controls and threat protection, manage identities and access, protect data, applications and networks in the cloud and hybrid environment as part of the end-to-end infrastructure.
Overview
This course helps participants prepare for the AZ-500: Microsoft Azure Security Technologies examination. Clearing this examination will help participants earn the Microsoft Certified: Azure Security Engineer Associate certification. The course covers the essential skills participants need to prepare for the AZ-500 examination, including managing identity and access, implementing platform protection, managing security operations and securing data and applications.
What You'll Learn
- Configure Microsoft Azure Active Directory for workloads
- Configure Microsoft Azure tenant security
- Implement network security
- Implement host security
- Configure container security
- Configure security policies
- Manage security alerts
- Configure application security
- Configure security for data infrastructure
Curriculum
- Create App registration
- Configure App registration permission scopes
- Manage App registration permission consent
- Configure multi-factor authentication settings
- Manage Microsoft Azure AD directory groups
- Manage Microsoft Azure AD users
- Install and configure Microsoft Azure AD Connect
- Configure authentication methods
- Implement conditional access policies
- Configure Microsoft Azure AD identity protection
- Monitor privileged access
- Configure access reviews
- Activate Privileged Identity Management
- Transfer Microsoft Azure subscriptions between Microsoft Azure AD tenants
- Manage API access to Microsoft Azure subscriptions and resources
- Configure virtual network connectivity
- Configure Network Security Groups (NSGs)
- Create and configure Microsoft Azure firewall
- Create and configure application security groups
- Configure remote access management
- Configure baseline
- Configure resource firewall
- Configure endpoint security within the VM
- Configure VM security
- Harden VMs in Microsoft Azure
- Configure system updates for VMs in Microsoft Azure
- Configure baseline
- Configure network
- Configure authentication
- Configure container isolation
- Configure AKS security
- Configure container registry
- Configure container instance security
- Implement vulnerability management
- Create Microsoft Azure resource locks
- Manage resource group security
- Configure Microsoft Azure policies
- Configure custom RBAC roles
- Configure subscription and resource permissions
- Configure Microsoft Azure monitor
- Configure Microsoft Azure log analytics
- Configure diagnostic logging and log retention
- Configure vulnerability scanning
- Configure centralized policy management by using Microsoft Azure Security Center
- Configure Just in Time VM access by using Microsoft Azure Security Center
- Create and customize alerts
- Review and respond to alerts and recommendations
- Configure a playbook for a security event by using Microsoft Azure Security Center
- Investigate escalated security incidents
- Configure data classification
- Configure data retention
- Configure data sovereignty
- Enable database authentication
- Enable database auditing
- Configure Microsoft Azure SQL Database threat detection
- Configure access control for storage accounts
- Configure key management for storage accounts
- Create and manage Shared Access Signatures (SAS)
- Configure security for HDInsights
- Configure security for Cosmos DB
- Configure security for Microsoft Azure Data Lake
- Implement Microsoft Azure SQL Database Always Encrypted
- Implement database encryption
- Implement Storage Service Encryption
- Implement disk encryption
- Implement backup encryption
- Implement security validations for application development
- Configure synthetic security transactions
- Configure SSL/TLS certs
- Configure Microsoft Azure services to protect web apps
- Create an application security baseline
- Manage access to Key Vault
- Manage permissions to secrets, certificates, and keys
- Manage certificates
- Manage secrets
- Configure key rotation
Who should attend
The course is highly recommend for –
- Cloud security professionals
- Security administrators
- Security architects
- Cybersecurity professionals
- Security engineers
- Software engineers
Prerequisites
To attend this course, participants need to have strong skills in scripting and automation, a deep understanding of networking, virtualization and cloud N-tier architecture. Participants also need to have a strong familiarity with cloud capabilities, Microsoft Azure products and services, and other Microsoft products and services.