Azure Security Technologies [AZ-500]

AZ-500

Duration: 5 Days

Description

Note: The content of AZ-500 will be updated on September 29, 2021 Candidates for this exam should have subject matter expertise implementing security controls and threat protection, managing identity and access, and protecting data, applications, and networks. Responsibilities for an Azure Security Engineer include maintaining the security posture, identifying and remediating vulnerabilities by using a variety of security tools, implementing threat protection, and responding to security incident escalations. Azure Security Engineers often serve as part of a larger team dedicated to cloud-based management and security and may also secure hybrid environments as part of an end-to-end infrastructure. A candidate for this exam should be familiar with scripting and automation, and should have a deep understanding of networking and virtualization. A candidate should also have a strong familiarity with cloud capabilities, Azure products and services, and other Microsoft products...Read more

Objectives

After completing this course, students will be able to:

  • Manage identity and access
  • Implement platform protection
  • Manage security operations
  • Secure data and applications

Who Should Attend

Candidates for this exam should have subject matter expertise implementing security controls
and threat protection, managing identity and access, and protecting data, applications, and
networks.
Responsibilities for an Azure Security Engineer include maintaining the security posture,
identifying and remediating vulnerabilities by using a variety of security tools, implementing
threat protection, and responding to security incident escalations.
Azure Security Engineers often serve as part of a larger team dedicated to cloud-based
management and security and may also secure hybrid environments as part of an end-to-end
infrastructure.
A candidate for this exam should be familiar with scripting and automation, and should have a
deep understanding of networking and virtualization. A candidate should also have a strong
familiarity with cloud capabilities, Azure products and services, and other Microsoft products

Prerequisites

Before attending this course, students must have knowledge of:

  • Microsoft Azure Administrator Associate

Course Outline

Module 1: Manage identity and access
Manage Azure Active Directory identities

  • configure security for service principals
  • manage Azure AD directory groups
  • manage Azure AD users
  • manage administrative units
  • configure password writeback
  • configure authentication methods including password hash and Pass Through
    Authentication (PTA), OAuth, and passwordless
  • transfer Azure subscriptions between Azure AD tenants
    Configure secure access by using Azure AD
  • monitor privileged access for Azure AD Privileged Identity Management (PIM)
  • configure Access Reviews
  • configure PIM
  • implement Conditional Access policies including Multi-Factor Authentication (MFA)
  • configure Azure AD identity protection
    Manage application access
  • create App Registration
  • configure App Registration permission scopes
  • manage App Registration permission consent
  • manage API access to Azure subscriptions and resources
    Manage access control
  • configure subscription and resource permissions
  • configure resource group permissions
  • configure custom RBAC roles
  • identify the appropriate role
  • interpret permissions

Module 2: Implement platform protection
Implement advanced network security

  • secure the connectivity of virtual networks (VPN authentication, Express Route
    encryption)
  • configure Network Security Groups (NSGs) and Application Security Groups (ASGs)
  • create and configure Azure Firewall
  • implement Azure Firewall Manager
  • configure Azure Front Door service as an Application Gateway
  • configure a Web Application Firewall (WAF) on Azure Application Gateway
     configure Azure Bastion
  • configure a firewall on a storage account, Azure SQL, Key Vault, or App Service
  • implement Service Endpoints
  • implement DDoS protection
    Configure advanced security for compute
  • configure endpoint protection
  • configure and monitor system updates for VMs
  • configure authentication for Azure Container Registry
  • configure security for different types of containers
  • implement Azure Disk Encryption
  • configure authentication and security for Azure App Service

Module 2: Manage security operations
Monitor security by using Azure Monitor

  • create and customize alerts
  • monitor security logs by using Azure Monitor
  • configure diagnostic logging and log retention
    Monitor security by using Azure Security Center
  • evaluate vulnerability scans from Azure Security Center
  • configure Just in Time VM access by using Azure Security Center
  • configure centralized policy management by using Azure Security Center
  • configure compliance policies and evaluate for compliance by using Azure Security
    Center
  • configure workflow automation by using Azure Security Center
    Monitor security by using Azure Sentinel
  • create and customize alerts
  • configure data sources to Azure Sentinel
  • evaluate results from Azure Sentinel
  • configure a playbook
    Configure security policies
  • configure security settings by using Azure Policy
  • configure security settings by using Azure Blueprint

Module 3: Secure data and applications
Configure security for storage

  • configure access control for storage accounts
  • configure key management for storage accounts
  • configure Azure AD authentication for Azure Storage
  • configure Azure AD Domain Services authentication for Azure Files
  • create and manage Shared Access Signatures (SAS)
  • configure Storage Service Encryption
  • configure Azure Defender for Storage
    Configure security for databases
  • enable database authentication
  • enable database auditing
  • configure Azure Defender for SQL
  • implement database encryption
    Configure and manage Key Vault
  • manage access to Key Vault
  • manage permissions to secrets, certificates, and keys
  • manage certificates
  • manage secrets
  • configure key rotation
  • backup and restore of Key Vault items
  • configure Azure Defender for Key Vault

About The Trainer

The trainer will be Microsoft Azure Professional.

Course Fee

£1,799+VAT

Upcoming Batches

  • Online - 20, 21, 27, 28 Nov 2021 (Sat - Sun) Enrol
  • Online - 6, 7, 8, 9 Dec 2021 (Mon - Thu) Enrol
  • Learn More

    Field will not be visible to web visitor
    Recently Viewed Courses.
  • Azure Security Technologies [AZ-500]

  • Favorite Courses
    No Favourites added yet.

    Clientele ➞

    Our Partners