Microsoft Azure Security Certification Training (AZ-500)

Explore how to deploy and configure Azure AD Connect to create a hybrid identity solution for your company.

By the end of this module, you will be able to:

• Deploy Azure AD Connect
• Pick and configure the best authentication option for your security needs
• Configure password writeback

Protect identities in Azure AD using Conditional Access, MFA, access reviews, and other capabilities.

By the end of this module, you will be able to:

• Deploy and configure Identity Protection
• Configure MFA for users, groups, and applications
• Create Conditional Access policies to ensure your security
• Create and follow an access review process

Ensure that your privileged identities have extra protection and are accessed only with the least access needed to do the job.

By the end of this module, you'll be able to:

• Describe Zero Trust and how it impacts security
• Configure and deploy roles using Privileged Identity Management (PIM)
• Evaluate the usefulness of each PIM setting as it relates to your security goals

Learn to use RBAC and Azure Policy to limit access to your Azure solutions and determine which method suits your security goals.

By the end of this module, you will be able to:

• Explain the shared responsibility model and how it impacts your security configuration
• Create Azure policies to protect your solutions
• Configure and deploy access to services using RBAC

Prevent attacks before they get to your Azure solutions. Use defense concepts in depth and zero trust to secure Azure perimeter.

By the end of this module, you will be able to:

• Define defense in depth
• Protect your environment from denial-of-service attacks
• Secure your solutions using firewalls and VPNs
• Explore your end-to-end perimeter security configuration based on your security posture

Use Azure network capabilities to secure your network and applications from external and internal attacks.

By the end of this module, you will be able to:

• Deploy and configure network security groups to protect your Azure solutions
• Configure and lockdown service endpoints and private links
• Secure your applications with Application Gateway, Web App Firewall, and Front Door
• Configure ExpressRoute to help protect your network traffic

Learn to lock down the devices, virtual machines, and other components that run your applications in Azure.

By the end of this module, you will be able to:

• Configure and deploy Endpoint Protection
• Deploy a privileged access strategy for devices and privileged workstations
• Secure your virtual machines and access to them
• Deploy Windows Defender
• Practice layered security by reviewing and implementing Security Center and Security Benchmarks

Explore how to secure your applications running within containers and how to connect to them securely.

By the end of this module, you will be able to:

• Define the available security tools for containers in Azure
• Configure security settings for containers and Kubernetes services
• Lock down network, storage, and identity resources connected to your containers
• Deploy RBAC to control access to containers

Protect your keys, certificates, and secrets in Azure Key Vault. Learn to configure key vault for the most secure deployment.

By the end of this module, you will be able to:

• Define what a key vault is and how it protects certificates and secrets
• Deploy and configure Azure Key Vault
• Secure access and administration of your key vault
• Store keys and secrets in your key vault
• Explore critical security considers like key rotation and backup/recovery

Register your company applications then use Azure security features to configure and monitor secure access to the application.

By the end of this module, you will be able to:

• Register an application in Azure using app registration
• Select and configure which Azure AD users can access each application
• Configure and deploy web app certificates

Ensure your data is stored, transferred, and accessed securely using Azure storage and file security features.

By the end of this module, you will be able to:

• Define data sovereignty and how that is achieved in Azure
• Configure Azure Storage access in a secure and managed way
• Encrypt your data while it is at rest and in transit
• Apply rules for data retention

Configure and lock down your SQL database on Azure to protect your corporate data while it's stored.

By the end of this module, you'll be able to:

• Configure which users and applications have access to your SQL databases
• Block access to your servers using firewalls
• Discover, classify, and audit the use of your data
• Encrypt and protect your data while it is stored in the database

Use Azure Monitor, Log Analytics, and other Azure tools to monitor the secure operation of your Azure solutions.

By the end of this module, you will be able to:

• Configure and monitor Azure Monitor
• Define metrics and logs you want to track for your Azure applications
• Connect data sources to and configure Log Analytics
• Create and monitor alerts associated with your solutions' security

Use Microsoft Defender for Cloud to strengthen security posture and protect workloads against modern threats in Azure.

By the end of this module, you're able to:

• Define the most common types of cyber-attacks
• Configure Microsoft Defender for cloud based on your security posture
• Review Secure Score and raise it
• Lock down your solutions using Microsoft Defender for Cloud's workload protection
• Enable Just-in-Time access and other security features

Use Microsoft Sentinel to discover, track, and respond to security breaches within your Azure environment.

By the end of this module, you'll be able to:

• Explain what Microsoft Sentinel is and how it is used
• Deploy Microsoft Sentinel
• Connect data to Microsoft Sentinel, like Azure Logs, Azure AD, and others
• Track incidents using workbooks, playbooks, and hunting techniques