Includes coverage of the September 2021 exam updates! Prepare for Microsoft Exam AZ-500 and demonstrate your knowledge of Azure security controls that protect identity, access, data, applications, and networks in cloud and hybrid environments as part of an end-to-end infrastructure.
Microsoft MVP and Microsoft Certified Azure Solutions Architect Tim Warner walks you through what to expect on the AZ-500 Microsoft Azure Security Technologies exam. The new Azure certifications are aligned to industry job roles; earning Azure certification both validates your specific Azure skill set and increases your value in today's crowded IT job market. Think of the news you've read lately regarding data breaches and ransomware attacks. Knowing how to secure applications and data in the cloud is a business necessity these days, as well as a lucrative job skill. Azure Security Engineer is a popular Microsoft certification for both IT newcomers and veterans. Exam AZ-500 has a reputation as a challenging exam because of the breadth and depth of its content. This training course covers every Exam AZ-500 objective and provides just what you need to pass in a friendly, approachable, and logical way.
Intermediate to Advanced
What You Will Learn
Complete your AZ-500 exam preparation with confidence
Manage identity and access to Azure enforcing least-privilege security
Implement Azure platform protection
Manage security operations in your Azure environment
Secure data and applications
Who Should Take This Course
Certification candidates preparing for exam AZ-500 Microsoft Azure Security Technologies
Any Microsoft certification candidate interested in learning the Azure Security Engineer skill set
Any IT professional looking to understand how Microsoft Azure institutes information security
Candidates for this exam should have practical experience in administration of Azure and hybrid environments.
Candidates should have experience with infrastructure as code, security operations processes, cloud capabilities, and Azure services.
About the Publisher, Microsoft Press
Microsoft Press creates IT books and references for all skill levels across the range of Microsoft technologies. https://www.microsoftpressstore.com/
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at http://www.informit.com/video.
Table of Contents
Module 1: Manage Identity and Access
Lesson 1: Manage Azure AD Identities 1.1 Create and manage a managed identity for Azure resources 1.2 Manage Azure AD groups 1.3 Manage Azure AD users 1.4 Manage external identities by using Azure AD 1.5 Manage administrative units Lesson 2: Manage Azure AD Secure Access 2.1 Configure Azure AD Privileged Identity Management (PIM) 2.2 Implement Conditional Access policies, including multifactor authentication 2.3 Implement Azure AD Identity Protection 2.4 Implement passwordless authentication 2.5 Configure access reviews Lesson 3: Manage Application Access 3.1 Integrate single sign-on (SSO) and identity providers for authentication 3.2 Create an app registration 3.3 Configure app registration permission scopes 3.4 Manage app registration permission consent 3.5 Manage API permissions to Azure subscriptions and resources 3.6 Configure an authentication method for a service principal Lesson 4: Manage Access Control 4.1 Configure Azure role permissions for management groups, subscriptions, resource groups, and resources 4.2 Interpret role and resource permissions 4.3 Assign built-in Azure AD roles 4.4 Create and assign custom roles, including Azure roles and Azure AD roles
Module 2: Implement Platform Protection
Lesson 5: Implement Azure Firewall Security 5.1 Secure the connectivity of hybrid networks 5.2 Secure the connectivity of virtual networks 5.3 Create and configure Azure Firewall 5.4 Create and configure Azure Firewall Manager Lesson 6: Implement Network Load Balancer Security 6.1 Create and configure Azure Application Gateway 6.2 Create and configure Azure Front Door 6.3 Create and configure Web Application Firewall (WAF) Lesson 7: Implement Storage and Application Security 7.1 Configure a resource firewall, including storage account, Azure SQL, Azure Key Vault, or Azure App Service 7.2 Configure network isolation for Web Apps and Azure Functions 7.3 Implement Azure service endpoints Lesson 8: Implement Virtual Network Security 8.1 Implement Azure Private Endpoints, including integrating with other services 8.2 Implement Azure Private Links 8.3 Implement Azure DDoS Protection Lesson 9: Configure Advanced Security for Compute 9.1 Configure Azure Endpoint Protection for virtual machines (VMs) 9.2 Implement and manage security updates for VMs 9.3 Configure security for container services 9.4 Manage access to Azure Container Registry Lesson 10: Configure Data Encryption 10.1 Configure security for serverless compute 10.2 Configure security for an Azure App Service 10.3 Configure encryption at rest 10.4 Configure encryption in transit
Module 3: Manage Security Operations
Lesson 11: Configure Centralized Policy Management 11.1 Configure a custom security policy 11.2 Create a policy initiative 11.3 Configure security settings and auditing by using Azure Policy Lesson 12: Configure and Manage Threat Protection 12.1 Configure Azure Defender for Servers (not including Microsoft Defender for Endpoint) 12.2 Evaluate vulnerability scans from Azure Defender 12.3 Configure Azure Defender for SQL 12.4 Use the Microsoft Threat Modeling Tool Lesson 13: Configure and Manage Security Monitoring Solutions 13.1 Create and customize alert rules by using Azure Monitor 13.2 Configure diagnostic logging and log retention by using Azure Monitor 13.3 Monitor security logs by using Azure Monitor 13.4 Create and customize alert rules in Azure Sentinel 13.5 Configure connectors in Azure Sentinel 13.6 Evaluate alerts and incidents in Azure Sentinel
Module 4: Secure Data and Applications
Lesson 14: Configure Security for Storage 14.1 Configure access control for storage accounts 14.2 Configure storage account access keys 14.3 Configure Azure AD authentication for Azure Storage and Azure Files 14.4 Configure delegated access Lesson 15: Configure Security for Data 15.1 Enable database authentication by using Azure AD 15.2 Enable database auditing 15.3 Configure dynamic masking on SQL workloads 15.4 Implement database encryption for Azure SQL Database 15.5 Implement network isolation for data solutions, including Azure Synapse Analytics and Azure Cosmos DB Lesson 16: Configure and Manage Azure Key Vault 16.1 Create and configure Key Vault 16.2 Configure access to Key Vault 16.3 Manage certificates, secrets, and keys 16.4 Configure key rotation 16.5 Configure backup and recovery of certificates, secrets, and keys