What you'll learn:
- Identify Azure data protection mechanisms
- Implement Azure data encryption methods
- Secure virtual machines
- Manage multi-factor authentication
- Manage access control
- Understand and manage the Azure key vault
- Understand and configure network security
- Manage the Azure firewall
- Understand the Azure security center
- And much more...
Welcome to Azure Security:AZ-500 course!
In this course you will learn how to provide a high level of security to the entire Azure platform, which is currently one of the most in-demand skill sets as cyber security threats continue to rise and target cloud based resources.
May 2024 updates:
8: Entra ID Overview
9: Demo: Entra ID Overview
10: Entra ID Users
11: Demo: Entra ID Users
12: Demo: Entra ID External Users
13: Demo: Creating an Admin Entra ID User Account
14: Demo: Entra ID Premium 2 (P2 ) Activation
15: Entra ID Groups
16: Entra ID Group Expiration
17: Demo: Creating a New Entra ID Group
18: Demo: Entra ID Group Expiration
19: Self-Service Password Reset (SSPR)
20: Demo: Self-Service Password Reset (SSPR)
21: Planning for Role Based Access Control (RBAC)22: Demo: Entra ID Roles
23: Management Groups
24: Demo: Azure Roles
25: Custom Roles Based Access Control (RBAC)
26: Demo: Custom Roles Based Access Control (RBAC)
37 Demo: Conditional Access
28: Privileged Identity Management (PIM) Scenario
29: Demo: Privileged Identity Management (PIM) Scenario
31: Identity Protection
32: Identity Protection Roles
33: Demo: Identity Protection Roles
34: Security Defaults
35: Demo: Security Defaults
36: Conditional Access
37: Demo: Conditional Access
43: Demo: Azure Key Vault
45: Demo: MFA Configuration
46: Demo: Enable MFA
72: Demo: Just In Time (JIT)
74: Azure Firewall Deployment scenario
75: Demo: Deploying Infrastructure using a Custom Template
76: Azure Firewall Deployment
77: Demo: Azure Firewall Deployment
78: Adding Default Routes for the Azure Firewall
79: Demo: Adding a Default Route
80: Adding Application Rule Collections and Network Rule Collections
81: Demo: Application Rules Collection and Network Rules Collection
82: Configuring DNS settings and testing the Azure Firewall Deployment
83: Demo: Testing the Azure Firewall
85: Demo: DDoS Protection Settings
94: Demo: Connecting to Linux Virtual Machines using SSH
July 2023 updates:
This is a list of the skills you will acquire from this course:
Manage Azure Active Directory (Azure AD) identities
• Create and manage a managed identity for Azure resources
• Manage Azure AD groups
• Manage Azure AD users
• Manage external identities by using Azure AD
• Manage administrative units
Manage secure access by using Azure AD
• Configure Azure AD Privileged Identity Management (PIM)
• Implement Conditional Access policies, including multifactor authentication
• Implement Azure AD Identity Protection
• Implement passwordless authentication
• Configure access reviews
Manage application access
• Integrate single sign-on (SSO) and identity providers for authentication
• Create an app registration
• Configure app registration permission scopes
• Manage app registration permission consent
• Manage API permissions to Azure subscriptions and resources
• Configure an authentication method for a service principal
Manage access control
• Configure Azure role permissions for management groups, subscriptions, resource groups, and Resources
• Assign built-in Azure AD roles
• Create and assign custom roles, including Azure roles and Azure AD roles
Implement advanced network security
• Secure the connectivity of hybrid networks
• Secure the connectivity of virtual networks
• Create and configure Azure Firewall
• Create and configure Azure Firewall Manager
• Create and configure Azure Application Gateway
• Create and configure Azure Front Door
• Create and configure Web Application Firewall (WAF)
• Configure a resource firewall, including storage account, Azure SQL, Azure Key Vault, or Azure App Service
• Configure network isolation for Web Apps and Azure Functions
• Implement Azure Service Endpoints
• Implement Azure Private Endpoints, including integrating with other services
• Implement Azure Private Links
• Implement Azure DDoS Protection
Configure advanced security for compute
• Configure Endpoint Protection for virtual machines (VMs)
• Implement and manage security updates for VMs
• Configure security for container services
• Manage access to Azure Container Registry
• Configure security for serverless compute
• Configure security for an Azure App Service
• Configure encryption at rest
• Configure encryption in transit
Configure centralized policy management
• Configure a custom security policy
• Create a policy initiative
• Configure security settings and auditing by using Azure Policy
Configure and manage threat protection
• Configure Microsoft Defender for Servers
• Configure Microsoft Defender for SQL
Configure and manage security monitoring solutions
• Create and customize alert rules by using Azure Monitor
• Configure diagnostic logging and log retention by using Azure Monitor
• Monitor security logs by using Azure Monitor
• Create and customize alert rules in Microsoft Sentinel
• Configure connectors in Microsoft Sentinel
• Evaluate alerts and incidents in Microsoft Sentinel
Configure security for storage
• Configure access control for storage accounts
• Configure storage account access keys
• Configure Azure AD authentication for Azure Storage and Azure Files
• Configure delegated access
Configure security for data
• Enable database authentication by using Azure AD
• Enable database auditing
• Configure dynamic masking on SQL workloads
• Implement database encryption for Azure SQL Database
• Implement network isolation for data solutions, including Azure Synapse Analytics and Azure Cosmos DB
Configure and manage Azure Key Vault
• Create and configure Key Vault
• Configure access to Key Vault
• Manage certificates, secrets, and keys
• Configure key rotation
• Configure backup and recovery of certificates, secrets, and keys
