AZ-500: Microsoft Azure Security Technologies

This course provides IT Security Professionals with the knowledge and skills needed to implement security controls, maintain an organization’s security posture, and identify and remediate security vulnerabilities. This course includes security for identity and access, platform protection, data and applications, and security operations.

Description

Overview

In this course students will gain the knowledge and skills needed to implement security controls, maintain the security posture, and identify and remediate vulnerabilities by using a variety of security tools. The course covers scripting and automation, virtualization, and cloud N-tier architecture.

Course Objectives

After completing this course, students will be able to:

  • Implement enterprise governance strategies including role-based access control, Azure policies, and resource locks.
  • Implement an Azure AD infrastructure including users, groups, and multi-factor authentication.
  • Implement Azure AD Identity Protection including risk policies, conditional access, and access reviews.
  • Implement Azure AD Privileged Identity Management including Azure AD roles and Azure resources.
  • Implement Azure AD Connect including authentication methods and on-premises directory synchronization.
  • Implement perimeter security strategies including Azure Firewall.
  • Implement network security strategies including Network Security Groups and Application Security Groups.
  • Implement host security strategies including endpoint protection, remote access management, update management, and disk encryption.
  • Implement container security strategies including Azure Container Instances, Azure Container Registry, and Azure Kubernetes.
  • Implement Azure Key Vault including certificates, keys, and secretes.
  • Implement application security strategies including app registration, managed identities, and service endpoints.
  • Implement storage security strategies including shared access signatures, blob retention policies, and Azure Files authentication.
  • Implement database security strategies including authentication, data classification, dynamic data masking, and always encrypted.
  • Implement Azure Monitor including connected sources, log analytics, and alerts.
  • Implement Azure Security Center including policies, recommendations, and just in time virtual machine access.
  • Implement Azure Sentinel including workbooks, incidents, and playbooks.

Who Should Attend

This course is for Azure Security Engineers who are planning to take the associated certification exam, or who are performing security tasks in their day-to-day job. This course would also be helpful to an engineer that wants to specialize in providing security for Azure-based digital platforms and play an integral role in protecting an organization's data.

Course Outline

Module 1:​ Identity and ​Access​ Identity and Access

Master identity and access management in Microsoft Entra ID, securing users, groups, and external identities, implementing authentication and authorization controls, and managing application access and security.

  • Manage identities in Microsoft Entra ID
  • Manage authentication by using Microsoft Entra ID
  • Manage authorization by using Microsoft Entra ID
  • Manage application access in Microsoft Entra ID

Lab:

  • Role-Based Access Control

Module 2: Secure Networking

Master the intricacies of securing Azure networks, encompassing virtual networks, encryption, firewall setup, private access, and DDoS protection, with this comprehensive training.

  • Plan and implement security for virtual networks
  • Plan and implement security for private access to Azure resources
  • Plan and implement security for public access to Azure resources

Labs:

  • Network Security Groups and Application Security Groups
  • Azure Firewall

Module 3: Secure Compute, Storage, and Databases

Master the art of managing security operations in Azure, from governance and policy creation to infrastructure security, key management, security posture, threat protection, and advanced security monitoring and automation.

  • Plan and implement advanced security for compute
  • Plan and implement security for storage
  • Plan and implement security for Azure SQL Database and Azure SQL Managed Instance

Labs:

  • Configuring and securing ACR and AKS​
  • Securing Azure SQL Database
  • Service Endpoints and Securing Storage

Module 4: Security Operations

Master the art of managing security operations in Azure, from governance and policy creation to infrastructure security, key management, security posture, threat protection, and advanced security monitoring and automation.

  • Plan, implement, and manage governance for security
  • Manage security posture by using Microsoft Defender for Cloud
  • Configure and manage threat protection by using Microsoft Defender for Cloud
  • Cloud Configure and manage security monitoring and automation solutions

Labs:

  • Key Vault​
  • Azure Monitor
  • Azure Security Center
  • Azure Sentinel

Prerequisites

Successful learners will have prior knowledge and understanding of:

  • Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model.
  • Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods.
  • Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information.
  • Have experience with Windows and Linux operating systems and scripting languages.

Course labs may use PowerShell and the CLI.

Similar courses

This course was built to incorporate a unique, in-depth, and interactive hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to achieve the CEH credential.

More Information

The CCISO program is a first-of-its-kind training and certification course that aims to produce cybersecurity executives of the highest caliber and ethics.

More Information

This course covers methods and practices for performing advanced data analytics at scale.

More Information

This course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur.

More Information

This course teaches Azure Solution Architects how to design infrastructure solutions. Course topics cover governance, compute, application architecture, storage, data integration, authentication, networks, business continuity, and migrations. The course combines lecture with case studies to demonstrate basic architect design principles.

More Information

This course will teach you how to build apps with low-code techniques to simplify, automate, and transform business tasks and processes using Microsoft Power Platform. This course contains a 1-day Applied Workshop. This workshop will allow you to practice your App Maker skills by creating an end-to-end solution to solve a problem for a fictitious company. The solution will include a Microsoft Dataverse database, Power Apps canvas app, and Power Automate flows.

More Information

This course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst.

More Information

Certified Information Systems Auditor (CISA) Boot Camp is a five-day training focused on preparing you for the ISACA CISA exam. You’ll leave with the knowledge and domain expertise needed to pass the CISA exam the first time you take it.

More Information

This course provides students with the knowledge and skills to administer a SQL Server database infrastructure for cloud, on-premises and hybrid relational databases and who work with the Microsoft PaaS relational database offerings. Additionally, it will be of use to individuals who develop applications that deliver content from SQL-based relational databases.

More Information

The Azure Administrator implements, manages, and monitors identity, governance, storage, compute, and virtual networks in a cloud environment. 90%+ of those who are new to Azure or just starting formal Azure training start here!

More Information

In this 5-day course, you will learn day-to-day management tasks, including how to manage applications, client health, hardware and software inventory, operating system deployment, and software updates by using Configuration Manager. You also will learn how to optimize Endpoint Protection, manage compliance, and create management queries and reports. Although this course and the associated labs are written for Windows Server 2022, the skills taught will also be backwards compatible for Server 2016 and 2019.

More Information

The course is appropriate for existing SharePoint on-premises administrators and new administrators to Office 365 who need to understand how to correctly setup SharePoint Online for their company. The course will also help SharePoint on-premise administrators understand the differences between SharePoint on-premises and SharePoint Online.

More Information

This course gives a detailed overview of Microsoft Intune and how it is used in organizations.

More Information

As an endpoint administrator, you collaborate with architects, Microsoft 365 administrators, security administrators, and other workload administrators to plan and implement a modern workplace strategy that meets the business needs of an organization. This course will also prepare you for the Endpoint Administrator Associate Microsoft certification.

More Information

In this course, you will use Copilot to streamline communication, power up your content creation, and maximize the potential of generative AI.

More Information

CompTIA Security+ is a global certification that validates the foundational cybersecurity skills necessary to perform core security functions and pursue an IT security career. It establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. CompTIA Security+ is compliant with ISO 17024 standards and approved by the U.S. DoD to meet Directive 8140.03M requirements.

More Information

This course provides foundational knowledge on the considerations and benefits of adopting cloud services and the Software as a Service (SaaS) cloud model, with a specific focus on Microsoft 365 cloud service offerings.

More Information

Gain fundamental knowledge and skills to use PowerShell for administering and automating administration of Windows servers.

More Information

Learn how to make SharePoint online relevant to your team by using a sites functionality to help you share information and collaborate with your colleagues.

More Information

Gain a broad view of how to respond to a cybersecurity incident while preparing for the CyberSec First Responder certification.

More Information

In this course, you will use Microsoft Power Apps to build and deploy low-code business apps.

More Information

In this course, you will use generative AI tools to help you develop text and images that you can use in your word processor or desktop publishing application.

More Information

This course begins by examining the Microsoft Copilot for Microsoft 365 design. Its main focus, however, is on the security and compliance features that administrators must configure in their Microsoft 365 tenant to protect their company's organizational data before they implement Copilot for Microsoft 365.

More Information

This course will teach students who are new or unfamiliar with Microsoft Copilot how to use it effectively in common situations. The course focuses on Copilot for Microsoft 365, using the AI in applications like Word, PowerPoint, Excel, Outlook, OneNote and Teams. It also covers other popular Copilot experiences found in Windows 11, Edge and the Copilot website.

More Information

This five-day instructor-led course teaches IT professionals the fundamental administration skills required to deploy and support Windows Server in most organizations. It is designed primarily for IT professionals who have some experience with Windows Server and will be responsible for managing identity, networking, storage and compute by using Windows Server, and who need to understand the scenarios, requirements, and options that are available and applicable to Windows Server.

More Information

This four-day course is intended for Windows Server Hybrid Administrators who have experience working with Windows Server and want to extend the capabilities of their on-premises environments by combining on-premises and hybrid technologies. Windows Server Hybrid Administrators implement and manage on-premises and hybrid solutions such as identity, management, compute, networking, and storage in a Windows Server hybrid environment.

More Information

Our Exam Cram sessions are intensive, focused review sessions designed to help your team master key concepts and pass their CompTIA certification exams with confidence. Led by expert instructors, these sessions provide in-depth, targeted hands-on practice to ensure your team is fully prepared for exam day. Security+ covers the most in-demand skills related to current threats, automation, zero trust, IoT, risk – and more. This exam cram session is included with the Security+ course.

More Information

The Certified Information Systems Security Manager (C-ISSM) course covers the skills and knowledge to assess threat analysis & risks, risk & incident management, security programs & CISO roles, IS security strategy & frameworks, audit & risk management creation of policies, compliance & awareness, as well as DR & BCP development, deployment & maintenance. This course not only covers ISACA®'s CISM exam, but will provide a measurable certification that demonstrates proficiency in the IS Management field.

More Information

This scenario-based course focuses on computer security as an applied process across job roles and industries. The course also helps to prepare students for achieving the widely regarded Certified Information Systems Security Professional (CISSP) certification.

More Information

This course is a continuation of AZ-040T00: Automating Administration with PowerShell, taking a deep dive into the development of PowerShell cmdlets and modules and features both hands on labs and challenging exercises to help you practice the skills presented in class. Time will be spent on the theory of how to design cmdlets as well as the proper structure of the programming code to facility cmdlets that work with the PowerShell piping in keeping with community standards.

More Information

This is a 5-day course is designed to provide you with the knowledge and skills required to support and troubleshoot Windows 11 PCs and devices in an on-premises Windows Server Active Directory domain environment.

More Information

This course introduces fundamental concepts related to artificial intelligence (AI), and the services in Microsoft Azure that can be used to create AI solutions. It is designed as a blended learning experience that combines instructor-led training with online materials. The hands-on exercises in the course are based on Learn modules, and students are encouraged to use the content on Learn as reference materials to reinforce what they learn in the class and to explore topics in more depth.

More Information

AI-102 Designing and Implementing an Azure AI Solution is intended for software developers wanting to build AI infused applications that leverage Azure Cognitive Services, Azure Cognitive Search, and Microsoft Bot Framework. The course will use C# or Python as the programming language.

More Information

This course teaches Network Engineers how to design, implement, and maintain Azure networking solutions. This course covers the process of designing, implementing, and managing core Azure networking infrastructure, Hybrid Networking connections, load balancing traffic, network routing, private access to Azure services, network security and monitoring.

More Information

Azure OpenAI Service provides access to OpenAI’s powerful large language models such as GPT; the model behind the popular ChatGPT service. These models enable various natural language processing (NLP) solutions to understand, converse, and generate content. Users can access the service through REST APIs, SDKs, and Azure OpenAI Studio. In this course, you’ll learn how to provision Azure OpenAI service, deploy models, and use them in generative AI applications.

More Information

This course teaches developers how to create end-to-end solutions in Microsoft Azure. Students will learn how to implement Azure compute solutions, create Azure Functions, implement and manage web apps, develop solutions utilizing Azure storage, implement authentication and authorization, and secure their solutions by using Key Vault and Managed Identities. The course also covers monitoring, troubleshooting, and optimizing Azure solutions.

More Information

This is an introductory course. Students will learn the fundamentals of database concepts in a cloud environment, get basic skilling in cloud data services, and build a foundational knowledge of cloud data services within Microsoft Azure. Students will identify and describe core data concepts such as relational, non-relational, big data, and analytics, and explore how this technology is implemented with Microsoft Azure. You will explore the roles, tasks, and responsibilities in the world of data.

More Information

This course provides the knowledge and skills to design and implement DevOps processes and practices. Students will learn how to plan for DevOps, use source control, scale Git for an enterprise, consolidate artifacts, design a dependency management strategy, manage secrets, implement continuous integration, implement a container build strategy, design a release strategy, set up a release management workflow, implement a deployment pattern, and optimize feedback mechanisms.

More Information

This course will provide foundational level knowledge on cloud concepts; core Azure services; and Azure management and governance features and tools.

More Information

This course covers the following key elements of Microsoft 365 administration: Microsoft 365 tenant management, Microsoft 365 identity synchronization, and Microsoft 365 security and compliance.

More Information

The Microsoft Identity and Access Administrator course explores how to design, implement, and operate an organization’s identity and access management systems by using Microsoft Entra ID (Formerly Azure AD). Learn to manage tasks such as providing secure authentication and authorization access to enterprise applications. You will also learn to provide seamless experiences and self-service management capabilities for all users.

More Information

Learn how to protect information in your Microsoft 365 deployment. This course focuses on data governance and information protection within your organization. The course covers implementation of data loss prevention policies, sensitive information types, sensitivity labels, data retention policies and Office 365 message encryption among other related topics. The course helps learners prepare for the Microsoft Information Protection Administrator exam (SC-400).

More Information

The Cloud is being widely adopted today for a diverse set of reasons. However, many are finding that security in the cloud is a huge challenge. The C)CSO looks to fill the gap in cloud security education and give you the skills you need to develop strong cloud security.

More Information

The Certified Security Principles (C)SP) course is going to prepare you for security across the entire environment including understanding risk management, identity and access control, network and data security. This is just a short list of everything covered within this course, which will include new technologies like IoT and cloud services. This course is intended to prepare you to become a benefit to any company attempting to improve its security posture.

More Information

The Certified Cybersecurity Systems Auditor (C)CSSA) course covers the skills and knowledge to assess vulnerabilities, report on compliance and implement controls for private and public enterprises. Many organizations require a Cybersecurity System Auditor's expert knowledge when it comes to identifying critical issues and providing effective auditing solutions.

More Information

The CISSO addresses the broad range of industry best practices, knowledge and skills expected of a security manager/officer. You will learn in-depth theory pertaining to the practical implementation of core security concepts, practices, monitoring and compliance of IS management. Whether you’re responsible for the management of a Cybersecurity team, a Security Officer, an IT auditor or a Business Analyst, the C)ISSO certification course is an ideal way to increase your knowledge, expertise and skill.

More Information

To protect an information system you need to be able to see that system through the eyes of the attacker. The Certified Professional Ethical Hacker certification course is the foundational training to a line of penetration testing courses because it teaches you to think like a hacker. Therefore, you can set up dynamic defenses to prevent intrusion.

More Information

A Certified Penetration Testing Engineer (C)PTE) imagines all of the ways that a hacker can penetrate a data system. In this course you will learn 5 Key Elements of Pen Testing, discover the latest vulnerabilities and the techniques malicious hackers are using to acquire and destroy data and learn more about the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate to the business needs in order to reduce business risk.

More Information

The Certified Secure Web Application Engineer (C)SWAE) course is delivered by high level OWASP experts and students can expect to obtain real world security knowledge that enables them to recognize vulnerabilities, exploit system weaknesses and help safeguard against application threats. You will learn how to develop web applications that aren't subject to common vulnerabilities, and how to test and validate that their applications are secure, reliable and resistant to attack.

More Information

This course is intended for power users and IT professionals who are tasked with working within the SharePoint 2016 environment and conduct site collection and site administration. This course is for an on-premise SharePoint environment.

More Information

The course focuses on common data engineering tasks such as orchestrating data transfer and transformation pipelines, working with data files in a data lake, creating and loading relational data warehouses, capturing and aggregating streams of real-time data, and tracking data assets and lineage.

More Information

This course teaches developers how to create applications using the SQL API and SDK for Azure Cosmos DB. Students will learn how to write efficient queries, create indexing policies, manage and provision resources, and perform common operations with the SDK.

More Information

In this course students will learn the various security, compliance, and identity concepts. After attending you will be able to describe the capabilities of Microsoft’s identity and access management solutions and Microsoft security and compliance solutions.

More Information

This five-day course describes how to set up, configure and manage an Office 365 tenant including identities, and the core services of Microsoft 365. In this five-day course, you will learn how to plan the configuration of an Office 365 tenant including integration with existing user identities; plan, configure and manage core services; and report on key metrics.

More Information