Enhance your security expertise with our AZ-500 training course. It's designed to prepare you for the AZ-500 Microsoft Azure Security certification, equipping you with the skills to master Azure security functions and vulnerability management strategies. Dive into key areas like Azure Active Directory (AAD), Networks (NET), Storage Security (STOR), and Database Security (DBS), making it an ideal choice for those pursuing Azure Security certification.
Instructor
AZ-500T00: Microsoft Azure Security Technologies Training
The AZ-500T00: Microsoft Azure Security Technologies course focuses on advanced security management within Microsoft Azure. It delves into managing identities and access with Microsoft Entra ID, covering authentication methods, authorization, and application access. The course also addresses securing networking components, including virtual networks, private access, and advanced security measures like VPNs and firewalls. Participants will gain skills in enhancing identity protection, managing permissions, and implementing robust network security strategies to safeguard Azure environments.
Target Audience
Security Engineer
Security Analyst
Prerequisites
Required:
Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model.
Have experience with Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI.
Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods.
Recommended:
AZ-104T00: Microsoft Azure Administrator
OR
Required:
Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration; instead, the course content builds on that knowledge by adding security-specific information.
Recommended:
AZ-900T00: Introduction to Microsoft Azure
AI+ Executive™
AI+ Prompt Engineer™: Level 1
Course Objectives
Implement enterprise governance strategies including role-based access control, Azure policies, and resource locks
Implement an Azure AD infrastructure including users, groups, and multi-factor authentication
Implement Azure AD Identity Protection including risk policies, conditional access, and access reviews
Implement Azure AD Privileged Identity Management including Azure AD roles and Azure resources
Implement Azure AD Connect including authentication methods and on-premises directory synchronization
Implement perimeter security strategies including Azure Firewall
Implement network security strategies including Network Security Groups and Application Security Groups
Implement host security strategies including endpoint protection, remote access management, update management, and disk encryption
Implement container security strategies including Azure Container Instances, Azure Container Registry, and Azure Kubernetes
Implement Azure Key Vault including certificates, keys, and secrets
Implement application security strategies including app registration, managed identities, and service endpoints
Implement storage security strategies including shared access signatures, blob retention policies, and Azure Files authentication
Implement database security strategies including authentication, data classification, dynamic data masking, and always encrypted
Implement Azure Monitor including connected sources, log analytics, and alerts
Implement Azure Security Center including policies, recommendations, and just in time virtual machine access
Implement Azure Sentinel including workbooks, incidents, and playbooks
Course Outline
1) Secure identity and access
Manage security controls for identity and access
Secure user identities in Microsoft Entra ID by implementing strong authentication and access management controls
Protect groups and access management by enforcing security measures to prevent unauthorized changes or misuse
Manage external identities securely by defining policies that ensure confidentiality, integrity, and proper access control
Implement Microsoft Entra ID Protection to detect, investigate, and mitigate identity-related security threats
Apply Conditional Access policies to enforce security controls based on user behavior, device compliance, and contextual risks
Manage Microsoft Entra application access
Manage enterprise application access in Microsoft Entra ID, including OAuth permission grants for access control
Govern application integration with identity platforms through Microsoft Entra ID app registrations
Configure app registration permission scopes for appropriate resource access levels
Manage app registration consent and use service principals and managed identities for automated management and enhanced security
2) Secure networking
Plan and implement security for virtual networks
Implement security measures for Azure virtual networks to safeguard data and resources
Utilize NSGs and ASGs for network traffic security, and manage UDRs for optimal traffic routing
Establish secure network connectivity through Virtual Network peering, VPN gateways, and Virtual WAN
Enhance network security with VPN configurations, ExpressRoute encryption, PaaS firewall settings, and Network Watcher monitoring
Plan and implement security for private access to Azure resources
Develop security strategies for private access to Azure resources to protect sensitive data
Utilize virtual network Service Endpoints and Private Endpoints for secure Azure service access
Manage Private Link services for secure resource exposure and integrate Azure App Service and Functions with virtual network
Configure network security for App Service Environment and Azure SQL Managed Instance to safeguard web applications and databases
Plan and implement security for public access to Azure resources
Develop strategies for secure public access to Azure resources, preventing unauthorized access and breaches
Implement TLS for Azure App Service and API Management to encrypt data in transit
Protect network traffic with Azure Firewall and Application Gateway for optimized web application security and delivery
Enhance web app performance with Azure Front Door and CDN, and deploy WAF and DDoS Protection for robust defense against attacks
3) Secure compute, storage, and databases
Plan and implement advanced security for compute
Enhance Azure compute resources' security against vulnerabilities and attacks with advanced measures
Secure remote access via Azure Bastion and JIT VM access, and implement network isolation for AKS
Strengthen AKS clusters' security, monitor Azure Container Instances and Apps, and manage access to Azure Container Registry
Implement disk encryption methods like ADE and manage API access securely in Azure API Management
Plan and implement security for storage
Develop security strategies for Azure storage resources, ensuring data protection during rest and transit
Manage storage account access with effective access control and secure key lifecycle management
Tailor access methods for Azure Files, Blob Storage, Tables, and Queues to specific use cases
Strengthen data security with soft delete, backups, versioning, immutable storage, BYOK, and double encryption
Plan and implement security for Azure SQL Database and Azure SQL Managed Instance
Implement security for Azure SQL Managed Instance to safeguard sensitive data
Use Microsoft Enterprise Identity for database authentication and conduct database auditing for compliance
Utilize Microsoft Purview for data governance and classification to protect sensitive information
Apply dynamic masking and Transparent Database Encryption, and recommend Always Encrypted for client-side data protection
4) Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Implement and manage enforcement of cloud governance policies
Enforce compliance using Azure Policy to create and manage security policies
Streamline secure infrastructure deployment with Azure Blueprint
Utilize landing zones for consistent Azure security and manage sensitive data with Azure Key Vault
Enhance key security with HSM recommendations, effective access control, and regular key rotation and backup processes
Manage security posture by using Microsoft Defender for Cloud
Utilize Microsoft Defender for Cloud Secure Score and Inventory to identify and mitigate security risks, enhancing overall security posture
Assess and align with security frameworks using Microsoft Defender for Cloud to ensure adherence to security standards and best practices
Integrate specific industry and regulatory standards into Microsoft Defender for Cloud for tailored compliance
Connect hybrid and multicloud environments to Microsoft Defender for Cloud for centralized security management, and monitor external assets to safeguard against external threats
Configure and manage threat protection by using Microsoft Defender for Cloud
Master the configuration of Microsoft Defender for Cloud to effectively monitor and protect cloud resources
Implement advanced threat detection strategies using Microsoft Defender for Cloud's built-in capabilities
Utilize Microsoft Defender for Cloud's threat intelligence to proactively identify and mitigate security risks
Configure and fine-tuning security policies within Microsoft Defender for Cloud to align with organizational security requirements
Develop expertise in incident response and remediation using Microsoft Defender for Cloud's integrated tools and features
Configure and manage security monitoring and automation solutions
Use Azure Monitor for effective security event monitoring in cloud environments
Implement data connectors in Microsoft Sentinel for comprehensive security data collection
Develop customized analytics rules in Microsoft Sentinel for targeted threat detection
Assess and automate responses to security incidents in Microsoft Sentinel to enhance workflow efficiency
5) LAB Outline
Role Based Access Control
Network Security Groups and Application Security Groups
Azure Firewall
Configuring and Securing ACR and AKS
Securing Azure SQL Database
Service Endpoints and Securing Storage
Key Vault (Implementing Secure Data by setting up Always Encrypted)
The AZ-500T00: Microsoft Azure Security Technologies course focuses on advanced security management within Microsoft Azure. It delves into managing identities and access with Microsoft Entra ID, covering authentication methods, authorization, and application access. The course also addresses securing networking components, including virtual networks, private access, and advanced security measures like VPNs and firewalls. Participants will gain skills in enhancing identity protection, managing permissions, and implementing robust network security strategies to safeguard Azure environments.
Target Audience
Security Engineer
Security Analyst
Prerequisites
Required:
Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model.
Have experience with Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI.
Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods.
Recommended:
AZ-104T00: Microsoft Azure Administrator
OR
Required:
Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration; instead, the course content builds on that knowledge by adding security-specific information.
Recommended:
AZ-900T00: Introduction to Microsoft Azure
AI+ Executive™
AI+ Prompt Engineer™: Level 1
Course Objectives
Implement enterprise governance strategies including role-based access control, Azure policies, and resource locks
Implement an Azure AD infrastructure including users, groups, and multi-factor authentication
Implement Azure AD Identity Protection including risk policies, conditional access, and access reviews
Implement Azure AD Privileged Identity Management including Azure AD roles and Azure resources
Implement Azure AD Connect including authentication methods and on-premises directory synchronization
Implement perimeter security strategies including Azure Firewall
Implement network security strategies including Network Security Groups and Application Security Groups
Implement host security strategies including endpoint protection, remote access management, update management, and disk encryption
Implement container security strategies including Azure Container Instances, Azure Container Registry, and Azure Kubernetes
Implement Azure Key Vault including certificates, keys, and secrets
Implement application security strategies including app registration, managed identities, and service endpoints
Implement storage security strategies including shared access signatures, blob retention policies, and Azure Files authentication
Implement database security strategies including authentication, data classification, dynamic data masking, and always encrypted
Implement Azure Monitor including connected sources, log analytics, and alerts
Implement Azure Security Center including policies, recommendations, and just in time virtual machine access
Implement Azure Sentinel including workbooks, incidents, and playbooks
Course Outline
1) Secure identity and access
Manage security controls for identity and access
Secure user identities in Microsoft Entra ID by implementing strong authentication and access management controls
Protect groups and access management by enforcing security measures to prevent unauthorized changes or misuse
Manage external identities securely by defining policies that ensure confidentiality, integrity, and proper access control
Implement Microsoft Entra ID Protection to detect, investigate, and mitigate identity-related security threats
Apply Conditional Access policies to enforce security controls based on user behavior, device compliance, and contextual risks
Manage Microsoft Entra application access
Manage enterprise application access in Microsoft Entra ID, including OAuth permission grants for access control
Govern application integration with identity platforms through Microsoft Entra ID app registrations
Configure app registration permission scopes for appropriate resource access levels
Manage app registration consent and use service principals and managed identities for automated management and enhanced security
2) Secure networking
Plan and implement security for virtual networks
Implement security measures for Azure virtual networks to safeguard data and resources
Utilize NSGs and ASGs for network traffic security, and manage UDRs for optimal traffic routing
Establish secure network connectivity through Virtual Network peering, VPN gateways, and Virtual WAN
Enhance network security with VPN configurations, ExpressRoute encryption, PaaS firewall settings, and Network Watcher monitoring
Plan and implement security for private access to Azure resources
Develop security strategies for private access to Azure resources to protect sensitive data
Utilize virtual network Service Endpoints and Private Endpoints for secure Azure service access
Manage Private Link services for secure resource exposure and integrate Azure App Service and Functions with virtual network
Configure network security for App Service Environment and Azure SQL Managed Instance to safeguard web applications and databases
Plan and implement security for public access to Azure resources
Develop strategies for secure public access to Azure resources, preventing unauthorized access and breaches
Implement TLS for Azure App Service and API Management to encrypt data in transit
Protect network traffic with Azure Firewall and Application Gateway for optimized web application security and delivery
Enhance web app performance with Azure Front Door and CDN, and deploy WAF and DDoS Protection for robust defense against attacks
3) Secure compute, storage, and databases
Plan and implement advanced security for compute
Enhance Azure compute resources' security against vulnerabilities and attacks with advanced measures
Secure remote access via Azure Bastion and JIT VM access, and implement network isolation for AKS
Strengthen AKS clusters' security, monitor Azure Container Instances and Apps, and manage access to Azure Container Registry
Implement disk encryption methods like ADE and manage API access securely in Azure API Management
Plan and implement security for storage
Develop security strategies for Azure storage resources, ensuring data protection during rest and transit
Manage storage account access with effective access control and secure key lifecycle management
Tailor access methods for Azure Files, Blob Storage, Tables, and Queues to specific use cases
Strengthen data security with soft delete, backups, versioning, immutable storage, BYOK, and double encryption
Plan and implement security for Azure SQL Database and Azure SQL Managed Instance
Implement security for Azure SQL Managed Instance to safeguard sensitive data
Use Microsoft Enterprise Identity for database authentication and conduct database auditing for compliance
Utilize Microsoft Purview for data governance and classification to protect sensitive information
Apply dynamic masking and Transparent Database Encryption, and recommend Always Encrypted for client-side data protection
4) Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Implement and manage enforcement of cloud governance policies
Enforce compliance using Azure Policy to create and manage security policies
Streamline secure infrastructure deployment with Azure Blueprint
Utilize landing zones for consistent Azure security and manage sensitive data with Azure Key Vault
Enhance key security with HSM recommendations, effective access control, and regular key rotation and backup processes
Manage security posture by using Microsoft Defender for Cloud
Utilize Microsoft Defender for Cloud Secure Score and Inventory to identify and mitigate security risks, enhancing overall security posture
Assess and align with security frameworks using Microsoft Defender for Cloud to ensure adherence to security standards and best practices
Integrate specific industry and regulatory standards into Microsoft Defender for Cloud for tailored compliance
Connect hybrid and multicloud environments to Microsoft Defender for Cloud for centralized security management, and monitor external assets to safeguard against external threats
Configure and manage threat protection by using Microsoft Defender for Cloud
Master the configuration of Microsoft Defender for Cloud to effectively monitor and protect cloud resources
Implement advanced threat detection strategies using Microsoft Defender for Cloud's built-in capabilities
Utilize Microsoft Defender for Cloud's threat intelligence to proactively identify and mitigate security risks
Configure and fine-tuning security policies within Microsoft Defender for Cloud to align with organizational security requirements
Develop expertise in incident response and remediation using Microsoft Defender for Cloud's integrated tools and features
Configure and manage security monitoring and automation solutions
Use Azure Monitor for effective security event monitoring in cloud environments
Implement data connectors in Microsoft Sentinel for comprehensive security data collection
Develop customized analytics rules in Microsoft Sentinel for targeted threat detection
Assess and automate responses to security incidents in Microsoft Sentinel to enhance workflow efficiency
5) LAB Outline
Role Based Access Control
Network Security Groups and Application Security Groups
Azure Firewall
Configuring and Securing ACR and AKS
Securing Azure SQL Database
Service Endpoints and Securing Storage
Key Vault (Implementing Secure Data by setting up Always Encrypted)
Azure Monitor
Microsoft Defender for Cloud
Microsoft Sentinel
SpireTec solutions is the latest technology enabled I.Tmanagement training company specialized in offering 1500+ courses with the state of art training facilities backed by a team of industry experts in various domains with assuring best quality services.
Since SpireTec provides 24X7 training and support for your training needs is very adaptable to your time availabilities and offers customized training programs according to your availability and time zones of your contingent.
Because SpireTec aims for the personal & professional growth of you as individual & corporate as a whole, providing training on the latest and updated versions in the designated domains.
It is preferable but not mandatory to have domain experience in the area of your interest in which you want to opt training, supported by good English communication skills, a good Wi-Fi and computer or laptop system in case you want remote training.
Spire Tec aims and ensure to offer finest and world-class training to the participants by giving them a proper counselling and a guided career path by our industry experts which leads guaranteed success for you in the corporate world.
We offer online training (1-1, Group training), Classroom training, Onsite training with state of art facilities.
We use cookies
Some cookies are essential for this site to function and cannot be turned off. Others are set to help us
understand how our service performs and is used, and to support our marketing efforts.
Learn more in our
Terms &
Privacy Policy.
Live Online Training (Duration : 32 Hours)
