Microsoft Azure Security Technologies (AZ-500T00)

This course provides IT Security Professionals with the knowledge and skills needed to implement security controls, maintain an organization’s security posture, and identify and remediate security vulnerabilities. This course includes security for identity and access, platform protection, data and applications, and security operations.

Course Information

Price: $2,495.00
Duration: 4 days
Certification: Microsoft Azure Security Technologies
Exam: AZ-500
Learning Credits:

Contact Us for Exclusive Service Member Pricing

Course Delivery Options

Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location with a virtual live instructor.

Train face-to-face with the live instructor.

Access to on-demand training content anytime, anywhere.

Attend the live class from the comfort of your home or office.

Interact with a live, remote instructor from a specialized, HD-equipped classroom near you. An SLI sales rep will confirm location availability prior to registration confirmation.

All Sunset Learning dates are guaranteed to run!

Register

Prerequisites:

Successful learners will have prior knowledge and understanding of:

  • Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model.
  • Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods.
  • Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security-specific information.
  • Have experience with Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI.

 

Target Audience:

This course is for Azure Security Engineers who are planning to take the associated certification exam, or who are performing security tasks in their day-to-day job. This course would also be helpful to an engineer that wants to specialize in providing security for Azure-based digital platforms and play an integral role in protecting an organization's data.

 

Course Objectives:

Students will learn to:

  • Secure Azure solutions with Microsoft Entra ID
  • Implement Hybrid identity
  • Deploy Microsoft Entra ID protection
  • Configure Microsoft Entra privileged identity management
  • Design an enterprise governance strategy
  • Implement perimeter security
  • Configure network security
  • Configure and manage host security
  • Enable Containers security
  • Deploy and secure Azure Key Vault
  • Configure application security features
  • Implement storage security
  • Configure and manage SQL database security
  • Configure and manage Azure Monitor
  • Enable and manage Microsoft Defender for Cloud
  • Configure and monitor Microsoft Sentinel

 

Course Outline:

Module 1: Secure Azure solutions with Microsoft Entra ID

  • Configure Microsoft Entra ID and Microsoft Entra Domain Services for security
  • Create users and groups that enable secure usage of your tenant
  • Use MFA to protect user's identities
  • Configure passwordless security options

Module 2: Implement Hybrid Identity

  • Deploy Microsoft Entra Connect
  • Pick and configure the best authentication option for your security needs
  • Configure password writeback

Module 3: Deploy Microsoft Entra ID protection

  • Deploy and configure Identity Protection
  • Configure MFA for users, groups, and applications
  • Create Conditional Access policies to ensure your security
  • Create and follow an access review process

Module 4: Configure Microsoft Entra privileged identity management

  • Describe Zero Trust and how it impacts security
  • Configure and deploy roles using Privileged Identity Management (PIM)
  • Evaluate the usefulness of each PIM setting as it relates to your security goals

Module 5: Design an enterprise governance strategy

  • Explain the shared responsibility model and how it impacts your security configuration
  • Create Azure policies to protect your solutions
  • Configure and deploy access to services using RBAC

Module 6: Implement perimeter security

  • Define defense in depth
  • Protect your environment from denial-of-service attacks
  • Secure your solutions using firewalls and VPNs
  • Explore your end-to-end perimeter security configuration based on your security posture

Module 7: Configure network security

  • Deploy and configure network security groups to protect your Azure solutions
  • Configure and lockdown service endpoints and private links
  • Secure your applications with Application Gateway, Web App Firewall, and Front Door
  • Configure ExpressRoute to help protect your network traffic

Module 8: Configure and manage host security

  • Configure and deploy Endpoint Protection
  • Deploy a privileged access strategy for devices and privileged workstations
  • Secure your virtual machines and access to them
  • Deploy Windows Defender
  • Practice layered security by reviewing and implementing Security Center and Security Benchmarks

Module 9: Enable Containers security

  • Define the available security tools for containers in Azure
  • Configure security settings for containers and Kubernetes services
  • Lock down network, storage, and identity resources connected to your containers
  • Deploy RBAC to control access to containers

Module 10: Deploy and secure Azure Key Vault

  • Define what a key vault is and how it protects certificates and secrets
  • Deploy and configure Azure Key Vault
  • Secure access and administration of your key vault
  • Store keys and secrets in your key vault
  • Explore key security considers like key rotation and backup/recovery

Module 11: Configure application security features

  • Register an application in Azure using app registration
  • Select and configure which Microsoft Entra users can access each application
  • Configure and deploy web app certificates

Module 12: Implement storage security

  • Define data sovereignty and how that is achieved in Azure
  • Configure Azure Storage access in a secure and managed way
  • Encrypt your data while it is at rest and in transit
  • Apply rules for data retention

Module 13: Configure and manage SQL database security

  • Configure which users and applications have access to your SQL databases
  • Block access to your servers using firewalls
  • Discover, classify, and audit the use of your data
  • Encrypt and protect your data while is it stored in the database.

Module 14: Configure and manage Azure Monitor

  • Configure and monitor Azure Monitor
  • Define metrics and logs you want to track for your Azure applications
  • Connect data sources to and configure Log Analytics
  • Create and monitor alerts associated with your solutions security

Module 15: Enable and manage Microsoft Defender for Cloud

  • Define the most common types of cyber-attacks
  • Configure Azure Security Center based on your security posture
  • Review Secure Score and raise it
  • Lock down your solutions using Security Center and Defender
  • Enable Just-in-Time access and other security features

Module 16: Configure and monitor Microsoft Sentinel

  • Explain what Azure Sentinel is and how it is used
  • Deploy Azure Sentinel
  • Connect data to Azure Sentinel, like Azure Logs, Microsoft Entra ID, and others
  • Track incidents using workbooks, playbooks, and hunting techniques