AZ-500: Secure cloud resources with Microsoft security technologies

AZ-500 Course: Secure cloud resources with Microsoft security technologies

This course provides IT security professionals with the knowledge and skills necessary to implement security controls, maintain an organization's security posture, and identify and remediate security vulnerabilities. This course covers identity and access security, platform, data and application security, and security operations.

Online course with a free certification exam included. Don't miss this opportunity! The exam is valued at €126 + VAT and is included at no extra cost.

Promotion valid until December 31, 2025. One-opportunity exam available only in Virtual - E-learning format. Not applicable to Self-Learning format.

Level: Intermediate - Product: Azure - Role: Security Engineer

Azure cloud security - Microsoft Security Technologies - Cloud resource protection - Identity management - Access control - Data encryption - Application security - Compliance and security

Course aimed at

This course is designed for Azure security engineers who plan to take the associated certification exam or who perform security tasks in their daily work. This course would also be beneficial for an engineer who wants to specialize in providing security for Azure-based digital platforms and play an integral role in protecting an organization's data.

Objectives of the AZ-500 course

• Implement security controls: You will learn how to configure and manage security controls to protect resources in Azure, including identity and access protection, platform security, data, and applications.
  
• Maintaining a secure posture: You will develop skills to maintain and improve your organization's security posture, ensuring that systems and data are protected against threats.
  
• Identify and fix vulnerabilities: You will learn to identify and remediate security vulnerabilities using tools such as Microsoft Defender for Cloud.
  
• Implement threat protection: You will configure and manage threat protection solutions to detect and respond to security incidents in Azure, multi-cloud, and hybrid environments.

Elements of the Microsoft Learn AZ-500 training

• AZ-500: Identity and Access Protection (2 modules)
• AZ-500: Secure Networks (3 modules)
• AZ-500: Secure Processing, Storage and Databases (3 modules)
• AZ-500: Azure protection using Microsoft Defender for Cloud and Microsoft Sentinel (4 modules)

Course Content AZ-500 Protecting Cloud Resources with Microsoft Security Technologies

Module 1. Managing Identity and Access

Lessons

• Managing security controls for identity and access
  
• Managing application access in Microsoft Login

Lab 01: Role-based access control

After completing this module, students will be able to:

• Effectively manage identities with Microsoft Entra ID to ensure secure access and identity governance.
  
• Manage authentication processes effectively with Microsoft Entra ID to protect user access and verify identities.
  
• Implement and manage authorization settings with Microsoft Entra ID to securely control access rights and permissions.
  
• Effectively manage and protect access to applications with Microsoft Entra ID to ensure proper user authorization and authentication.

Module 2. Network Protection

Lessons

• Planning and implementation of virtual network security
  
• Planning and implementation of security for private access to Azure resources
  
• Planning and implementation of security for public access to Azure resources
  

Lab 02: Network Security Groups and Application Security Groups

Lab 03: Azure Firewall

After completing this module, students will be able to:

• Plan and implement security measures for virtual networks, encompassing NSGs, ASGs, UDRs, VNET peering, VPN Gateway instances, Virtual WANs, and network monitoring using Network Watcher.
  
• Establish private access to Azure resources using service endpoints, private endpoints, Private Link services, and secure configurations for App Service, Azure Functions, and Azure SQL Managed Instance.
  
• Implement security for public access to Azure, including TLS application integration, Azure Firewall, Application Gateway, Front Door, WAF, and recommendations for Azure DDoS Protection.
  

Module 3. Protection of processes, storage and databases

Lessons

• Planning and implementation of advanced process security
  
• Storage security planning and implementation
  
• Planning and implementing security for Azure SQL Database and Azure SQL Managed Instance
  

Laboratory 04: Configuration and protection of ACR and AKS

Lab 05: Protecting Azure SQL Database

Laboratory 06: Service connection points and secure storage

After completing this module, students will be able to:

• Strengthen process security using Azure Bastion, AKS configurations, container monitoring, and advanced encryption techniques.
  
• Improve storage security with customized access controls, threat protection measures, and various encryption strategies.
  
• Strengthen Azure SQL Database protection through advanced authentication, auditing, data classification, and encryption recommendations.
  

Module 4. Protecting Azure using Microsoft Defender for Cloud and Microsoft Sentinel

Lessons

• Implementation and management of compliance with cloud governance directives
  
• Managing your security posture with Microsoft Defender for Cloud
  Configuring and managing threat protection using Microsoft Defender for Cloud
  
• Configuration and administration of automation and security monitoring solutions
  

Laboratory 07: Key Warehouse

Lab 08: Creating a Log Analytics workspace, an Azure Storage account, and a data collection rule (DCR)

Lab 09: Configuring Enhanced Security Features of Microsoft Defender for Cloud for Servers

Lab 10: Enabling Just-In-Time access on virtual machines

Lab 11: Microsoft Sentinel

After completing this module, students will be able to:

• Implement security operations, establish governance, and deploy Azure policies and infrastructure, while protecting keys and certificates.
  
• Improve Defender's security posture, ensure compliance, and monitor external threats.
  
• Configure Defender for various threats, manage alerts, and leverage Sentinel for advanced security strategies.

Prerequisites

Students who pass the test will have prior knowledge and understanding of:

• Recommended procedures and industry security requirements, such as defense in depth, least privilege access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model.
• Security protocols, such as virtual private networks (VPNs), Internet Security Protocol (IPSec), Secure Sockets Layer (SSL), and disk and data encryption methods.
• Having some experience in deploying Azure workloads is required. This course does not cover the basics of Azure administration, but the content builds upon that knowledge by adding specific security information.
• Experience with Windows and Linux systems, as well as scripting languages.
• The course labs can use PowerShell and the CLI.

Language

• Course: English / Spanish

• Labs: English / Spanish

Microsoft Associate Certification: Azure Security Engineer Associate

Microsoft Certified: Azure Security Engineer Associate

Demonstrates the skills necessary to implement security controls, maintain an organization's security position, and identify and correct security vulnerabilities.

Level: Intermediate
Role: Security Engineer
Product: Azure
Subject: Security