Microsoft Certified: Azure Security Engineer Associate

Shape Image One
47 students


AZ-500: Microsoft Azure Security Technologies

NOTE: The bullets that appear below each of the skills measured are intended to illustrate how we are assessing that skill. This list is not definitive or exhaustive.

NOTE: In most cases, exams do NOT cover preview features, and some features will only be added to an exam when they are GA (General Availability).

Manage Azure Active Directory identities

  • configure security for service principals
  • manage Azure AD directory groups
  • manage Azure AD users
  • configure password writeback
  • configure authentication methods including password hash and Pass Through

Authentication (PTA), OAuth, and passwordless

  • transfer Azure subscriptions between Azure AD tenants

Configure secure access by using Azure AD

monitor privileged access for Azure AD Privileged Identity Management (PIM) configure Access Reviews activate and configure PIM implement Conditional Access policies including Multi-Factor Authentication (MFA)  configure Azure AD identity protection

Manage application access

  • create App Registration
  • configure App Registration permission scopes
  • manage App Registration permission consent
  • manage API access to Azure subscriptions and resources

Manage access control

  • configure subscription and resource permissions
  • configure resource group permissions
  • configure custom RBAC roles
  • identify the appropriate role
  • apply principle of least privilege
  • interpret permissions
  • check access

Implement platform protection (15-20%)

Implement advanced network security

  • secure the connectivity of virtual networks (VPN authentication, Express Route encryption)
  • configure Network Security Groups (NSGs) and Application Security Groups (ASGs)
  • create and configure Azure Firewall
  • configure Azure Front Door service as an Application Gateway
  • configure a Web Application Firewall (WAF) on Azure Application Gateway
  • configure Azure Bastion
  • configure a firewall on a storage account, Azure SQL, KeyVault, or App Service
  • implement Service Endpoints
  • implement DDoS

Configure advanced security for compute

  • configure endpoint protection
  • configure and monitor system updates for VMs
  • configure authentication for Azure Container Registry

configure security for different types of containers implement vulnerability management configure isolation for AKS

configure security for container registry

  • implement Azure Disk Encryption
  • configure authentication and security for Azure App Service
  • configure SSL/TLS certs
  • configure authentication for Azure Kubernetes Service
  • configure automatic updates

Manage security operations (25-30%)

Monitor security by using Azure Monitor

  • create and customize alerts
  • monitor security logs by using Azure Monitor
  • configure diagnostic logging and log retention

Monitor security by using Azure Security Center

  • evaluate vulnerability scans from Azure Security Center
  • configure Just in Time VM access by using Azure Security Center
  • configure centralized policy management by using Azure Security Center
  • configure compliance policies and evaluate for compliance by using Azure Security Center

Monitor security by using Azure Sentinel

  • create and customize alerts
  • configure data sources to Azure Sentinel
  • evaluate results from Azure Sentinel
  • configure a playbook for a security event by using Azure Sentinel

Configure security policies

  • configure security settings by using Azure Policy
  • configure security settings by using Azure Blueprint

Secure data and applications (20-25%)

Configure security for storage

  • configure access control for storage accounts

configure key management for storage accounts configure Azure AD authentication for Azure Storage configure Azure AD Domain Services authentication for Azure Files create and manage Shared Access Signatures (SAS)

  • create a shared access policy for a blob or blob container
  • configure Storage Service Encryption

Configure security for databases

  • enable database authentication
  • enable database auditing
  • configure Azure SQL Database Advanced Threat Protection
  • implement database encryption
  • implement Azure SQL Database Always Encrypted

Configure and manage Key Vault

  • manage access to Key Vault
  • manage permissions to secrets, certificates, and keys
  • configure RBAC usage in Azure Key Vault
  • manage certificates
  • manage secrets
  • configure key rotation
  • backup and restore of Key Vault items
  • No items in this section
  • Configure Azure Active Directory for workloads
    No items in this section

Warning: call_user_func_array() expects parameter 1 to be a valid callback, class 'ECA_Woo_Payment' does not have a method 'add_to_cart' in /home/cm4q69umxvgv/public_html/wp-includes/class-wp-hook.php on line 287
Course Preview
  • Price
    $995.00 $745.00
  • Duration 3 hours
  • Lessons 0
  • Enrolled 47 student
  • Access Lifetime

More Courses You Might Like

$995.00 $745.00

Microsoft Certified: Azure Security Engineer Associate

This course is designed to teach you and get you job ready in areas of security controls and threat protection; managing identity and access; and protecting data, applications, and networks in cloud and hybrid environments as part of the end-to-end infrastructure. To obtain AZ-500 certification you need to complete one exam.

$995.00 $745.00

Microsoft Certified: DevOps Engineer Expert

This is an expert level course that prepares candidates for AZ-400 certification. Azure DevOps is a people-process-technology invention which is designed to empower candidates with the know-how to combine people, processes, and technologies to continuously deliver valuable products and services that meet end-user needs and business objectives.

$745.00 $645.00

Microsoft Certified: Azure Solutions Architect Expert

This is course empowers candidates with expert level know in compute, network, storage, security, and designing solutions that run on Azure. It is for those in architect and leadership roles looking to validate expertise in cloud services.

Start Whatsapp Chat
Hello there,
Welcome to azcloudhub, I am here to make your azcloud experience better