Microsoft Azure Security Technologies (AZ-500)


Course Number: MOC-AZ-500

Duration: 5 days (32.5 hours)

Format: Live, hands-on

Azure Training Overview

This Microsoft Azure Security Technologies training (AZ-500) teaches attendees how to implement security controls, maintain security posture, and identify and remediate vulnerabilities by using a variety of security tools. This Azure course covers scripting and automation, virtualization, and cloud N-tier architecture. This course prepares students for the AZ-500 exam for which every attendee receives a voucher.

If you missed our free, live Azure Security webinar, you can still view the recording here.

Location and Pricing

Accelebrate offers instructor-led enterprise training for groups of 3 or more online or at your site. Most Accelebrate classes can be flexibly scheduled for your group, including delivery in half-day segments across a week or set of weeks. To receive a customized proposal and price quote for private corporate training on-site or online, please contact us.

In addition, some Microsoft courses are available as live, online classes for individuals.

Objectives

  • Configure Azure AD and Azure AD Domain Services for security
  • Deploy Azure AD Connect
  • Deploy and configure Identity Protection
  • Describe Zero Trust and how it impacts security
  • Create Azure policies to protect your solutions
  • Secure your solutions using firewalls and VPNs
  • Deploy and configure network security groups to protect your Azure solutions
  • Practice layered security by reviewing and implementing Security Center and Security Benchmarks
  • Configure security settings for containers and Kubernetes services
  • Deploy and configure Azure Key Vault
  • Register an application in Azure using app registration
  • Configure Azure Storage access in a secure and managed way
  • Encrypt and protect your data while it is stored in the database
  • Configure and monitor Azure Monitor
  • Configure Azure Security Center based on your security posture
  • Connect data to Azure Sentinel, like Azure Logs, Azure AD, and others

Prerequisites

Students must have knowledge of:

  • Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model.
  • Security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods.
  • Deploying Azure workloads. This course does not cover the basics of Azure administration, instead, the course content builds on that knowledge by adding security-specific information.
  • Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI.

Outline

Expand All | Collapse All

Introduction
Secure Azure Solutions with Azure Active Directory
  • Explore Azure Active Directory features
  • Compare Azure AD vs Active Directory Domain Services
  • Investigate roles in Azure AD
  • Deploy Azure AD Domain Services
  • Create and manage Azure AD users
  • Manage users with Azure AD groups
  • Configure Azure AD administrative units
  • Implement passwordless authentication
Implement Hybrid Identity
  • Deploy Azure AD connect
  • Explore authentication options
  • Configure Password Hash Synchronization (PHS)
  • Implement Pass-through Authentication (PTA)
  • Deploy Federation with Azure AD
  • Explore the authentication decision tree
  • Configure password writeback
Deploy Azure AD Identity Protection
  • Explore Azure AD identity protection
  • Configure risk event detections
  • Implement user risk policy
  • Implement sign-in risk policy
  • Deploy multifactor authentication in Azure
  • Explore multifactor authentication settings
  • Enable multifactor authentication
  • Implement Azure AD conditional access
  • Configure conditional access conditions
  • Implement access reviews
Configure Azure AD Privileged Identity Management
  • Explore the zero-trust model
  • Review the evolution of identity management
  • Deploy Azure AD privileged identity management
  • Configure privileged identity management scope
  • Implement privileged identity management onboarding
  • Explore privileged identity management configuration settings
  • Implement a privileged identity management workflow
Design an Enterprise Governance Strategy
  • Review the shared responsibility model
  • Explore the Azure cloud security advantages
  • Review Azure hierarchy of systems
  • Configure Azure policies
  • Enable Azure role-based access control (RBAC)
  • Compare and contrast Azure RBAC vs Azure policies
  • Configure built-in roles
  • Enable resource locks
  • Deploy Azure blueprints
  • Design an Azure subscription management plan
Implement Perimeter Security
  • Define defense in depth
  • Explore virtual network security
  • Enable Distributed Denial of Service (DDoS) Protection
  • Configure a distributed denial of service protection implementation
  • Explore Azure Firewall features
  • Deploy an Azure Firewall implementation
  • Configure VPN forced tunneling
  • Create User Defined Routes and Network Virtual Appliances
  • Explore hub and spoke topology
Configure Network Security
  • Explore Network Security Groups (NSG)
  • Deploy a Network Security Groups implementation
  • Create Application Security Groups
  • Enable service endpoints
  • Configure service endpoint services
  • Deploy private links
  • Implement an Azure application gateway
  • Deploy a web application firewall
  • Configure and manage Azure front door
  • Review ExpressRoute
Configure and Manage Host Security
  • Enable endpoint protection
  • Define a privileged access device strategy
  • Deploy privileged access workstations
  • Create virtual machine templates
  • Enable and secure remote access management
  • Configure update management
  • Deploy disk encryption
  • Deploy and configure Windows Defender
  • Explore Microsoft Defender for Cloud recommendations
  • Secure Azure workloads with Azure Security Benchmark
Enable Containers Security
  • Explore containers
  • Configure Azure Container Instances security​
  • Manage security for Azure Container Instances (ACI)​
  • Explore the Azure Container Registry (ACR)
  • Enable Azure Container Registry authentication
  • Review Azure Kubernetes Service (AKS)
  • Implement an Azure Kubernetes Service architecture​
  • Configure Azure Kubernetes Service networking​
  • Deploy Azure Kubernetes Service storage
  • Secure authentication to Azure Kubernetes Service with Active Directory​
  • Manage access to Azure Kubernetes Service using Azure role-based access controls
Deploy and Secure Azure Key Vault
  • Explore Azure Key Vault
  • Configure Key Vault access
  • Review a secure Key Vault example
  • Deploy and manage Key Vault certificates
  • Create Key Vault keys
  • Manage customer-managed keys
  • Enable Key Vault secrets
  • Configure key rotation
  • Manage Key Vault safety and recovery features
  • Perform Try-This exercises
  • Explore the Azure Hardware Security Module
Configure Application Security Features
  • Review the Microsoft identity platform
  • Explore Azure AD application scenarios
  • Register an application with App Registration
  • Configure Microsoft Graph permissions
  • Enable managed identities
  • Deploy web app certificates
Implement Storage Security
  • Define data sovereignty
  • Configure Azure storage access
  • Deploy shared access signatures
  • Manage Azure AD storage authentication
  • Implement storage service encryption
  • Configure blob data retention policies
  • Configure Azure files authentication​
  • Enable the secure transfer of required​ property
Configure and Manage SQL Database Security
  • Enable SQL database authentication
  • Configure SQL database firewalls
  • Enable and monitor database auditing
  • Implement data discovery and classification​
  • Explore vulnerability assessment​
  • Enable Defender for SQL (advanced threat protection)
  • Configure dynamic data masking
  • Implement transparent data encryption​
  • Deploy always encrypted​ features
  • Deploy an always-encrypted implementation
Configure and Manage Azure Monitor
  • Explore Azure Monitor
  • Configure and monitor metrics and logs
  • Enable Log Analytics
  • Manage connected sources for log analytics
  • Enable Azure monitor Alerts
  • Configure properties for diagnostic logging
Enable and Manage Microsoft Defender for Cloud
  • Review the cyber kill chain
  • Implement Microsoft Defender for Cloud
  • Configure security center policies
  • Manage and implement security center recommendations
  • Explore secure score
  • Deploy Microsoft Defender for Cloud
  • Define brute force attacks
  • Implement Just-in-time VM access
Configure and Monitor Microsoft Sentinel
  • Enable Microsoft Sentinel
  • Configure data connections to Sentinel
  • Create workbooks to explore Sentinel data
  • Enable rules to create incidents
  • Configure playbooks
  • Hunt and investigate potential breaches
Conclusion

Training Materials

All Microsoft training students receive Microsoft official courseware.

For all Microsoft Official Courses taught in their entirety that have a corresponding certification exam, an exam voucher is included for each participant.

Software Requirements

Attendees will not need to install any software on their computer for this class. The class will be conducted in a remote environment that Accelebrate will provide; students will only need a local computer with a web browser and a stable Internet connection. Any recent version of Microsoft Edge, Mozilla Firefox, or Google Chrome will be fine.



Learn faster

Our live, instructor-led lectures are far more effective than pre-recorded classes

Satisfaction guarantee

If your team is not 100% satisfied with your training, we do what's necessary to make it right

Learn online from anywhere

Whether you are at home or in the office, we make learning interactive and engaging

Multiple Payment Options

We accept check, ACH/EFT, major credit cards, and most purchase orders



Recent Training Locations

Alabama

Birmingham

Huntsville

Montgomery

Alaska

Anchorage

Arizona

Phoenix

Tucson

Arkansas

Fayetteville

Little Rock

California

Los Angeles

Oakland

Orange County

Sacramento

San Diego

San Francisco

San Jose

Colorado

Boulder

Colorado Springs

Denver

Connecticut

Hartford

DC

Washington

Florida

Fort Lauderdale

Jacksonville

Miami

Orlando

Tampa

Georgia

Atlanta

Augusta

Savannah

Hawaii

Honolulu

Idaho

Boise

Illinois

Chicago

Indiana

Indianapolis

Iowa

Cedar Rapids

Des Moines

Kansas

Wichita

Kentucky

Lexington

Louisville

Louisiana

New Orleans

Maine

Portland

Maryland

Annapolis

Baltimore

Frederick

Hagerstown

Massachusetts

Boston

Cambridge

Springfield

Michigan

Ann Arbor

Detroit

Grand Rapids

Minnesota

Minneapolis

Saint Paul

Mississippi

Jackson

Missouri

Kansas City

St. Louis

Nebraska

Lincoln

Omaha

Nevada

Las Vegas

Reno

New Jersey

Princeton

New Mexico

Albuquerque

New York

Albany

Buffalo

New York City

White Plains

North Carolina

Charlotte

Durham

Raleigh

Ohio

Akron

Canton

Cincinnati

Cleveland

Columbus

Dayton

Oklahoma

Oklahoma City

Tulsa

Oregon

Portland

Pennsylvania

Philadelphia

Pittsburgh

Rhode Island

Providence

South Carolina

Charleston

Columbia

Greenville

Tennessee

Knoxville

Memphis

Nashville

Texas

Austin

Dallas

El Paso

Houston

San Antonio

Utah

Salt Lake City

Virginia

Alexandria

Arlington

Norfolk

Richmond

Washington

Seattle

Tacoma

West Virginia

Charleston

Wisconsin

Madison

Milwaukee

Alberta

Calgary

Edmonton

British Columbia

Vancouver

Manitoba

Winnipeg

Nova Scotia

Halifax

Ontario

Ottawa

Toronto

Quebec

Montreal

Puerto Rico

San Juan