Microsoft Azure Security Engineer Associate (AZ-500)

Are you a security engineer who wants to learn how to lock down the infrastructure and network resources running in your Azure environment? Then, Implement Platform Protection is the right course for you! Throughout this course, you will explore perimeter security, network security, and host and containers security, along with various security components, tools, solutions, deployment methods, strategies, and services for protecting your Azure environment. You’ll examine connecting networks via peering, implementing hub-and-spoke topology and distributed denial of service (DDoS ) protection, securing solutions with VPNs, traffic control with network virtual appliances (NVAs), and using Azure Web Application Firewall (WAF) to prevent attacks. Within the course, you’ll discover the ins and outs of defense in depth, endpoint protection host security, network client and server technology, privileged access, serverless compute, and virtual machines (VMs). You’ll learn how to configure, deploy, enable, and manage various security solutions, including Azure App Service, Azure Application Gateway, Azure Bastion, Azure Container Instances, Azure Container Registry, Azure Defender, Azure Disk Encryption, Azure ExpressRoute, Azure Firewall and Firewall Manager, Azure Front Door, Azure Functions, Azure Kubernetes Service, Azure Private Link, Azure Security Benchmarks, and Azure Update Management. This is the third course in a series of seven courses that will prepare you to succeed in the AZ-500: Microsoft Azure Security Technologies exam.

Capstone and Practice Exam is the seventh course in the Microsoft Azure Security Engineer Associate Professional Certificate training program. It allows you to apply the skills gained from the previous six courses and prepare for the AZ-500 exam. The course starts with a recap of courses 1 to 6, followed by a real-world capstone project. You will complete the tasks typically performed by an Azure security engineer and then submit the project for peer review. Then, you will evaluate other project submissions and discuss solutions with peers. Finally, you will take a program-level practice exam and receive guidance on enrolling in the AZ-500 Microsoft Azure security technologies exam. By the end of this course, you will be able to: - Implement multifactor authentication. - Create a resource group and a new storage account and provide access to a user. - Create a strategy for implementing Azure security using security groups. - Set up a virtual machine (VM) to host a website, allowing only HTTP and HTTPS traffic. - Enable disk encryption on the VM. - Enable database auditing for a new Azure SQL database. - Enable Microsoft Defender for Azure SQL database. - List the steps to enroll in the AZ-500 exam.

Manage Security Operations, the sixth course in the Microsoft Azure Security Engineer Associate Professional Certificate program, equips you with vital skills to protect Azure resources and data, ensuring regulatory compliance. There are various tools available to manage security operations. You will learn to configure and manage Azure Monitor. You will also learn to enable and manage Microsoft Defender for Cloud. In addition, you will configure and monitor Microsoft Sentinel. By the end of this course, you will be able to: - Configure and monitor metrics and logs in Azure Monitor. - Manage applications by using Azure Monitor Application Insights. - Create basic Azure Monitor log queries to extract information from log data. - Enable Azure Monitor alerts. - Configure properties for diagnostic logging. - Implement, configure, and deploy Microsoft Defender for Cloud. - Monitor your security status with Microsoft Defender for Cloud. - Implement just-in-time VPN access to protect against brute-force attacks.

Secure Your Data at Rest is the fifth course in the Microsoft Azure Security Engineer Associate Professional Certificate training program. This course teaches storage security, data sovereignty, database monitoring, encryption, data masking, and using Defender for Cloud for advanced threat protection. You must secure data at rest as this will safeguard sensitive information, prevent unauthorized access, meet regulatory compliance, and ensure data confidentiality and integrity. By the end of this course, you will be able to: - Deploy shared access signatures (SAS). - Generate SAS tokens. - Manage storage account access keys and key rollover. - Manage Azure Active Directory storage authentication. - Implement storage service encryption. - Configure blob data retention policies. - Configure Azure Files authentication. - Enable SQL database authentication with Azure Active Directory. - Monitor your database. - Enable and monitor database auditing. - Implement data discovery and classification. - Enable Defender for SQL for advanced threat protection. - Secure your data with dynamic data masking. - Implement transparent data encryption. - Deploy an Always Encrypted implementation.

Microsoft Azure provides a comprehensive suite of security tools and services to help you safeguard your organization's data and applications. Identity Protection and governance is the right course for you if you want to become an Azure security engineer. In this course, you will learn how to protect identities in Azure AD, the core principles of enterprise governance, and Azure role-based access control (RBAC). You will get acquainted with Conditional Access, multifactor authentication (MFA), and other capabilities. You will learn how to plan and configure privilege identity management (PIM). You will also learn how to manage, assign, activate, and approve requests for a privileged access group. You will explore how to investigate and remediate risks. This course will give you an in-depth understanding of the shared responsibility model. You will learn to create policies and configure and deploy access to services using RBAC. You will see how to configure the built-in roles in Azure to control access to Azure resources. Finally, you will learn to monitor, maintain, and protect resources. This is the second course in a series of seven courses that will prepare you to succeed in the AZ-500 exam.

Microsoft Azure provides a comprehensive suite of security tools and services to help you safeguard your organization's data and applications. Secure access with Azure Active Directory is the right course if you are interested in an IT security career and becoming an Azure security engineer. In this course, you will learn about Azure Active Directory (Azure AD) and the various roles in Azure AD. You will learn to create and manage users and groups in Azure AD and manage administrative units. The content covers adding, updating, deleting, and restoring users and managing licenses. You will also delve into Azure AD Domain Services. You will learn how to authenticate and authorize users and apps with Azure AD and password management. You will learn about multifactor and passwordless authentication. Additionally, you will learn how to implement pass-through authentication and federation with Azure AD. You will gain insight into deploying and configuring Azure AD Connect to create a hybrid identity solution for your organization. This is the first course in a series of seven courses that will prepare you to succeed in the AZ-500 exam.