AZ-500 Microsoft Azure Security Technologies with SIMS

• Learn the concepts and perform hands on activities needed to pass the AZ-500 exam
• Gain a tremendous amount of knowledge involving securing Microsoft Azure Services
• Get loads of hands on experience with securing Microsoft Azure Services
• Utilize hands on simulations that can be access anytime, anywhere!

We really hope you'll agree, this training is way more than the average course on Udemy!

Have access to the following:

• Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer

• Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material

• Instructor led hands on and simulations to practice that can be followed even if you have little to no experience

TOPICS COVEREDINCLUDINGHANDSONLECTUREANDPRACTICETUTORIALS:

Manage security controls for identity and access

• Manage Azure built-in role assignments

• Manage custom roles, including Azure roles and Microsoft Entra roles

• Plan Azure resources in Microsoft Entra Privileged Identity Management

• Manage Azure resources in Microsoft Entra Privileged Identity Management

• Concepts of multi-factor authentication (MFA)

• Implement multi-factor authentication (MFA) for access to Azure resources

• Concepts of Conditional Access policies in Azure

• Implement Conditional Access policies for cloud resources in Azure

Manage Microsoft Entra application access and managed identities

• Manage access to enterprise applications in Microsoft Entra ID

• Manage Microsoft Entra app registrations

• Configure app registration permission scopes

• Manage app registration permissions with roles

• Concepts of using service principals and managed identities

• Create a managed identities

• Implement a virtual machine to used with a managed identity

• Manage managed identities with resources in Azure

Manage Azure using command line tools

• Foundational concepts of using PowerShell

• Concepts of Microsoft Graph vs Traditional PowerShell

• Installing and connecting to MS Graph to support cloud services with PowerShell

• Using PowerShell with MS Graph to manage Entra ID (formerly Azure AD)

• Working with Azure Cloudshell

• Working with Azure CLI / Bash

• Installing Azure CLI on a local machine

Plan and implement security for virtual networks

• Virtual Networks, peering, Network Security Groups (NSGs), and VPN gateways

• Create a virtual machine for use in hands on

• Plan and implement Virtual Networks

• Plan and implement Virtual Network peering

• Plan and implement user-defined routes (UDRs)

• Plan & implement Network Security Groups NSGs & Application Security Group ASGs

• Plan Virtual WANs for use in Azure secure networks

• Virtual WAN SKUs

• Virtual WAN Architecture

Plan and implement security for private access to Azure resources

• Visualizing virtual network Service Endpoints and Private Endpoints

• Plan and implement virtual network Service Endpoints

• Plan and implement Private Endpoints

• Plan for Private Link services

• Plan support for Azure App Service

• Implement an Azure App Service plan

• Implement scaling for an App Service plan

• Implement an Azure App Service

• Plan and implement network integration for Azure App Service

• Plan and implement network security configurations for an Azure App Service

• Removing App Services that we no longer need

• Concepts of the Azure SQL family, including Azure SQL Managed Instance

Plan and implement security for public access to Azure resources

• Create and configure Azure Firewall

• Direct traffic through the Azure Firewall

• Create and configure Azure Firewall Manager

• Understanding Azure Application Gateway vs Azure Front Door

• Create and configure Azure Application Gateway

• Create and configure Azure Front Door and Web Application Firewall (WAF)

• Configure a resource firewall on a storage account

• Implement Azure DDoS Protection

• Deleting resources from previous lessons

Plan and implement advanced security for compute

• Plan & implement remote access to virtual machines, including Azure Bastion & JIT

• Configure Endpoint Protection for virtual machines (VMs)

• Implement and manage security updates for VMs

• Configure security for container services

• Manage access to Azure Container Registry

• Configure security for serverless compute

• Configure security for an Azure App Service

• Configure encryption at rest

• Configure encryption in transit

Plan and implement security for storage

• Creating a storage account

• Configure access control for storage accounts

• Configure storage account access keys

• Configure Azure Files identity-based authentication for SMB access

• Configure delegated access

Plan & implement security for Azure SQL Database & Azure SQL Managed Instance

• Enable a SQL Database/Server and connect with SSMS

• Configure SQL firewall settings for client connections

• Enable database authentication by using Microsoft Azure AD, part of Microsoft Entra

• Enable database auditing

• Configure dynamic masking on SQL workloads

• Implement database encryption for Azure SQL Database

• Implement network isolation for data solutions, including Synapse Analytics & Cosmos DB

Implement and manage enforcement of cloud governance policies

• Configure a custom security policy

• Create a policy initiative

• Configure security settings and auditing by using Azure Policy

• Create and configure an Azure Key Vault

• Recommend when to use a dedicated Hardware Security Module (HSM)

• Configure access to Key Vault, including vault access policies and Azure RBAC

• Manage certificates, secrets, and keys

• Configure key rotation

• Configure backup and recovery of certificates, secrets, and keys

Manage security posture by using Microsoft Defender for Cloud

• Identify the basic concepts of Microsoft Defender for Cloud

• Exploring the Microsoft Defender for Cloud dashboard

• Assess & manage compliance standards & security frameworks in Defender for Cloud

• Identify & remediate security risks by using the Defender for Cloud Secure Score

• Connect hybrid cloud and multi-cloud environments to MS Defender for Cloud

• Implement and use Microsoft Defender External Attack Surface Management (EASM)

Configure and manage threat protection by using Microsoft Defender for Cloud

• Configure Microsoft Defender for Servers (not including Microsoft Defender for Endpoint)

• Evaluate for vulnerabilities using Microsoft Defender for Cloud

• Configure Microsoft Defender for SQL

Configure and manage security monitoring and automation solutions

• Create and customize alert rules by using Azure Monitor

• Configure diagnostic logging and log retention by using Azure Monitor

• Understanding Microsoft Sentinel

• Configure a log analytics workspace for using Microsoft Sentinel

• Configure Sentinel log types, log retention and data storage

• Plan for data sources with Microsoft Sentinel

• Configure data connectors in Microsoft Sentinel

• Plan for analytics rules in Microsoft Sentinel

• Enable analytics rules in Microsoft Sentinel

• Plan for supporting automation in Microsoft Sentinel

• Configure automation in Microsoft Sentinel

Finishing Up

• Where do I go from here?