AZ-500: Microsoft Azure Security Technologies

Log in to Enroll

Summary

  • intermediate
  • azure
  • azure-monitor
  • azure-active-directory
  • azure-key-vault
  • azure-policy
  • azure-virtual-network
  • Candidates for this exam are Microsoft Azure security engineers who implement security controls, maintain the security posture, manage identity and access, and protect data, applications, and networks. Candidates identify and remediate vulnerabilities by using a variety of security tools, implement threat protection, and respond to security incident escalations. As a Microsoft Azure security engineer, candidates often serve as part of a larger team dedicated to cloud-based management and security and may also secure hybrid environments as part of an end-to-end infrastructure.Candidates for this exam should have strong skills in scripting and automation; a deep understanding of networking, virtualization, and cloud N-tier architecture; and a strong familiarity with cloud capabilities, Microsoft Azure products and services, and other Microsoft products and services.

Learning paths

4 hr 16 min
Learn how to secure resources using policy, role-based access control, and other Azure services

Modules in this learning path

  • Security, responsibility, and trust in Azure
    11 Units
    1 hr 16 min

    Discuss the basic concepts for protecting your infrastructure and data when you work in the cloud. Understand what responsibilities are yours and what Azure takes care of for you.

  • Apply and monitor infrastructure standards with Azure Policy
    8 Units
    46 min

    Learn about governance and management in Azure services.

  • Control and organize Azure resources with Azure Resource Manager
    8 Units
    46 min

    Use Azure Resource Manager to organize resources, enforce standards, and protect critical assets from deletion.

  • Secure your Azure resources with role-based access control (RBAC)
    8 Units
    37 min

    Learn how to use RBAC to manage access to resources in Azure.

  • Manage access to an Azure subscription with Azure role-based access control (RBAC)
    5 Units
    21 min

    To grant access to a subscription, identify the appropriate role to assign to an employee. Understand when you might need to temporarily elevate your own access to regain access to a subscription.

  • Create custom roles for Azure resources with role-based access control (RBAC)
    6 Units
    30 min

    Understand the structure of role definitions for access control. Identify the role properties to use that define your custom role permissions. Create a custom Azure role and assign to a user.

  • Protect against security threats on Azure
    8 Units
    23 min

    Learn how Azure can help you protect the workloads you run both in the cloud and in your on-premises datacenter.

  • Build a cloud governance strategy on Azure
    12 Units
    48 min

    Learn how to access policies, resource locks, and tags, as well as how Azure services such as Azure Policy and Azure Blueprints can help you build a comprehensive cloud governance strategy.

6 hr 49 min
Learn how to configure security policies and manage security alerts with the tools and services in Azure.

Modules in this learning path

  • Security, responsibility, and trust in Azure
    11 Units
    1 hr 16 min

    Discuss the basic concepts for protecting your infrastructure and data when you work in the cloud. Understand what responsibilities are yours and what Azure takes care of for you.

  • Create security baselines
    11 Units
    1 hr 0 min

    Create security baselines

  • Identify security threats with Azure Security Center
    7 Units
    43 min

    In this module, you’ll discover how to detect and respond to threats with Azure Security Center.

  • Resolve security threats with Azure Security Center
    7 Units
    44 min

    In this module, you’ll use the alert capabilities of Azure Security Center to watch for and respond to threats.

  • Protect your servers and VMs from brute-force and malware attacks with Azure Security Center
    6 Units
    44 min

    In this module, you’ll discover how to protect VMs and servers with Azure Security Center

  • Analyze your Azure infrastructure by using Azure Monitor logs
    5 Units
    34 min

    Use Azure Monitor logs to extract valuable information about your infrastructure from log data.

  • Improve incident response with alerting on Azure
    9 Units
    53 min

    Respond to incidents and activities in your infrastructure through alerting capabilities in Azure Monitor.

  • Capture Web Application Logs with App Service Diagnostics Logging
    8 Units
    55 min

    Use application logs in Azure Web Apps to help debug web app code.

  • Protect against security threats on Azure
    8 Units
    23 min

    Learn how Azure can help you protect the workloads you run both in the cloud and in your on-premises datacenter.

5 hr 25 min
Learn how to work with subscriptions, users, and groups by configuring Microsoft Azure Active Directory for workloads.

Modules in this learning path

  • Manage device identity with Azure AD join and Enterprise State Roaming
    5 Units
    25 min

    Evaluate options to manage device identities in Azure AD. Allow users to join devices in Azure AD. Require devices to be marked as compliant. Enable Enterprise State Roaming.

  • Add custom domain name to Azure Active Directory
    5 Units
    18 min

    Add your custom domain to Azure Active Directory. Add DNS information to the domain registrar. Verify your custom domain name in the Azure portal and set it as the primary.

  • Security, responsibility, and trust in Azure
    11 Units
    1 hr 16 min

    Discuss the basic concepts for protecting your infrastructure and data when you work in the cloud. Understand what responsibilities are yours and what Azure takes care of for you.

  • Protect against security threats on Azure
    8 Units
    23 min

    Learn how Azure can help you protect the workloads you run both in the cloud and in your on-premises datacenter.

  • Create an Azure account
    7 Units
    39 min

    The first step to using Azure is to sign up. You may sign up directly through Azure.com, with the help of a Microsoft representative, or through a partner. If you’re new to Azure, you may sign up for an Azure free account to start exploring with $200 USD free credit and free services.

  • Manage users and groups in Azure Active Directory
    7 Units
    50 min

    Manage users and groups in Azure Active Directory

  • Create Azure users and groups in Azure Active Directory
    8 Units
    41 min

    Create users in Azure Active Directory. Understand different types of groups. Create a group and add members. Manage business-to-business guest accounts.

  • Secure your application by using OpenID Connect and Azure AD
    6 Units
    50 min

    Use OpenID Connect in your application to allow users to securely sign in with Azure AD identities.

  • Secure Azure Active Directory users with Multi-Factor Authentication
    6 Units
    38 min

    Learn how to use multi-factor authentication with Azure AD to harden your user accounts.

  • Allow users to reset their password with Azure Active Directory self-service password reset
    6 Units
    31 min

    Evaluate self-service password reset to allow users in your organization to reset their passwords or unlock their accounts. Set up, configure, and test self-service password reset.

5 hr 27 min
Learn how to configure, protect, and isolate your networks in Azure.

Modules in this learning path

  • Security, responsibility, and trust in Azure
    11 Units
    1 hr 16 min

    Discuss the basic concepts for protecting your infrastructure and data when you work in the cloud. Understand what responsibilities are yours and what Azure takes care of for you.

  • Secure network connectivity on Azure
    9 Units
    32 min

    Learn about the various Azure services you can use to help ensure that your network is safe, secure, and trusted.

  • Configure the network for your virtual machines
    8 Units
    1 hr 34 min

    Learn how to configure networking in a secure way for your Azure virtual machines.

  • Secure and isolate access to Azure resources by using network security groups and service endpoints
    6 Units
    43 min

    Network security groups and service endpoints help you secure your virtual machines and Azure services from unauthorized network access.

  • Encrypt network traffic end to end with Azure Application Gateway
    7 Units
    1 hr 17 min

    Secure the traffic from your users all the way to your web servers by enabling TLS encryption on Application Gateway.

  • Monitor and troubleshoot your end-to-end Azure network infrastructure by using network monitoring tools
    6 Units
    37 min

    Use Network Watcher tools, diagnostics, and logs to help find and fix networking issues in your Azure infrastructure.

5 hr 36 min
Learn how to secure your Azure apps and associated data with encryption, certificates, and policy.

Modules in this learning path

  • Top 5 security items to consider before pushing to production
    7 Units
    45 min

    Secure your web applications on Azure and protect your apps against the most common and dangerous web application attacks.

  • Secure an ASP.NET Core web app with the Identity framework
    8 Units
    1 hr 8 min

    Add authentication and authorization to an ASP.NET Core web app using the Identity framework.

  • Design for security in Azure
    8 Units
    1 hr 2 min

    Learn how to incorporate security into your architecture design, and discover the tools that Azure provides to help you create a secure environment through all the layers of your architecture.

  • Create security baselines
    11 Units
    1 hr 0 min

    Create security baselines

  • Microsoft Azure Well-Architected Framework – Security
    8 Units
    1 hr 2 min

    Discover the tools that Azure provides to help you design a secure environment throughout your infrastructure, data, network, and applications.

  • Manage secrets in your server apps with Azure Key Vault
    7 Units
    46 min

    Your application requires service passwords, connection strings, and other secret configuration values to do its job. Storing and handling secret values is risky, and every usage introduces the possibility of leakage. Azure Key Vault, in combination with managed identities for Azure resources, enables your Azure web app to access secret configuration values easily and securely without needing to store any secrets in your source control or configuration.

  • Control authentication for your APIs with Azure API Management
    7 Units
    55 min

    Discover how to protect your APIs from unauthorized use with API keys and client certificate authentication.

6 hr 2 min
Learn how to protect and harden your virtual machines in Azure

Modules in this learning path

  • Design for security in Azure
    8 Units
    1 hr 2 min

    Learn how to incorporate security into your architecture design, and discover the tools that Azure provides to help you create a secure environment through all the layers of your architecture.

  • Create security baselines
    11 Units
    1 hr 0 min

    Create security baselines

  • Protect your servers and VMs from brute-force and malware attacks with Azure Security Center
    6 Units
    44 min

    In this module, you’ll discover how to protect VMs and servers with Azure Security Center

  • Microsoft Azure Well-Architected Framework – Security
    8 Units
    1 hr 2 min

    Discover the tools that Azure provides to help you design a secure environment throughout your infrastructure, data, network, and applications.

  • Create a Linux virtual machine in Azure
    9 Units
    1 hr 26 min

    In this module, we discuss how to create a Linux virtual machine using the Azure portal.

  • Create a Windows virtual machine in Azure
    7 Units
    51 min

    Azure virtual machines (VMs) enable you to create dedicated compute resources in minutes that can be used just like a physical desktop or server machine.

  • Secure your Azure virtual machine disks
    8 Units
    59 min

    Use Azure Disk Encryption (ADE) to encrypt OS and data disks on existing and new VMs.