Get a Complete Understanding of Cloud Security With AZ 500 Training

Microsoft Azure is among the top three most widely used cloud computing platforms in the world. Its design infrastructure allows it to take on several customers simultaneously. It also creates a strong foundation on which enterprises can base their cloud and data security requirements. 

The AZ-500 certification for Microsoft Azure Security is an official credential and that too the most advanced one yet. This role-based certification helps users understand the functions of Microsoft Azure’s security features. For more information please visit: buy proxy

Things to Know About the AZ-500 Exam:

  • AZ-500 Training Courses – Available on several platforms
  • Number of questions – 40 to 60
  • Passing score – 70% or 700 out of 1000
  • Languages available – English, Japanese, Simplified Chinese, Korean

Who is the AZ-500 Training Course Designed For?

  • DevOps Engineers
  • Cloud Security Engineers
  • Software Engineers
  • Information Security Managers
  • Data Engineers
  • Cloud Engineers

Topics Covered Under the AZ-500 Training Course:

The qualifying exam for the Microsoft Azure Security certification takes into account a candidate’s expertise based on four foundational pillars. Microsoft lays out these pillars in its official reading material. 

DOMAIN 1 – Managing Identity and Access:

Weightage – 30% to 35%

Managing Azure Active Directory identities

  • Configuring security for service principles
  • Managing Azure AD directory groups
  • Managing Azure AD users
  • Configuring password writeback
  • Configuring authentication methods including password hash and Pass-Through Authentication (PTA), OAuth, and passwordless
  • Transfering Azure subscriptions between Azure AD tenants

Configuring secure access by using Azure AD

  • Monitoring privileged access for Azure AD Privileged Identity Management (PIM)
  • Configuring Access Reviews
  • Activating and configuring PIM
  • Implementing Conditional Access policies including Multi-Factor Authentication (MFA)
  • Configuring Azure AD identity protection (additional tip: How To: Configure the Azure MFA Authentication registration policy)

Managing application access

  • Creating App Registration
  • Configuring App Registration permission scopes
  • Managing App Registration permission consent
  • Managing API access to Azure subscriptions and resources

Managing access control

  • Configuring subscription and resource permissions
  • Configuring resource group permissions
  • Configuring custom RBAC roles
  • Identifying the appropriate role
  • Applying the principle of least privilege
  • Interpreting permissions
  • Checking access

Domain 2 – Implement Platform Protection:

Weightage – 15% to 20%

Implementing advanced network security

  • Securing the connectivity of virtual networks (VPN authentication, Express Route encryption)
  • Configuring Network Security Groups (NSGs) and Application Security Groups (ASGs)
  • Creating and configuring Azure Firewall
  • Configuring Azure Front Door service as an Application Gateway
  • Configuring a Web Application Firewall (WAF) on Azure Application Gateway
  • Configuring Azure Bastion
  • Configuring a firewall on a storage account, Azure SQL, KeyVault, or App Service
  • Implementing Service Endpoints
  • Implementing DDoS protection

Configuring advanced security for compute

  • Configuring endpoint protection
  • Configuring and monitoring system updates for VMs
  • Configuring authentication for Azure Container Registry
  • Configuring security for different types of containers
  • Implementing vulnerability management
  • Configuring isolation for AKS
  • Configuring security for container registry
  • Implementing Azure Disk Encryption
  • Configuring security and authentication for Azure App Service
  • Configuring SSL/TLS certs
  • Configuring authentication for Azure Kubernetes Service
  • Configuring automatic updates

Domain 3 – Manage Security Operations:

Weightage – 25% to 30%

Monitoring security through Azure Monitor

  • Creating and customising alerts
  • Monitoring security logs by using Azure Monitor
  • Configuring diagnostic logging and log retention

Monitoring security through Azure Security centre

  • Evaluating vulnerability scans from Azure Security Centre
  • Configuring Just in Time VM access by using Azure Security centre
  • Configuring centralised policy management by using Azure Security centre
  • Configuring compliance policies and evaluating for compliance by using Azure Security centre

Monitoring security through Azure Sentinel

  • Creating and customising alerts
  • Configuring data sources to Azure Sentinel
  • Evaluating results from Azure Sentinel
  • Configuring workflow automation by using Azure Sentinel

Configuring security policies

  • Configuring security settings by using Azure Policy
  • Configuring security settings by using Azure Blueprint
  • Configuring a playbook by using Azure Sentinel

Domain 4 – Secure Applications and Data:

Weightage – 20% to 25%

Configuring storage security

  • Configuring access control for storage accounts
  • Configuring key management for storage accounts
  • Configuring Azure AD authentication for Azure Storage
  • Configuring Azure AD Domain Services authentication for Azure Files
  • Creating and managing Shared Access Signatures (SAS)
  • Creating a shared access policy for blob or a blob container
  • Configuring Storage Service Encryption

Configuring database security

  • Enabling database authentication
  • Enabling database auditing
  • Configuring Azure SQL Database Advanced Threat Protection
  • Implementing database encryption
  • Implementing Azure SQL Database Always Encrypted (Configure using SQL Server Management Studio, or PowerShell)

Configuring and managing Key Vault

  • Managing access to Key Vault
  • Managing permissions to secrets, certificates, and keys
  • Configuring RBAC usage in Azure Key Vault
  • Managing certificates
  • Managing secrets
  • Configuring key rotation
  • Backing up and restoring of Key Vault items

If you are looking for a new certification that will future-proof your career and expand your earning opportunities, enrol in an AZ-500 training course today.

Total Views: 109 ,
By Cary Grant

Leave a Reply

Your email address will not be published.

Related Posts