Radical Technologies
Call :+91 8055223360

AZURE SECURITY ENGINEER ASSOCIATE

AZURE SECURITY ENGINEER ASSOCIATE ONLINE TRAINING

The Azure Security Engineer Associate certification is a credential offered by Microsoft that validates an individual’s expertise in securing Microsoft Azure cloud environments. The Azure Security Engineer Associate certification is well-suited for security professionals, cloud administrators, and Azure architects who want to specialize in securing Microsoft Azure environments. It’s a valuable credential for those working with Azure or planning to do so while focusing on security and compliance.

657 Satisfied Learners

AZURE SECURITY ENGINEER ASSOCIATE Training in Pune/ Online

Duration of Training  : 32 Hours

Batch type  :  Weekdays/Weekends

Mode of Training  :  Classroom/Online/Corporate Training

Manage identity and access

Manage identities in Azure AD

– Secure users in Azure AD
– Secure directory groups in Azure AD
– Recommend when to use external identities
– Secure external identities
– Implement Azure AD Identity Protection

Manage authentication by using Azure AD

– Configure Microsoft Entra Verified ID
– Implement multi-factor authentication (MFA)
– Implement passwordless authentication
– Implement password protection
– Implement single sign-on (SSO)
– Integrate single sign on (SSO) and identity providers
– Recommend and enforce modern authentication protocols

Manage authorization by using Azure AD

– Configure Azure role permissions for management groups, subscriptions, resource groups, and resources
– Assign built-in roles in Azure AD
– Assign built-in roles in Azure
– Create and assign custom roles, including Azure roles and Azure AD roles
– Implement and manage Microsoft Entra Permissions Management
– Configure Azure AD Privileged Identity Management (PIM)
– Configure role management and access reviews by using Microsoft Entra Identity Governance
– Implement Conditional Access policies

Manage application access in Azure AD

– Manage access to enterprise applications in Azure AD, including OAuth permission grants
– Manage app registrations in Azure AD
– Configure app registration permission scopes
– Manage app registration permission consent
– Manage and use service principals
– Manage managed identities for Azure resources
– Recommend when to use and configure an Azure AD Application Proxy, including authentication

 

Secure networking

Plan and implement security for virtual networks

– Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs)
– Plan and implement user-defined routes (UDRs)
– Plan and implement VNET peering or VPN gateway
– Plan and implement Virtual WAN, including secured virtual hub
– Secure VPN connectivity, including point-to-site and site-to-site
– Implement encryption over ExpressRoute
– Configure firewall settings on PaaS resources
– Monitor network security by using Network Watcher, including NSG flow logging

Plan and implement security for private access to Azure resources

– Plan and implement virtual network Service Endpoints
– Plan and implement Private Endpoints
– Plan and implement Private Link services
– Plan and implement network integration for Azure App Service and Azure Functions
– Plan and implement network security configurations for an App Service Environment (ASE)
– Plan and implement network security configurations for an Azure SQL Managed Instance

Plan and implement security for public access to Azure resources

– Plan and implement TLS to applications, including Azure App Service and API Management
– Plan, implement, and manage an Azure Firewall, including Azure Firewall Manager and firewall policies
– Plan and implement an Azure Application Gateway
– Plan and implement an Azure Front Door, including Content Delivery Network (CDN)
– Plan and implement a Web Application Firewall (WAF)
– Recommend when to use Azure DDoS Protection Standard

Secure compute, storage, and databases

Plan and implement advanced security for compute

– Plan and implement remote access to public endpoints, including Azure Bastion and just-in-time (JIT) VM access
– Configure network isolation for Azure Kubernetes Service (AKS)
– Secure and monitor AKS
– Configure authentication for AKS
– Configure security monitoring for Azure Container Instances (ACIs)
– Configure security monitoring for Azure Container Apps (ACAs)
– Manage access to Azure Container Registry (ACR)
– Configure disk encryption, including Azure Disk Encryption (ADE), encryption as host, and confidential disk encryption
– Recommend security configurations for Azure API Management

Plan and implement security for storage

– Configure access control for storage accounts
– Manage life cycle for storage account access keys
– Select and configure an appropriate method for access to Azure Files
– Select and configure an appropriate method for access to Azure Blob Storage
– Select and configure an appropriate method for access to Azure Tables
– Select and configure an appropriate method for access to Azure Queues
– Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage
– Configure Bring your own key (BYOK)
– Enable double encryption at the Azure Storage infrastructure level

Plan and implement security for Azure SQL Database and Azure SQL Managed Instance

– Enable database authentication by using Microsoft Azure AD
– Enable database auditing
– Identify use cases for the Microsoft Purview governance portal
– Implement data classification of sensitive information by using the Microsoft Purview governance portal
– Plan and implement dynamic masking
– Implement Transparent Database Encryption (TDE)
– Recommend when to use Azure SQL Database Always Encrypted

Manage security operations

Plan, implement, and manage governance for security

– Create, assign, and interpret security policies and initiatives in Azure Policy
– Configure security settings by using Azure Blueprint
– Deploy secure infrastructures by using a landing zone
– Create and configure an Azure Key Vault
– Recommend when to use a Dedicated HSM
– Configure access to Key Vault, including vault access policies and Azure Role Based Access Control
– Manage certificates, secrets, and keys
– Configure key rotation
– Configure backup and recovery of certificates, secrets, and keys

Manage security posture by using Microsoft Defender for Cloud

– Identify and remediate security risks by using the Microsoft Defender for Cloud Secure Score and Inventory
– Assess compliance against security frameworks and Microsoft Defender for Cloud
– Add industry and regulatory standards to Microsoft Defender for Cloud
– Add custom initiatives to Microsoft Defender for Cloud
– Connect hybrid cloud and multi-cloud environments to Microsoft Defender for Cloud
– Identify and monitor external assets by using Microsoft Defender External Attack Surface Management

Configure and manage threat protection by using Microsoft Defender for Cloud

– Enable workload protection services in Microsoft Defender for Cloud, including Microsoft Defender for Storage, Databases, Containers, App Service, Key Vault, Resource Manager, and DNS
– Configure Microsoft Defender for Servers
– Configure Microsoft Defender for Azure SQL Database
– Manage and respond to security alerts in Microsoft Defender for Cloud
– Configure workflow automation by using Microsoft Defender for Cloud
– Evaluate vulnerability scans from Microsoft Defender for Server

Configure and manage security monitoring and automation solutions

– Monitor security events by using Azure Monitor
– Configure data connectors in Microsoft Sentinel
– Create and customize analytics rules in Microsoft Sentinel
– Evaluate alerts and incidents in Microsoft Sentinel
– Configure automation in Microsoft Sentinel

Our Courses

Drop A Query

    Enquire Now











      This will close in 0 seconds

      Call Now ButtonCall Us
      Enquire Now










        X
        Enquire Now