MICROSOFT AZURE SECURITY ENGINEER – AZ-500
The Microsoft Azure Security Engineer certification exam, coded as AZ-500, is part of the Microsoft Certified: Azure Security Engineer Associate certification track. Passing this exam validates your skills and knowledge in securing Microsoft Azure environments and resources.Achieving the Microsoft Azure Security Engineer Associate certification demonstrates your expertise in securing Azure environments and resources. It is valuable for professionals looking to advance their career in cloud security and work on Azure-related security projects.
MICROSOFT AZURE SECURITY ENGINEER – AZ-500 TRAINING IN PUNE | ONLINE
Manage identity and access
Manage identities in Azure AD
– Secure users in Azure AD
– Secure directory groups in Azure AD
– Recommend when to use external identities
– Secure external identities
– Implement Azure AD Identity Protection
Manage authentication by using Azure AD
– Configure Microsoft Entra Verified ID
– Implement multi-factor authentication (MFA)
– Implement passwordless authentication
– Implement password protection
– Implement single sign-on (SSO)
– Integrate single sign on (SSO) and identity providers
– Recommend and enforce modern authentication protocols
Manage authorization by using Azure AD
– Configure Azure role permissions for management groups, subscriptions, resource groups, and resources
– Assign built-in roles in Azure AD
– Assign built-in roles in Azure
– Create and assign custom roles, including Azure roles and Azure AD roles
– Implement and manage Microsoft Entra Permissions Management
– Configure Azure AD Privileged Identity Management (PIM)
– Configure role management and access reviews by using Microsoft Entra Identity Governance
– Implement Conditional Access policies
Manage application access in Azure AD
– Manage access to enterprise applications in Azure AD, including OAuth permission grants
– Manage app registrations in Azure AD
– Configure app registration permission scopes
– Manage app registration permission consent
– Manage and use service principals
– Manage managed identities for Azure resources
– Recommend when to use and configure an Azure AD Application Proxy, including authentication
Secure networking
Plan and implement security for virtual networks
– Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs)
– Plan and implement user-defined routes (UDRs)
– Plan and implement VNET peering or VPN gateway
– Plan and implement Virtual WAN, including secured virtual hub
– Secure VPN connectivity, including point-to-site and site-to-site
– Implement encryption over ExpressRoute
– Configure firewall settings on PaaS resources
– Monitor network security by using Network Watcher, including NSG flow logging
Plan and implement security for private access to Azure resources
– Plan and implement virtual network Service Endpoints
– Plan and implement Private Endpoints
– Plan and implement Private Link services
– Plan and implement network integration for Azure App Service and Azure Functions
– Plan and implement network security configurations for an App Service Environment (ASE)
– Plan and implement network security configurations for an Azure SQL Managed
