AZ-500 Microsoft Azure Security Exam Certification

Categories: AZ-500

Wishlist

About Course

v 3.0 – February 2022

Refreshed course with newer videos to reflect the changes in exam objectives and changes in Azure services
Added new Practice Test questions
Added Quizzes at the end of each section

v 2.0 – April 2021

Refreshed videos on various chapters which includes the following
- Role-based access control
- Azure AD Privileged Identity Management
- Conditional Access Policies
- Azure Firewall
- Azure Bastion
- Point-to-Site and Site-to-Site VPN connections
- Network Security Groups
- Update Management
- Security for Azure SQL databases – Includes Azure AD Authentication, Data masking , Always Encrypted feature
Added new videos which includes the following
- Azure AD Roles – User and Password Administrator role
- More chapters regarding aspects for Conditional Access policies
- Azure AD Applications – Delegated permissions
- Hub and Spoke Architecture using Azure Bastion, Azure Firewall and Azure VPN gateway
- Working with various new aspects in Azure Security Center
- Working with various new aspects in Azure Sentinel
- Azure Key Vault – Using RBAC access policies

v 1.1 – August 2020

Updated contents of course as per changes in objectives – 29th July 2020

This course will make students be prepared to take on the following exam

Exam AZ-500: Microsoft Azure Security Technologies

All concepts covered in this course are aligned to the following Exam Objectives

Manage identity and access
Implement platform protection
Manage security operations
Secure data and applications

There are labs that focus on various security aspects on Azure. This includes working with Azure AD, Protection for workloads on Azure that includes virtual machines, Azure SQL databases and Azure storage accounts.

Security is a very important aspect in today’s world. And this course will ensure that students are prepared when it comes to security on the Azure cloud platform.

Course Content

01 Introduction

Download Resource Files

02 Manage identity and access

Download Resource Files
001 What is Azure

02:11
002 Azure Free Account

04:33
003 Creating an Azure Free Account

03:38
004 Tour around the Azure Portal

06:01
005 Azure Active Directory

03:22
006 Azure AD in Azure Portal

03:51
007 The Azure AD tenant and the subscription

04:24
008 Security defaults

03:05
009 Lab – Creating a user in Azure AD

05:15
010 Lab – Azure AD – Creating a group

01:27
011 Lab – Creating a Microsoft 365 group

02:09
012 Lab – Dynamic Groups

04:49
013 Azure AD Custom Domains

05:42
014 Azure Active Directory licenses

04:40
015 Lab – Restoring users and groups

03:15
016 What goes into the deployment of an Azure virtual machine

03:08
017 Lab – Creating an Azure virtual machine

06:46
018 Lab – Creating an Azure storage account

02:33
019 So what is Role-based access control

01:47
020 Lab – Role-based assignments – Reader Role

05:11
021 Lab – Role-based assignments – Resource group level

02:26
022 Lab – Role-based assignments – Subscription level

02:39
023 Lab – Role-based assignments – Contributor Role

02:39
024 Lab – Role-based assignments – User Access Administrator Role

02:00
025 Lab – Creating a custom role

02:56
026 What are Azure AD Roles

02:00
027 Lab – Azure AD Roles – User Administrator

05:51
028 Azure AD Groups – Owner

03:52
029 Lab – Inviting an external user

02:50
030 Quick note on the group naming policy

02:01
031 Review on concepts

02:56
032 Application Registration

03:42
033 Lab – Application Registration – Installing the POSTMAN tool

03:04
034 Lab – Application Registration – Azure AD Application Object

08:15
035 Lab – Application Registration – Calling the Graph API

07:24
036 About Installing Visual Studio

01:35
038 Azure AD – Application Registration – Net

08:23
039 Azure AD – Sign-in and Audit logs

02:03
040 Azure AD – Enterprise Applications

08:02
041 Assigning a user to an Enterprise application

06:27
042 Enterprise Application – Important Properties

01:27
043 Enterprise Application – Self-Service

05:21
044 Managing applications in Azure AD

04:19
045 Multi-Factor Authentication

01:13
046 Lab – Multi-Factor Authentication

04:52
047 Lab – Multi-Factor Authentication – Settings

07:00
048 Conditional Access Policies

01:00
049 Lab – Conditional Access Policies

07:28
050 Lab – Conditional Access Policy – Report only

02:29
051 Lab – Conditional Access Policy – Locations

04:24
052 Lab – Conditional Access Policy – Include-Exclude groups

04:01
053 Lab – Conditional Access Policy – Multiple policies

03:54
054 What is Azure AD Identity Protection

01:39
055 What is Azure AD Identity Protection – Important aspects

03:44
056 Quick Look at Azure AD Identity Protection

03:26
057 What are Access Reviews

01:37
058 Access Reviews – License requirement

01:52
059 Lab – Setting up the Access Review

09:59
060 Lab – Access Review – Self Review

03:26
061 Azure AD Privileged Identity Management

04:46
062 What is Privileged Identity Management

01:21
063 Azure AD Privileged Identity Management – Azure AD Roles

08:33
064 Azure AD Privileged Identity Management – Azure Resources

02:28
065 Azure AD Privileged Identity Management – Access Reviews

01:21
066 Administrative Units

01:50
067 Lab – Administrative Units_part1

05:23
067 Lab – Administrative Units_part2

05:23
068 What is Azure AD Connect

10:26
070 Active Directory Implementation – Part 1

07:49
071 Active Directory Implementation – Part 2

07:37
072 Lab – Azure AD Connect – Installation

09:14
073 Going through the Azure AD Connect settings

06:35
074 Lab – Azure AD Connect – Pass-through Authentication

07:35
075 Azure AD Connect – Password writeback

02:29
076 Azure AD Connect – User properties

01:24
077 Lab – Azure AD – Passwordless sign-in

08:07
078 Azure AD Password Protection

04:20

03 Implement platform protection

Download Resource Files
001 Review of virtual networks and machines

03:23
002 Setting up Azure Cloud Shell

03:30
003 Azure virtual machine security overview

02:28
004 Network Security Groups

03:52
005 Lab – Network Security Groups

07:39
006 Lab – NSG – Modifying the RDP Rule

03:57
007 Lab – Network Security Groups – Priority setting

05:25
008 Lab – Network Security Groups – Other considerations

07:06
009 Lab – Network Security Groups – Communication within network

06:12
010 Lab – Network Security Groups – Subnet Considerations

06:12
011 Application Security Groups

04:35
012 Lab – Application Security Groups – Setup_part1

05:33
012 Lab – Application Security Groups – Setup_part2

05:33
013 Lab – Application Security Groups – Implementation

08:52
014 The Azure Application Gateway Service

07:38
015 Lab – Azure Application Gateway – URL Routing – Setup

10:16
016 Lab – Azure Application Gateway – URL Routing – Implementation

12:59
017 Azure Front Door

03:05
018 Lab – Azure Front Door – Setup

04:48
019 Lab – Azure Front Door – Implementation

06:12
020 Difference between Azure Front Door and Application gateway

04:15
021 Virtual Network Peering

02:02
022 Virtual Networking Peering – Setup

05:37
023 Lab – Virtual Networking Peering – Implementation

07:55
024 Point to Site VPN Connection

03:39
025 Lab – Point-to-Site VPN – Initial Setup

04:10
026 Lab – Point-to-Site VPN – Setting the gateway

09:15
027 Lab – Point-to-Site VPN – Certificates for authentication

07:33
029 Lab – Point-to-Site VPN – Establishing the connection

07:29
031 Site-to-Site VPN Connection

02:25
032 Lab – Site-to-Site VPN – Setup

07:45
033 Lab – Site-to-Site VPN – Connection

07:08
034 Lab – Site-to-Site VPN – Peering

06:33
036 User Defined Routes

02:10
037 User Defined Routes – What are we going to do

01:09
038 Lab – User Defined Routes – Setup

06:18
039 Lab – User Defined Routes – Route Table

05:23
040 Lab – User Defined Routes – Enable forwarding

04:54
041 Azure Bastion service

02:53
042 Lab – Azure Bastion service

08:38
043 What is the Azure Firewall service

04:31
044 Lab – Azure Firewall – Deployment

06:40
045 Lab – Azure Firewall – NAT Rules

06:47
046 Lab – Azure Firewall – Routing traffic through the firewall

05:15
047 Lab – Azure Firewall – Application rules

02:34
048 Hub and Spoke Architecture

03:23
049 Lab – Hub-Spoke Architecture – Setting up the hub network

06:57
050 Lab – Hub-Spoke Architecture – Setting our VPN Connection

05:48
051 Lab – Hub-Spoke Architecture – Using Azure Bastion Host

04:02
052 Lab – Hub-Spoke Architecture – Routing traffic via the Firewall

05:52
053 Lab – Hub-Spoke Architecture – Using Firewall Manager

03:38
054 Lab – Microsoft IaaS Antimalware extension

02:56
055 Update Management for Azure Virtual Machines

03:04
056 Lab – Update Management – Environment Setup

08:07
057 Lab – Update Management – Implementation_part1

04:47
057 Lab – Update Management – Implementation_part2

04:47
058 Update Management – Dynamic Groups

01:57
059 Quick overview on Containers

04:45
060 Lab – Deploying Docker on a Linux virtual machine

04:12
061 Lab – Deploying and running a container

10:55
063 Lab – Azure Container Registry

07:20
065 Lab – Azure Container Instance

05:47
066 Lab – Azure Container Instance – Service principal

08:00
068 Content Trust

03:27
069 Quick note on Microsoft Defender for Cloud – Containers

05:05
070 Azure Container Groups

01:46
071 Lab – Azure Container Groups

03:08
073 Note on Azure Container variables

01:23
074 Primer on Azure Kubernetes

01:01
075 Lab – Deploying Azure Kubernetes and the application

06:06
076 Quick note on Azure DDoS protection

01:32
077 What we have not covered in this section

01:11

04 Manage security operations

Download Resource Files
001 What is the Azure Monitor Service

02:46
002 Quick look at Azure Monitor

03:00
003 Lab – Azure Monitor – Alerts

06:20
005 What is a Log Analytics Workspace

01:34
006 Lab – Creating a Log Analytics workspace

02:16
007 Lab – Connecting virtual machine to the workspace

06:12
008 Lab – Log Analytics Queries

05:17
010 Lab – Sending custom logs

04:41
011 Log Analytics – Alerts

01:31
012 Log Analytics workspace – Template deployment

06:17
013 What is the Azure Policy service

01:29
014 Lab – Azure Policy

06:24
015 Lab – Azure Policy – Remediation

04:32
016 Management Groups

03:20
017 Working with Management Groups

03:20
018 Lab – Azure resource locks

04:24
019 Azure Blueprints

05:17
020 Lab – Working with Azure Blueprints

09:14
021 Lab – Azure Blueprints – Resource Locks

04:24
022 Quick Note on Microsoft Defender for Cloud

01:47
023 Our first look at Microsoft Defender for Cloud

03:22
024 Microsoft Defender – Mitigating our first security recommendations

06:49
025 Microsoft Defender – Onboarding a subscription

03:52
026 Microsoft Defender – Azure Security Benchmark

01:16
027 Microsoft Defender – Regulatory compliance

02:47
028 Microsoft Defender – Continuous Recommendations

03:22
029 Microsoft Defender – Enabling Enhanced Security

01:31
030 Microsoft Defender – Vulnerability Assessment

06:23
031 Microsoft Defender – Just-in-Time VM Access

03:07
032 Microsoft Defender – Just-in-Time VM Access – Implementation

05:07
033 Microsoft Defender – Just-in-Time VM Access – Custom Role

05:37
035 Microsoft Defender – Deploying the Log Analytics agent

04:05
036 Microsoft Defender – Collecting event data

05:33
037 Microsoft Defender – Inventory

02:25
038 Microsoft Defender – Workload Protection

06:22
039 Microsoft Defender – Custom Initiatives

05:04
040 Microsoft Defender – Security Alerts

04:47
041 Microsoft Defender – Workflow Automation

08:03
042 What is Microsoft Sentinel

01:50
043 Lab – Microsoft Sentinel – Creating a workspace

03:05
044 Lab – Microsoft Sentinel – Azure Activity Connector

09:02
045 Lab – Microsoft Sentinel – Azure AD Connector

03:05
046 Lab – Microsoft Sentinel – Windows Security Events Connector

03:18
047 Lab – Microsoft Sentinel – Azure Firewall Connector

01:47
048 Log Analytics – Exploring the Azure Activity table

05:10
049 Log Analytics – Get Schema

04:54
050 Log Analytics – Getting data based on time

04:47
051 Log Analytics – Filtering for data

05:06
052 Log Analytics – Summarizing data

04:51
053 Log Analytics – Projection and Dynamic data types

07:13
055 Log Analytics – Exploring the Sign-in logs table

02:49
056 Log Analytics – Exploring the Firewall logs table

08:59
057 Log Analytics – Exploring the Security Events table

05:02
059 Microsoft Sentinel – Creating a scheduled query rule

11:06
060 Microsoft Sentinel – Working with Incidents

05:57
061 Microsoft Sentinel – Working with Entities

05:41
062 Microsoft Sentinel – Hunting for issues

03:11
063 Microsoft Sentinel – Playbooks

05:45
064 Microsoft Sentinel – Note on the common event format

02:04
065 Microsoft Sentinel – Review of important points

02:41

05 Secure data and applications

Download Resource Files
001 The Azure Key vault service

02:06
002 Lab – Azure Key Vault

02:18
003 Lab – Azure Key vault – Secrets_part1

05:58
003 Lab – Azure Key vault – Secrets_part2

05:58
004 Azure Key vault – Soft Delete Feature

05:03
005 Lab – Azure Key Vault – Access policies vs Role-based

09:44
006 Lab – Azure Key Vault – RBAC access policies

06:13
007 Lab – Azure Key Vault – ARM Templates

07:14
008 Lab – Azure Key Vault – Backup

04:39
009 Service Endpoints

02:09
010 Lab – Azure Key Vault – Service endpoint_part1

06:06
010 Lab – Azure Key Vault – Service endpoint_part2

06:06
011 Encryption at rest and transit

05:23
012 Server-side encryption of Azure Disk Storage

03:09
013 Encryption with customer managed keys

06:51
014 Azure Disk Encryption

04:25
015 Azure Service Endpoint – Trusted Services

04:21
016 Note on Azure Key vault key rotation

02:31
017 Managed Service Identity

03:01
018 Lab – Managed Service Identity

07:56
019 Clarification on service principal

03:23
020 Lab – Creating an Azure SQL Database

07:36
021 Azure SQL database – Firewall settings

02:15
022 Lab – Azure AD Authentication – Azure SQL Databases

08:28
024 Azure SQL Database – Transparent Data Encryption

02:54
025 SQL Database – Always Encrypted Feature

02:32
026 Lab – SQL Database – Always Encrypted Feature

04:57
027 Lab – Azure SQL – Data Masking

05:58
029 Lab – Azure SQL Server auditing

04:56
030 Lab – Azure SQL – Vulnerability Assessment

02:58
031 Lab – Azure SQL database – Service Endpoints

05:21
032 What are Azure Storage Accounts

01:47
033 Lab – Creating a storage account

03:42
034 Azure Blob service

02:01
035 Lab – Blob service – Uploading a blob

02:56
036 Lab – Blob service – Accessing the blob

04:29
037 Azure Storage Accounts – File Service

02:07
038 Lab – Azure Storage Accounts – File Service

09:17
039 Lab – Immutable Blob storage

02:20
040 Azure Storage Accounts – Different authorization techniques

01:13
041 Lab – Azure Storage Explorer

02:38
042 Lab – Using Access keys

03:10
043 Lab – Shared Access Signatures – At the Blob level

03:17
044 Lab – Shared Access Signatures – At the Storage Account Level

04:37
045 Lab – Azure Storage Accounts – Stored Access Policy

04:37
046 Lab – Azure Storage Accounts – Active Directory Authentication

05:31
047 Azure Storage Accounts – Authorization techniques review

02:11
048 Azure Storage Account Encryption – Quick Note

01:14
049 Lab – Azure Storage – Firewall and Network settings

07:26
050 Azure AD Authentication for Azure Files – Implementation Review

07:41
052 Private Endpoints

02:52
053 Lab – Private Endpoints

08:18
054 Quick Note on CosmosDB and Synapse network settings

02:38
055 Note on Managed Identity for Function Apps

05:11
056 Deploying an Azure Web App

06:21
057 Azure Web App – Custom domains and SSL

03:44
058 Azure Web App – Other security aspects

02:28

06 Practice Section

Student Ratings & Reviews

No Review Yet

About Course

What Will You Learn?

Course Content

01 Introduction

Download Resource Files

02 Manage identity and access

Download Resource Files

001 What is Azure

002 Azure Free Account

003 Creating an Azure Free Account

004 Tour around the Azure Portal

005 Azure Active Directory

006 Azure AD in Azure Portal

007 The Azure AD tenant and the subscription

008 Security defaults

009 Lab – Creating a user in Azure AD

010 Lab – Azure AD – Creating a group

011 Lab – Creating a Microsoft 365 group

012 Lab – Dynamic Groups

013 Azure AD Custom Domains

014 Azure Active Directory licenses

015 Lab – Restoring users and groups

016 What goes into the deployment of an Azure virtual machine

017 Lab – Creating an Azure virtual machine

018 Lab – Creating an Azure storage account

019 So what is Role-based access control

020 Lab – Role-based assignments – Reader Role

021 Lab – Role-based assignments – Resource group level

022 Lab – Role-based assignments – Subscription level

023 Lab – Role-based assignments – Contributor Role

024 Lab – Role-based assignments – User Access Administrator Role

025 Lab – Creating a custom role

026 What are Azure AD Roles

027 Lab – Azure AD Roles – User Administrator

028 Azure AD Groups – Owner

029 Lab – Inviting an external user

030 Quick note on the group naming policy

031 Review on concepts

032 Application Registration

033 Lab – Application Registration – Installing the POSTMAN tool

034 Lab – Application Registration – Azure AD Application Object

035 Lab – Application Registration – Calling the Graph API

036 About Installing Visual Studio

038 Azure AD – Application Registration – Net

039 Azure AD – Sign-in and Audit logs

040 Azure AD – Enterprise Applications

041 Assigning a user to an Enterprise application

042 Enterprise Application – Important Properties

043 Enterprise Application – Self-Service

044 Managing applications in Azure AD

045 Multi-Factor Authentication

046 Lab – Multi-Factor Authentication

047 Lab – Multi-Factor Authentication – Settings

048 Conditional Access Policies

049 Lab – Conditional Access Policies

050 Lab – Conditional Access Policy – Report only

051 Lab – Conditional Access Policy – Locations

052 Lab – Conditional Access Policy – Include-Exclude groups

053 Lab – Conditional Access Policy – Multiple policies

054 What is Azure AD Identity Protection

055 What is Azure AD Identity Protection – Important aspects

056 Quick Look at Azure AD Identity Protection

057 What are Access Reviews

058 Access Reviews – License requirement

059 Lab – Setting up the Access Review

060 Lab – Access Review – Self Review

061 Azure AD Privileged Identity Management

062 What is Privileged Identity Management

063 Azure AD Privileged Identity Management – Azure AD Roles

064 Azure AD Privileged Identity Management – Azure Resources

065 Azure AD Privileged Identity Management – Access Reviews

066 Administrative Units

067 Lab – Administrative Units_part1

067 Lab – Administrative Units_part2

068 What is Azure AD Connect

070 Active Directory Implementation – Part 1

071 Active Directory Implementation – Part 2

072 Lab – Azure AD Connect – Installation

073 Going through the Azure AD Connect settings

074 Lab – Azure AD Connect – Pass-through Authentication