Azure Security: AZ-500 (updated January 2023)

Master Azure Security and prepare for the AZ-500 exam

Welcome to Azure Security: AZ-500 course!

What you’ll learn

  • Identify Azure data protection mechanisms.
  • Implement Azure data encryption methods.
  • Secure virtual machines.
  • Manage multi-factor authentication.
  • Manage access control.
  • Understand and manage the Azure key vault.
  • Understand and configure network security.
  • Manage the Azure firewall.
  • Understand the Azure security center.
  • And much more….

Course Content

  • Introduction –> 5 lectures • 7min.
  • Azure AD Identity Management –> 10 lectures • 36min.
  • Azure Privileged Identity Management (PIM) –> 16 lectures • 1hr 7min.
  • Azure Key Vault (AKV) –> 6 lectures • 36min.
  • Multi-Factor Authentication (MFA) –> 5 lectures • 31min.
  • App Registration –> 4 lectures • 14min.
  • Azure Policies –> 2 lectures • 16min.
  • Azure Blueprints –> 2 lectures • 15min.
  • Azure Locks –> 3 lectures • 10min.
  • Network Security –> 4 lectures • 38min.
  • Application Security Groups –> 3 lectures • 9min.
  • Remote Connectivity –> 2 lectures • 14min.
  • Just In Time Access –> 2 lectures • 7min.
  • Azure Firewall –> 3 lectures • 25min.
  • DDoS Attack Protection –> 2 lectures • 13min.
  • Understanding Azure Front Door –> 1 lecture • 3min.
  • Understanding Azure Web Application Firewall (WAF) –> 1 lecture • 3min.
  • Demo: Azure Front Door –> 1 lecture • 15min.
  • Demo: Azure Web Application Firewall (WAF) –> 1 lecture • 13min.
  • Virtual Machine Encryption and Extensions –> 3 lectures • 17min.
  • Connecting to Linux Virtual Machines –> 3 lectures • 11min.
  • Microsoft Defender for Cloud –> 8 lectures • 59min.
  • Securing SQL in Azure –> 5 lectures • 30min.
  • Azure Sentinel –> 3 lectures • 59min.

Auto Draft


Welcome to Azure Security: AZ-500 course!

In this course you will learn how to provide a high level of security to the entire Azure platform, which is currently one of the most in-demand skill sets as cyber security threats continue to rise and target cloud based resources.

Course Update:

January 2023: Microsoft Defender for Cloud updated to reflect new settings


This is a list of the skills you will acquire from this course:

Manage Azure Active Directory (Azure AD) identities

• Create and manage a managed identity for Azure resources

• Manage Azure AD groups

• Manage Azure AD users

• Manage external identities by using Azure AD

• Manage administrative units

Manage secure access by using Azure AD

• Configure Azure AD Privileged Identity Management (PIM)

• Implement Conditional Access policies, including multifactor authentication

• Implement Azure AD Identity Protection

• Implement passwordless authentication

• Configure access reviews

Manage application access

• Integrate single sign-on (SSO) and identity providers for authentication

• Create an app registration

• Configure app registration permission scopes

• Manage app registration permission consent

• Manage API permissions to Azure subscriptions and resources

• Configure an authentication method for a service principal

Manage access control

• Configure Azure role permissions for management groups, subscriptions, resource groups, and Resources

• Assign built-in Azure AD roles

• Create and assign custom roles, including Azure roles and Azure AD roles

Implement advanced network security

• Secure the connectivity of hybrid networks

• Secure the connectivity of virtual networks

• Create and configure Azure Firewall

• Create and configure Azure Firewall Manager

• Create and configure Azure Application Gateway

• Create and configure Azure Front Door

• Create and configure Web Application Firewall (WAF)

• Configure a resource firewall, including storage account, Azure SQL, Azure Key Vault, or Azure App Service

• Configure network isolation for Web Apps and Azure Functions

• Implement Azure Service Endpoints

• Implement Azure Private Endpoints, including integrating with other services

• Implement Azure Private Links

• Implement Azure DDoS Protection

Configure advanced security for compute

• Configure Endpoint Protection for virtual machines (VMs)

• Implement and manage security updates for VMs

• Configure security for container services

• Manage access to Azure Container Registry

• Configure security for serverless compute

• Configure security for an Azure App Service

• Configure encryption at rest

• Configure encryption in transit

Configure centralized policy management

• Configure a custom security policy

• Create a policy initiative

• Configure security settings and auditing by using Azure Policy

Configure and manage threat protection

• Configure Microsoft Defender for Servers

• Configure Microsoft Defender for SQL

Configure and manage security monitoring solutions

• Create and customize alert rules by using Azure Monitor

• Configure diagnostic logging and log retention by using Azure Monitor

• Monitor security logs by using Azure Monitor

• Create and customize alert rules in Microsoft Sentinel

• Configure connectors in Microsoft Sentinel

• Evaluate alerts and incidents in Microsoft Sentinel

Configure security for storage

• Configure access control for storage accounts

• Configure storage account access keys

• Configure Azure AD authentication for Azure Storage and Azure Files

• Configure delegated access

Configure security for data

• Enable database authentication by using Azure AD

• Enable database auditing

• Configure dynamic masking on SQL workloads

• Implement database encryption for Azure SQL Database

• Implement network isolation for data solutions, including Azure Synapse Analytics and Azure Cosmos DB

Configure and manage Azure Key Vault

• Create and configure Key Vault

• Configure access to Key Vault

• Manage certificates, secrets, and keys

• Configure key rotation

• Configure backup and recovery of certificates, secrets, and keys

Get Tutorial