Codnets-logo-No BG
Get Started
Home / Microsoft Azure Security Engineer AZ-500

Microsoft Azure Security Engineer AZ-500

The AZ-500: Microsoft Azure Security Technologies exam is designed for professionals aiming to become Microsoft Certified: Azure Security Engineer Associates. While there are no formal prerequisites to take the exam, certain foundational knowledge and experience are highly recommended to ensure success.

Recommended Prerequisites

  1. Experience with Azure Administration
    Hands-on experience in administering Azure environments is crucial. Familiarity with Azure services, networking, and security features will significantly aid in understanding the exam content.
  2. Understanding of Security Concepts
    A solid grasp of IT security principles, including identity and access management, threat protection, and data security, is essential.
  3. Familiarity with Hybrid Environments
    Knowledge of hybrid cloud environments and how Azure integrates with on-premises systems is beneficial.

What you'll learn

  • This course is designed to provide you with a comprehensive understanding of securing Microsoft Azure environments.
  • Utilizing Security services can enhance organizations’ security posture and reduce the risk of security breaches in the digital age.
  • Azure security core services and implement security controls and threat protection.
  • To protect data, applications, and networks in a cloud technology environment
  • This course is designed for professionals who want to demonstrate their skills in securing Microsoft Azure environments.
  • Upon completion of this course, you’ll not only be well-prepared for the AZ-500 exam, but you’ll also have the expertise to manage security in Azure environment

COURSE SYLLABUS

Introduction / Course Orientation
  • What being an Azure Security Engineer involves
  • Overview of Azure security tools and services
  • Pre-requisites review
Module 1: Secure Identity & Access
  • Azure / Microsoft Entra Identity concepts
  • Managing built-in and custom roles (role-based access control, custom roles) Microsoft Learn+1
  • Privileged Identity Management (PIM) for elevated roles Microsoft Learn
  • Multi-Factor Authentication (MFA), Conditional Access policies Microsoft Learn

Application access: app registrations, OAuth grants, service principals, managed identities Microsoft Learn+1

Module 2: Secure Networking
  • Designing secure virtual networks
  • NSGs, ASGs, UDRs, virtual network peering Microsoft Learn+1
  • VPNs (site-to-site / point-to-site), ExpressRoute, encryption over network links Microsoft Learn
  • Private access: service endpoints, private endpoints, Private Link, network integration for App Service, SQL Managed Instances, etc. Microsoft Learn

Public access security: firewall services (Azure Firewall, Application Gateway, Front Door, WAF), TLS implementation, DDoS Protection Microsoft Learn

Module 3: Secure Compute, Storage & Databases
  • Security for compute workloads: VMs, just-in-time access, Bastion; containers / Kubernetes security, authentication & monitoring in AKS / container apps; securing Azure Container Registry Microsoft Learn
  • Disk encryption (ADE, host encryption, confidential VMs/disks) Microsoft Learn
  • Storage security: access control, keys, soft delete, backups, versioning, immutable storage, encryption at rest, BYOK, double encryption etc. Microsoft Learn

Database security: Azure SQL / Managed Instances: TDE, Always Encrypted, dynamic data masking, auditing, authentication, etc. Microsoft Learn

Module 4: Secure Azure Operations & Governance (Defender & Sentinel)
  • Cloud governance: Azure Policy, Key Vault policies, management of secrets, certificates, keys; backup & recovery for secrets/certs/keys; asset management. Microsoft Learn
  • Defender for Cloud: secure score / posture assessments, compliance frameworks, connecting hybrid/multi-cloud, vulnerability management, workload protections (servers, storage, databases). Microsoft Learn
  • Threat protection: configuring and managing threat detection, agentless scanning, external attack surface, DevOps security integrations (GitHub, Azure DevOps, etc.). Microsoft Learn

Monitoring, alerting, and automation: Azure Monitor / data collection rules, configuring data connectors with Sentinel, alert rules and analytics, automation / orchestration of responses. Microsoft Learn

Hands-on Labs / Practice
  • Lab exercises for each major domain: e.g. setting up conditional access; configuring NSGs, private endpoints; securing storage and SQL; deploying Defender for Cloud; setting up a Sentinel workspace and data ingestion; responding to alerts
  • Scenario-based exercises: combining topics (e.g. securing a hybrid cloud scenario, remediating vulnerabilities etc.)
Exam Prep / Review
  • Sample questions by domain
  • Common pitfalls
  • Review of Microsoft’s security best practices & reference architectures
  • Time management & test-taking strategies
Microsoft Azure Security Engineer AZ-500 Certification Training Course

COURSE BRIEF

  • Course Title: Microsoft Azure Security Engineer (AZ-500)
  • Duration: 6 Weeks instructor-led Training
  • Level: Beginner to Advance Level
  • Format: Online Training with Series of Projects
  • Regular Assignments & Case Studies

SCHEDULES

  • Days: Monday – Friday
  • Duration: 1hr Everyday
  • Time: 9pm (CST)

need more information?

Contact Us
Scroll to Top