A to Z of Azure security - Covers AZ 500, 300,103 and more
What you'll learn
- Pass the AZ 500 Microsoft Azure Security Technologies
- Create & Configure Azure Active Directory tenant and synchronise identities from On-premise AD into Azure AAD
- Implement conditional based access policies in AAD
- Implement roles based access controls, Azure policies and locks
- Implement Azure AD privilaged identity management
- Implement network security controls such as Azure Firewall, NSG, ASG and service end points
- Implement host security such as VM end point protection, update management and disk encryption
- Carry out security monitoring using Azure monitor metrics, activity logs, log analytics and alerts.
- Configure Azure storage security using SAS keys, stored access policies
- Configure basic and advanced security controls for Azure SQL database
- Configure security settings for Cosmos DB and Azure App services
- Monitor Azure resources security using Azure monitor activity logs, metrics and logs. Configure different types of alerts
- Configure Security centre coverage, data collection, recommendations, security alerts
- Configure Key Vault secrets, keys and certificates. Retrieve secrets using Azure web app.
- Basic understanding of Microsoft Azure
This single course covers all the Azure security relate skills required for Microsoft certification exams AZ 500, AZ 300, AZ 103.
Most of the fortune 500 companies are moving their on-premise workloads into Azure and it is increasingly imperative to secure the workloads in Azure. There is a great demand in job market for Azure security experts.This course is designed to build your skills in Azure security and make you an expert in the same.
This course covers Azure security skills required for Microsoft Azure certification exam AZ 500 & security skills required for all other Microsoft Azure certifications.
This course has been designed with an architectural approach. Firstly, I will take you through fundamental building blocks of Azure Security and after this introduction, I will take you through following aspects related to Azure Security.
Azure Active Directory - Introduction to Azure Active directory(AAD); Create a use and configure default user settings; Introduction to Application management and supported SSO's; Walkthrough of My Apps portal and settings; Publish an on-premise app into My Apps portal using Application proxy and configure password based SSO; Introduction to AD connect and supported topologies; Synchronise identities from on-premise AD into AAD using AD connect.
AAD conditional access and device management - Introduction to conditional based access; Configure location based conditional access; Introduction to device management; Configure device based conditional based access; Introduction to Azure AD Identity protection; Configure sign in based conditional access.
Roles Based Access Control - Introduction to role based access control; Custom role creation and assignment; Dynamic groups creation and assignment; Introduction to Azure AD App registrations; Creation of service principle and access Azure resource; Introduction to Managed Identities; Creation of managed service identity & access key vault.
Policies & Locks - Introduction to policies and locks and manage them using Azure Portal.
Azure AD Privileged identity management - Introduction to Azure PIM; Enable PIM and carry out access reviews; Protect AD & Resource roles using PIM.
Network security - Introduction to Azure Network security controls; Implement Azure firewall in Hub and Spoke model; Implement network security groups (NSGs) and Application security groups; Implement service end points and policies; Walkthrough of different options of remote access management and implement of Windows Admin Center.
Host security - Introduction to Azure IaaS best practices; Implementing Azure VM endpoint protection using Microsoft Antimalware; Implementation of update management solution; Implementation of Azure Disk Encryption.
Storage & Database security - Introduction to Azure storage security and Azure SQL database security; Generate SAS keys based on Stored Access policies and use them; Implement advanced data security capabilities such as data classification, vulnerabilities assessment, advanced threat detection and auditing; Implement always encrypted; Introduction to COSMOS DB security.
Application security - Introduction to Azure App service security; Configure authentication with AAD and SSL for Azure App service; Introduction to App service deployment options; Publish an app into Azure DevOps using Visual studio; Enable continuous integration with Azure DevOps for Azure web app.
Security monitoring - Introduction to Azure Monitor metrics, activity logs and logs; Implementation of Activity log alert and log search alerts; Implementation of log analytics workspace and feed activity logs, NSG flow logs, update management information etc; Walkthrough of different monitoring solutions such as anti malware assessment, activity log analytics, update management solution and traffic analytics.
Security centre - Introduction to Azure security centre; Implement preventive monitoring and remediation using Security Centre; Implement Just in Time access; Implement and manage security alert integration with playbook (logic app).
This course contains both theory lectures and a significant number of hands-on demos that helps you in gaining hands-on experience in hardening your workloads in Azure.
Microsoft Azure is a constantly evolving platform and I will be keep close watch on Azure announcements and add new labs wherever possible.
So, start taking this course and put yourself in high demand in the world of IT and command higher salary!!!
Who this course is for:
- Students attending AZ 500 Microsoft Azure Security Technologies
- Security Engineers
- Security administrators
- Security architects
I am a Microsoft certified architect expert in end to end Microsoft Azure, IoT and Amazon Alexa and helped different clients in designing solutions using Azure services, IoT devices and Amazon Alexa devices.
I am also a Microsoft certified security associate and helped client in implementation of Identity and access management, network security controls, cloud governance etc.
I provided Best in Class architecture and design for different technology layers as described below.
Network - Azure Virtual Network, Azure Firewall, Load balancer, Application gateway, Traffic Manager, S2S VPN, Remote access management using P2S VPN and WAC.
Applications - Azure App service web, API and mobile apps, API management, Azure notification hub
Analytics - SQL database, Data factory, Data Lake storage, Data Bricks etc.
Serverless/Integration - Azure funtions, logic apps, service bus
IoT - Azure IoT Hub, Device identities & twins, Stream Analytics
Automation - Azure PowerShell, ARM Templates, Azure Automation, Runbooks
Security - Azure AAD, B2B, B2C, Conditional access, PIM, Service Principles, Managed Identities, App registrations etc
Governance - Azure policies, Blueprints
Deployment - Terraform, Azure DevOps
Voice - Amazon Alexa B2B skills