AZ-500 Azure Security Engineer Associate Training

LU1 Manage Identity and Access

Topic 1 Secure Azure solutions with Azure Active Directory

• Explore Azure Active Directory features
• Self-managed Active Directory Domain Services, Azure Active Directory, and managed Azure Active Directory Domain Services
• Azure AD DS and self-managed AD DS
• Azure AD DS and Azure AD
• Investigate roles in Azure AD
• Azure AD built-in roles
• Deploy Azure AD Domain Services
• Create and manage Azure AD users
• Manage users with Azure AD groups
• Configure Azure AD administrative units
• Implement passwordless authentication

Topic 2 Implement Hybrid identity 

• Deploy Azure AD connect
• Explore authentication options
• Configure Password Hash Synchronization (PHS)
• Implement Pass-through Authentication (PTA)
• Deploy Federation with Azure AD
• Explore the authentication decision tree
• Configure password writeback

Topic 3 Deploy Azure AD identity protection 

• Explore Azure AD identity protection
• Configure risk event detections
• Implement user risk policy
• Implement sign-in risk policy
• Deploy multifactor authentication in Azure
• Explore multifactor authentication settings
• Enable multifactor authentication
• Implement Azure AD conditional access
• Configure conditional access conditions
• Implement access reviews

Topic 4 Configure Azure AD privileged identity management 

• Explore the zero trust model
• Review the evolution of identity management
• Deploy Azure AD privileged identity management
• Configure privileged identity management scope
• Implement privileged identity management onboarding
• Explore privileged identity management configuration settings
• Implement a privileged identity management workflow

Topci 5 Design an enterprise governance strategy 

• Review the shared responsibility model
• Explore the Azure cloud security advantages
• Review Azure hierarchy of systems
• Configure Azure policies
• Enable Azure role-based access control (RBAC)
• Compare and contrast Azure RBAC vs Azure policies
• Configure built-in roles
• Enable resource locks
• Deploy Azure blueprints
• Design an Azure subscription management plan

LU2 Implement platform protection

Topic 6 Implement perimeter security 

• Define defense in depth
• Explore virtual network security
• Enable Distributed Denial of Service (DDoS) Protection
• Configure a distributed denial of service protection implementation
• Explore Azure Firewall features
• Deploy an Azure Firewall implementation
• Configure VPN forced tunneling
• Create User Defined Routes and Network Virtual Appliances
• Explore hub and spoke topology

Topic 7 Configure network security 

• Explore Network Security Groups (NSG)
• Deploy a Network Security Groups implementation
• Create Application Security Groups
• Enable service endpoints
• Configure service endpoint services
• Deploy private links
• Implement an Azure application gateway
• Deploy a web application firewall
• Configure and manage Azure front door

Topic 8 Configure and manage host security

• Enable endpoint protection
• Define a privileged access device strategy
• Deploy privileged access workstations
• Create virtual machine templates
• Enable and secure remote access management
• Configure update management
• Deploy disk encryption
• Managed disk encryption options
• Deploy and configure Windows Defender
• Microsoft cloud security benchmark in Defender for Cloud
• Explore Microsoft Defender for Cloud recommendations

Topic 9 Enable Containers security 

• Explore containers
• Configure Azure Container Instances security
• Manage security for Azure Container Instances (ACI)
• Explore the Azure Container Registry (ACR)
• Enable Azure Container Registry authentication
• Review Azure Kubernetes Service (AKS)
• Implement an Azure Kubernetes Service architecture
• Configure Azure Kubernetes Service networking
• Deploy Azure Kubernetes Service storage
• Secure authentication to Azure Kubernetes Service with Active Directory
• Manage access to Azure Kubernetes Service using Azure role-based access controls

LU3 Secure your data and applications

Topic 10 Deploy and secure Azure Key Vault 

• Explore Azure Key Vault
• Configure Key Vault access
• Review a secure Key Vault example
• Deploy and manage Key Vault certificates
• Create Key Vault keys
• Manage customer managed keys
• Enable Key Vault secrets
• Configure key rotation
• Manage Key Vault safety and recovery features
• Perform Try-This exercises
• Explore the Azure Hardware Security Module

Topic 11 Configure application security features 

• Review the Microsoft identity platform
• Explore the Application model
• Register an application with App Registration
• Configure Microsoft Graph permissions
• Enable managed identities
• Azure App Services
• App Service Environment
• Azure App Service plan
• App Service Environment networking
• Availability Zone Support for App Service Environments
• App Service Environment Certificates

Topic 12 Implement storage security 

• Define data sovereignty
• Configure Azure storage access
• Deploy shared access signatures
• Manage Azure AD storage authentication
• Implement storage service encryption
• Configure blob data retention policies
• Configure Azure files authentication
• Enable the secure transfer required property

Topic 13 Configure and manage SQL database security 

• Enable SQL database authentication
• Configure SQL database firewalls
• Enable and monitor database auditing
• Implement data discovery and classification
• Microsoft Defender for SQL
• Vulnerability assessment for SQL Server
• SQL Advanced Threat Protection
• Explore detection of a suspicious event
• SQL vulnerability assessment express and classic configurations
• Configure dynamic data masking
• Implement transparent data encryption
• Deploy always encrypted features
• Deploy an always encrypted implementation

LU4 Manage security operation

Topic 14 Configure and manage Azure Monitor 

• Explore Azure Monitor
• Configure and monitor metrics and logs
• Enable Log Analytics
• Manage connected sources for log analytics
• Enable Azure monitor Alerts
• Configure properties for diagnostic logging

Topic 15 Enable and manage Microsoft Defender for Cloud 

• MITRE Attack matrix
• Implement Microsoft Defender for Cloud
• Security posture
• Workload protections
• Deploy Microsoft Defender for Cloud
• Azure Arc
• Azure Arc capabilities
• Microsoft cloud security benchmark
• Configure Microsoft Defender for Cloud security policies
• View and edit security policies
• Manage and implement Microsoft Defender for Cloud recommendations
• Explore secure score
• Define brute force attacks
• Understand just-in-time VM access
• Implement just-in-time VM access

Topic 16 Configure and monitor Microsoft Sentinel 

• Enable Microsoft Sentinel
• Configure data connections to Sentinel
• Create workbooks to monitor Sentinel data
• Enable rules to create incidents
• Configure playbooks
• Hunt and investigate potential breaches

Practice Exam

Promotion Code

Your will get 10% discount voucher for 2nd course onwards if you write us a Google review.

Minimum Entry Requirement

Knowledge and Skills

• Able to operate using computer functions
• Minimum 3 GCE ‘O’ Levels Passes including English or WPL Level 5 (Average of Reading, Listening, Speaking & Writing Scores)

Attitude

• Positive Learning Attitude
• Enthusiastic Learner

Experience

• Minimum of 1 year of working experience.

Target Age Group: 18-65 years old

Minimum Software/Hardware Requirement

Software:

TBD

Hardware: Window or Mac Laptops

• Azure Security Engineer
• Cloud Security Consultant
• Cybersecurity Analyst
• IT Security Specialist
• Network Security Engineer
• Systems Administrator
• Infrastructure Security Engineer
• Security Architect
• Compliance Analyst
• Risk Manager
• Data Protection Officer
• Incident Responder
• Penetration Tester
• Security Operations Center Analyst
• Vulnerability Analyst

Sanjiv Venkatram: Sanjiv i is an ACTA certified experienced leader with a proven track record in business / finance consulting and in developing i) business intelligence (BI) solutions ii) data analytics/analysis solutions and iii) IOT lead BI solutions. Sanjiv's goal through Prudentia Consulting, is to promote the simple joy and excitement of actively using the Microsoft Platform. He believes that the agility afforded by the Microsoft platform helps businesses get time back for deeper business thinking and to spend more time with their end customers

Sanjiv has rich experiences in diverse/complex high-tech businesses, turn around environments and strategic transformations. His functional expertise is in sales analytics, financial planning and analysis, engineering and program management. He has worked across discrete manufacturing, professional services and higher education verticals. He also has a working knowledge of equities portfolio management within the financial services domain.Sanjiv is the CEO of Prudentia Consulting, an organization committed to promoting the active usage of the Microsoft Platform. Prior to this, he has worked at Microsoft (US & APAC: 9.2 years), Cognizant Tech Solutions (3.3 years), Yazaki North America (8 years) and until recently at Oracle. Here are a few of his BI/analytics projects driven at scale: Built APAC wide BI dashboard using the Power BI umbrella tool set (Power BI online, Power BI desktop and Power Pivot) and a KPI lake (SQL DB), Helped develop key KPIs – identified key KPIs and helped land this in the DB, Developed a budget audit tool that captured budget inputs from a host of countries across the globe, Developed a business unit P&L reporting tool (functional architecture) in Business Objects for the world-wide financial planning and analysis team.

Alec Tan: Alec Tan is a ACTA certified trainer, He has a number of Comptia certifications. Since 2002, starting off from IT technical background to pre-sales, sales account manager, system integration, operate IT retail / repair shop business in Sim Lim Square 2008 ~ 2012, and back to IT industry employment, freelance IT Trainer till present.

Quah Chee Yong: Quah Chee Yong is a ACTA certified trainer. Quah Chee Yong Chee Yong is an experienced professional who has held various Technical, Operations and Commercial positions across several industriesA firm believer that AI can create a better world, he has equipped himself with the Knowledge and Skills in the fields of Data Science, Machine Learning, Deep Learning and Cloud Deployment

He has a deep passion for training & facilitating and is currently a Singapore WSQ certified Adult Educator. He particularly enjoys the interactive engagements with his fellow trainers and learners

Peter Cheong :  Peter is a ACLP certied trainer. Specialise In IT related knowlege and conduct IT Training which Include Microsoft Window Server Technology (Wintel) and Linux - Centos/Red Hat. Comptia ,ITIL , Motorola Solution Trunking System and Cisco Networking. I was worked in Motorola Solutions Conduct Motorola Astro 25 Trunking System For Police Force Malaysia (RMPnet),Taiwan Navy, Indonesia METRO POLDA (Police Force). After that Peter Join As IT Group Manager For W-Group which include 17 subsidiaries Companies in Real Estate Developer,Plantation, Building Management Services ,Contruction and also Fiber Opti Service Provider in Sabah,Malaysia.

Alan Tan: Alan Tan is a ACTA certified trainer. Alan Tan hold Masters in Data Science in Singapore University of Technology and Design. He is Microsoft Power Platform PL-900 certified and Microsoft Azure Data Fundamentals  Certified DP-900. He have this skills in Microsoft Power Platform development skills such as Powerapps, Power Automate,Power Portal, Power Virtual Agent, Power BI, Sharepoint, Dataverse, etc. For Programming language such as Python and Robotics Process Automation (RPA) development. He is working as a Senior Data Engineer in an MNC.

Bernard Peh: Bernard Peh is a Business Development Director and ACTA certified trainer with over 20 years of experience in the financial services industry. He has held key leadership roles and integrated technology, digital marketing, and data science to drive growth in sales, recruitment, and financial planning. As a mentor, Bernard has developed many successful financial professionals who have achieved top industry accolades like TOT, COT, and MDRT.

With deep expertise in data science, Bernard has advised firms and designed training programs for institutions like NTUC Learning Hub. He continues to apply data science to collective funds, achieving exceptional results such as a 400% increase in assets under management, while empowering financial professionals with technology-driven solutions.

Ken Hiong: Ken Hiong is a ACTA certified trainer. Ken has over 20 years of work experience in the healthcare and pharmaceutical industry, having assumed various functional and managerial roles in sales, marketing, business development, finance, business analysis and planning. With an interest and experience in scripting, Ken has worked on projects using HTML, CSS, PHP, MySQL, WordPress, MS Office, VBA, Power BI, etc. Notably, Ken is a proven expert Excel user at work who has made efficient many work processes, improved data analysis and enhanced the quality of business planning and reporting for organizations.

Ken graduated with a Pharmacy degree, holds a Master of Business Administration from the National University of Singapore and a Master of Applied Finance from the University of Adelaide. An ardent advocate of lifelong learning, Ken is ACTA trained and seeks to continually upgrade his IT skills through various channels of learning and Microsoft certifications. With MS Office Master qualification, Ken looks forward to assisting individuals and corporations improve their computer skills, productivity and business outcomes.

Audrey Lin : Audrey Lin is a ACTA certified trainer. She is a Business Development Director at Gill Technologies, an IT Consulting and Managed Services Provider focused at servicing SMEs. I'm responsible for the operations, sales, marketing, accounting, and finance functions of the organization. She have 13 years of experience in helping businesses and schools maximize their Return on Investment on IT through the use of the right technology, improving their business processes and increasing user adoption. My expertise is around Microsoft 365, MS Teams and Power BI. To help organizations improve employee productivity with tools from the MS 365 stack, she have delivered several classroom & online-styled end user training sessions to organizations from various industries - real estate, F&B, oil & gas, healthcare, schools, logistics. I have also created multiple customized & on-demand videos that end users can refer to for a quick review. Being certified as a Microsoft Data Analyst Associate, She is proficient at helping businesses gather business insights from their wide array of data. She have been involved in BI Projects with healthcare firms, logistics companies, FIs, etc., starting from the design phase, right through to the daily management of the BI system. Her area of knowledge in managing security and compliance in MS 365 is significant and ever-growing. She have good understanding of the Zero Trust Principle and uses that to improve the IT security posture of her clients. With the support of her engineering team at Gill Technologies, we use cloud-based management tools from MS 365, namely Intune, Endpoint Manager, Defender, etc. to manage our clients' endpoints.

Agus Salim: Agus Salim is a professional with more than 10 years of experience in Project Management, IT Solutions Management, and Systems Integration both in waterfall and agile methodology. He started out his career as a Web Developer before moving on to Business Analyst/Project Manager. He has strong leadership and the capability of leading a team with a proven ability to deliver projects with tight timelines. Besides his experiences in managing projects, he has good knowledge in Cybersecurity and hands-on experience in Next Generation Firewall such as Check Point. During his free time, he likes to explore Cloud Technology, especially on Microsoft Azure. Agus has obtained AZ-104, AZ-500 and other Microsoft certifications. I am also a ALCP certified trainer.

Truman Ng: Truman Ng is a ACTA certified trainer that graduated with Bachelor Degree in Electrical Engineering from NUS in year 2002. He designed Artificial Intelligence (AI) controller for DC-DC Power Convertor by using Fuzzy Logic and Neural Network (NN) as his university Final Year Project.

Truman has over 15 years project experiences across Database & Web Design, PLC machinery, Data Center Design , Structure Cabling System(SCS) and Enterprise Network Design and Implementation. He used to be a network architect for Hewlett Packard, working with a group of virtual team from the US in handling network design and projects in the States.

Truman is the founder of Nexplore (S) Pte Ltd. He provides solutions of Cloud SaaS, IaaS & PaaS and Software Defined Network (SDN), VoIP and Internet Security. He was engaged by Huawei Global Training Center to provide 60+ consultations and trainings for Internet Service Providers(ISP) from Malaysia, Singapore, Brunei, Philippines, Australia, Poland, Iran, South Africa, Swaziland, Cote Dlvoire, Syria, Uzbekistan, New Zealand and countries over the world.
As achievement, Truman has successfully completed 100+ IT network projects for Bank, Hotel and Factory within 5 years.
Truman is certified in PMP, Cisco CCNP, CCIP, CCDP, HP Ase and Huawei HCNP, HCIE R&S, HCNA Cloud, HCNA Security, etc