Course Details
LU1 Manage Identity and Access
Topic 1 Secure Azure solutions with Azure Active Directory
- Explore Azure Active Directory features
- Self-managed Active Directory Domain Services, Azure Active Directory, and managed Azure Active Directory Domain Services
- Azure AD DS and self-managed AD DS
- Azure AD DS and Azure AD
- Investigate roles in Azure AD
- Azure AD built-in roles
- Deploy Azure AD Domain Services
- Create and manage Azure AD users
- Manage users with Azure AD groups
- Configure Azure AD administrative units
- Implement passwordless authentication
Topic 2 Implement Hybrid identity
- Deploy Azure AD connect
- Explore authentication options
- Configure Password Hash Synchronization (PHS)
- Implement Pass-through Authentication (PTA)
- Deploy Federation with Azure AD
- Explore the authentication decision tree
- Configure password writeback
Topic 3 Deploy Azure AD identity protection
- Explore Azure AD identity protection
- Configure risk event detections
- Implement user risk policy
- Implement sign-in risk policy
- Deploy multifactor authentication in Azure
- Explore multifactor authentication settings
- Enable multifactor authentication
- Implement Azure AD conditional access
- Configure conditional access conditions
- Implement access reviews
Topic 4 Configure Azure AD privileged identity management
- Explore the zero trust model
- Review the evolution of identity management
- Deploy Azure AD privileged identity management
- Configure privileged identity management scope
- Implement privileged identity management onboarding
- Explore privileged identity management configuration settings
- Implement a privileged identity management workflow
Topci 5 Design an enterprise governance strategy
- Review the shared responsibility model
- Explore the Azure cloud security advantages
- Review Azure hierarchy of systems
- Configure Azure policies
- Enable Azure role-based access control (RBAC)
- Compare and contrast Azure RBAC vs Azure policies
- Configure built-in roles
- Enable resource locks
- Deploy Azure blueprints
- Design an Azure subscription management plan
LU2 Implement platform protection
Topic 6 Implement perimeter security
- Define defense in depth
- Explore virtual network security
- Enable Distributed Denial of Service (DDoS) Protection
- Configure a distributed denial of service protection implementation
- Explore Azure Firewall features
- Deploy an Azure Firewall implementation
- Configure VPN forced tunneling
- Create User Defined Routes and Network Virtual Appliances
- Explore hub and spoke topology
Topic 7 Configure network security
- Explore Network Security Groups (NSG)
- Deploy a Network Security Groups implementation
- Create Application Security Groups
- Enable service endpoints
- Configure service endpoint services
- Deploy private links
- Implement an Azure application gateway
- Deploy a web application firewall
- Configure and manage Azure front door
Topic 8 Configure and manage host security
- Enable endpoint protection
- Define a privileged access device strategy
- Deploy privileged access workstations
- Create virtual machine templates
- Enable and secure remote access management
- Configure update management
- Deploy disk encryption
- Managed disk encryption options
- Deploy and configure Windows Defender
- Microsoft cloud security benchmark in Defender for Cloud
- Explore Microsoft Defender for Cloud recommendations
Topic 9 Enable Containers security
- Explore containers
- Configure Azure Container Instances security
- Manage security for Azure Container Instances (ACI)
- Explore the Azure Container Registry (ACR)
- Enable Azure Container Registry authentication
- Review Azure Kubernetes Service (AKS)
- Implement an Azure Kubernetes Service architecture
- Configure Azure Kubernetes Service networking
- Deploy Azure Kubernetes Service storage
- Secure authentication to Azure Kubernetes Service with Active Directory
- Manage access to Azure Kubernetes Service using Azure role-based access controls
LU3 Secure your data and applications
Topic 10 Deploy and secure Azure Key Vault
- Explore Azure Key Vault
- Configure Key Vault access
- Review a secure Key Vault example
- Deploy and manage Key Vault certificates
- Create Key Vault keys
- Manage customer managed keys
- Enable Key Vault secrets
- Configure key rotation
- Manage Key Vault safety and recovery features
- Perform Try-This exercises
- Explore the Azure Hardware Security Module
Topic 11 Configure application security features
- Review the Microsoft identity platform
- Explore the Application model
- Register an application with App Registration
- Configure Microsoft Graph permissions
- Enable managed identities
- Azure App Services
- App Service Environment
- Azure App Service plan
- App Service Environment networking
- Availability Zone Support for App Service Environments
- App Service Environment Certificates
Topic 12 Implement storage security
- Define data sovereignty
- Configure Azure storage access
- Deploy shared access signatures
- Manage Azure AD storage authentication
- Implement storage service encryption
- Configure blob data retention policies
- Configure Azure files authentication
- Enable the secure transfer required property
Topic 13 Configure and manage SQL database security
- Enable SQL database authentication
- Configure SQL database firewalls
- Enable and monitor database auditing
- Implement data discovery and classification
- Microsoft Defender for SQL
- Vulnerability assessment for SQL Server
- SQL Advanced Threat Protection
- Explore detection of a suspicious event
- SQL vulnerability assessment express and classic configurations
- Configure dynamic data masking
- Implement transparent data encryption
- Deploy always encrypted features
- Deploy an always encrypted implementation
LU4 Manage security operation
Topic 14 Configure and manage Azure Monitor
- Explore Azure Monitor
- Configure and monitor metrics and logs
- Enable Log Analytics
- Manage connected sources for log analytics
- Enable Azure monitor Alerts
- Configure properties for diagnostic logging
Topic 15 Enable and manage Microsoft Defender for Cloud
- MITRE Attack matrix
- Implement Microsoft Defender for Cloud
- Security posture
- Workload protections
- Deploy Microsoft Defender for Cloud
- Azure Arc
- Azure Arc capabilities
- Microsoft cloud security benchmark
- Configure Microsoft Defender for Cloud security policies
- View and edit security policies
- Manage and implement Microsoft Defender for Cloud recommendations
- Explore secure score
- Define brute force attacks
- Understand just-in-time VM access
- Implement just-in-time VM access
Topic 16 Configure and monitor Microsoft Sentinel
- Enable Microsoft Sentinel
- Configure data connections to Sentinel
- Create workbooks to monitor Sentinel data
- Enable rules to create incidents
- Configure playbooks
- Hunt and investigate potential breaches
AZ-500 Practice Exam
Course Info
Prerequisite:
The following knowledge is asummed:
- Basic electronics
Software Requirement
Pls download and install the following software prior to the class
- Vivado Design Suite https://www.xilinx.com/support/download.html
HRDF Funding
Please refer to this video https://youtu.be/Kzpd-V1F9Xs
1- HRD Corp Grant Helper
How to submit grant applications for HRD Corp Claimable Courses
2- Employers are required to apply for the grant at least one week before training commences.
Employers must submit their applications with supporting documents, including invoices/quotations, trainer profiles, training schedule and course content.
3- First, Login to Employer’s e-TRIS account -https://etris.hrdcorp.gov.my
Second, Click Application
4- Click Grant on the left side under Applications
5- Click Apply Grant on the left side under Applications
6- Click Apply
7- Choose a Scheme Code and select HRD Corp Claimable Courses: Skim Bantuan Latihan Khas. Then, click Apply
8- Scheme Code represents all types of training that suit the requirements provided by HRD Corp. Below are the list of schemes offered by HRD Corp:
9- Select your Immediate Officer and click Next
10- Select a Training Provider, then click Next
11- Please select a training programme from the list, then key in all the required details and click Next
Select your desired training programme.
Give an explanation on why the participant is required to attend the training. E.g., related to their tasks/ career development, etc.
Explain the background and objective of this training.
Select a relevant focus area. For Employer-Specific Courses, select ‘Not Applicable’.
12- If the training programme is a micro-credential programme, you are required to complete these 3 fields. Save and click Next
Insert MiCAS Application number
13- Based on the nine (9) pillars listed below, HRD Corp Focus Area Courses are closely tied to support government initiatives towards nation building. As such, courses offered through the HRD Corp Focus Areas are designed to provide the workforce with skills required for current and future demands. Details of the focus areas are as follows:
14- Please select a Course Title and Type of Training
15- Select the correct type of training according to the actual type of training, or as mentioned in the training brochure:
16- Please key in the Training Location and click Next
17- Please select the Level of Certification and click Next
18- Please follow the instructions and key in trainee details
19- Click Add Batch, then click Save
20- Click Add Trainee Details
21- Please key in all the required details, then click Add
22- Click Add if there are more participants. Once done, click Save
23- Click Next
24- Please key in the course fees and allowance details, then click Save
25- Estimated cost includes the course fees/external trainer fees, allowances, and consumable training materials. Please comply with the HRD Corp Allowable Cost Matrix.
26- Select Upfront Payment to Training Provider and key in the percentage from 0% to 30%. Then, click Save and Next
27- Complete the declaration form and select a desired officer
28- Add all the required documents, then click Add Attachment. Then, click Save and Submit Application
29- Once the New Grant Application is successfully submitted, the Grant Officer will evaluate the application accordingly. The application may be queried if additional information is required.
The application status will be updated via the employer’s dashboard, email, and the e-TRiS inbox.
Job Roles
- Azure Security Engineer
- Cloud Security Consultant
- Cybersecurity Analyst
- IT Security Specialist
- Network Security Engineer
- Systems Administrator
- Infrastructure Security Engineer
- Security Architect
- Compliance Analyst
- Risk Manager
- Data Protection Officer
- Incident Responder
- Penetration Tester
- Security Operations Center Analyst
- Vulnerability Analyst
Trainers
Agus Salim is a professional with more than 10 years of experience in Project Management, IT Solutions Management, and Systems Integration both in waterfall and agile methodology. He started out his career as a Web Developer before moving on to Business Analyst/Project Manager. He has strong leadership and the capability of leading a team with a proven ability to deliver projects with tight timelines. Besides his experiences in managing projects, he has good knowledge in Cybersecurity and hands-on experience in Next Generation Firewall such as Check Point. During his free time, he likes to explore Cloud Technology, especially on Microsoft Azure. Agus has obtained AZ-104, AZ-500 and other Microsoft certifications. I am also a ALCP certified trainer.