Seminarinhalt
Dieses Training vermittelt IT-Sicherheitsexpert*innen die Kenntnisse und Fähigkeiten, die zur Implementierung von Sicherheitskontrollen, zur Aufrechterhaltung der Sicherheitslage eines Unternehmens sowie zur Identifizierung und Behebung von Sicherheitslücken erforderlich sind.
Dieser Training beinhaltet Sicherheit für Identität und Zugriff, Plattformschutz, Daten und Anwendungen sowie Sicherheitsvorgänge.
Dieser Training beinhaltet Sicherheit für Identität und Zugriff, Plattformschutz, Daten und Anwendungen sowie Sicherheitsvorgänge.
Programm
Secure identity and access
Introduction to Microsoft Defender XDR threat protection
Remediate risks with Microsoft Defender for Office 365
Plan and implement for virtual networks
Plan and implement security for public access to Azure resources
Secure compute, storage, and databases
Plan and implmenet advanced security for compute
Implement and manage enforcement of cloud governance policies
Configure and manage security monitoring and automation solutions
Manage security controls for identity and access
Introduction to Microsoft Defender XDR threat protection
- Explore Extended Detection & Response (XDR) response use cases
- Understand Microsoft Defender XDR in a Security Operations Center (SOC)
- Explore Microsoft Security Graph
- Investigate security incidents in Microsoft Defender XDR
- Use the Microsoft Defender portal
- Manage incidents
- Investigate incidents
- Manage and investigate alerts
- Manage automated investigations
- Use the action center
- Explore advanced hunting
- Investigate Microsoft Entra sign-in logs
- Understand Microsoft Secure Score
- Analyze threat analytics
- Analyze reports
- Configure the Microsoft Defender portal
Remediate risks with Microsoft Defender for Office 365
- Introduction to Microsoft Defender for Office 365
- Automate, investigate, and remediate
- Configure, protect, and detect
- Simulate attacks
- Review identity protection basics
- Implement and manage user risk policy
- Exercise enable sign-in risk policy
- Exercise configure Microsoft Entra multifactor authentication registration policy
- Monitor, investigate, and remediate elevated risky users
- Implement security for workload identities
- Explore Microsoft Defender for Identity
- Introduction to Microsoft Defender for Identity
- Configure Microsoft Defender for Identity sensors
- Review compromised accounts or data
- Integrate with other Microsoft tools
- Understand the Defender for Cloud Apps Framework
- Explore your cloud apps with Cloud Discovery
- Protect your data and apps with Conditional Access App Control
- Walk through discovery and access control with Microsoft Defender for Cloud Apps
- Classify and protect sensitive information
- Detect Threats
- Microsoft cloud security benchmark: Identity management and privileged access
- What is Microsoft Entra ID?
- Secure Microsoft Entra users
- Create a new user in Microsoft Entra ID
- Secure Microsoft Entra groups
- Recommend when to use external identities
- Secure external identities
- Implement Microsoft Entra Identity Protection
- Microsoft Entra Connect
- Microsoft Entra Cloud Sync
- Authentication options
- Password hash synchronization with Microsoft Entra ID
- Microsoft Entra pass-through authentication
- Federation with Microsoft Entra ID
- What is Microsoft Entra authentication?
- Implement multifactor authentication (MFA)
- Kerberos authentication
- New Technology Local Area Network Manager (NTLM)
- Passwordless authentication options for Microsoft Entra ID
- Implement passwordless authentication
- Implement password protection
- Microsoft Entra ID single sign-on
- Implement single sign-on (SSO)
- Integrate single sign-on (SSO) and identity providers
- Introduction to Microsoft Entra Verified ID
- Configure Microsoft Entra Verified ID
- Recommend and enforce modern authentication protocols
- Azure management groups
- Configure Azure role permissions for management groups, subscriptions, resource groups, and resources
- Azure role-based access control
- Azure built-in roles
- Assign Azure role permissions for management groups, subscriptions, resource groups, and resources
- Microsoft Entra built-in roles
- Assign built-in roles in Microsoft Entra ID
- Microsoft Entra role-based access controlCreate and assign a custom role in Microsoft Entra ID
- Zero Trust security
- Microsoft Entra Privileged Identity Management
- Configure Privileged Identity Management
- Microsoft Entra ID governance
- Identity lifecycle management
- Lifecycle workflows
- Entitlement management
- Delegation and roles in entitlement management
- Access reviews
- Configure role management and access reviews by using Microsoft Entra ID governance
- Implement Conditional Access policies for Cloud Resources in Azure
- Azure lighthouse overview
- Module assessment
- Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants
- Manage app registrations in Microsoft Entra ID
- Configure app registration permission scopes
- Manage app registration permission consent
- Manage and use service principals
- Manage managed identities for Azure resources
- Recommend when to use and configure a Microsoft Entra Application Proxy, including authentication
- Module assessment
- Microsoft Cloud Security Benchmark: Data Protection, Logging and Threat Detection, and Network Security
- What is an Azure Virtual Network
- Azure Virtual Network Manager
- Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs)
- Plan and implement User-Defined Routes (UDRs)
- Plan and implement Virtual Network peering or gateway
- Plan and implement Virtual Wide Area Network, including secured virtual hub
- Secure VPN connectivity, including point-to-site and site-to-site
- Azure encryption
- What is Azure Virtual Network encryption
- Azure ExpressRoute
- Implement encryption over ExpressRoute
- Configure firewall settings on Azure resources
- Monitor network security by using Network Watcher
- Plan and implement security for private access for Azure resources
- Plan and implement security for public access to Azure resources
- Plan and implement virtual network Service Endpoints
- Plan and implement Private Endpoints
- Plan and implement Private Link services
- Plan and implement network integration for Azure App Service and Azure Functions
- Plan and implement network security configurations for an App Service Environment (ASE)
- Plan and implement network security configurations for an Azure SQL Managed Instance
- Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management
- Plan, implement, and manage an Azure Firewall, Azure Firewall Manager and firewall policies
- Plan and implement an Azure Application Gateway
- Plan and implement a Web Application Firewall (WAF)
- Plan and implement an Azure Front Door, including Content Delivery Network (CDN)
- Recommend when to use Azure DDoS Protection Standard
Plan and implement for virtual networks
- Microsoft Cloud Security Benchmark: Data Protection, Logging and Threat Detection, and Network Security
- What is an Azure Virtual Network
- Azure Virtual Network Manager
- Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs)
- Plan and implement User-Defined Routes (UDRs)
- Plan and implement Virtual Network peering or gateway
- Plan and implement Virtual Wide Area Network, including secured virtual hub
- Secure VPN connectivity, including point-to-site and site-to-site
- Azure encryption
- What is Azure Virtual Network encryption
- Azure ExpressRoute
- Implement encryption over ExpressRoute
- Configure firewall settings on Azure resources
- Monitor network security by using Network Watcher
- Plan and implement virtual network Service Endpoints
- Plan and implement Private Endpoints
- Plan and implement Private Link services
- Plan and implement network integration for Azure App Service and Azure Functions
- Plan and implement network security configurations for an App Service Environment (ASE)
- Plan and implement network security configurations for an Azure SQL Managed Instance
Plan and implement security for public access to Azure resources
- Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management
- Plan, implement, and manage an Azure Firewall, Azure Firewall Manager and firewall policies
- Plan and implement an Azure Application Gateway
- Plan and implement a Web Application Firewall (WAF)
- Plan and implement an Azure Front Door, including Content Delivery Network (CDN)
- Recommend when to use Azure DDoS Protection Standard
Secure compute, storage, and databases
Plan and implmenet advanced security for compute
- Plan and implement remote access to public endpoints, Azure Bastion and just-in-time (JIT) virtual machine (VM) access
- What is Azure Kubernetes Service?
- Configure network isolation for Azure Kubernetes Service (AKS)
- Secure and monitor Azure Kubernetes Service
- Configure authentication for Azure Kubernetes Service
- Configure security for Azure Container Instances (ACIs)
- Configure security for Azure Container Apps (ACAs)
- Manage access to Azure Container Registry (ACR)
- Configure disk encryption, Azure Disk Encryption (ADE), encryption as host, and confidential disk encryption
- Recommend security configurations for Azure API Management
- Plan and implement security for storage
- Plan and implement security for Azure SQL Database and Azure SQL Managed Instance
- Azure Storage
- Configure access control for storage accounts
- Manage life cycle for storage account access keys
- Select and configure an appropriate method for access to Azure Files
- Select and configure an appropriate method for access to Azure Blobs
- Select and configure an appropriate method for access to Azure Tables
- Select and configure an appropriate method for access to Azure Queues
- Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage
- Configure Bring your own key (BYOK)
- Enable double encryption at the Azure Storage infrastructure level
- Azure SQL Database and SQL Managed Instance security
- Enable Microsoft Entra database authentication
- Enable and monitor database audit
- Identify use cases for the Microsoft Purview governance portal
Implement and manage enforcement of cloud governance policies
- Microsoft cloud security benchmark: Access, Data, Identity, Network, Endpoint, Governance, Recovery, Incident, and Vulnerability Management
- Azure governance
- Create, assign, and interpret security policies and initiatives in Azure Policy
- Deploy secure infrastructures by using a landing zone
- Azure Key Vault
- Azure Key Vault security
- Azure Key Vault authentication
- Create and configure an Azure Key Vault
- Recommend when to use a dedicated Hardware Security Module (HSM)
- Configure access to Key Vault, including vault access policies and Azure role-based access control
- Manage certificates, secrets, and keys
- Configure key rotation
- Configure backup and recovery of certificates, secrets, and keys
- Implement security controls to protect backups
- Implement security controls for asset management
- Implement Microsoft Defender for Cloud
- Identify and remediate security risks by using the Microsoft Defender for Cloud Secure Score and Inventory
- Assess compliance against security frameworks and Microsoft Defender for Cloud
- Add industry and regulatory standards to Microsoft Defender for Cloud
- Add custom initiatives to Microsoft Defender for Cloud
- Connect hybrid cloud and multicloud environments to Microsoft Defender for Cloud
- Implement and use Microsoft Defender External Attack Surface Management
- Enable workload protection services in Microsoft Defender for Cloud
- Defender for Servers
- Defender for Storage
- Malware scanning in Defender for Storage
- Detect threats to sensitive data
- Deploy Microsoft Defender for Storage
- Enable configure Azure built-in policy
- Configure Microsoft Defender plans for Servers, Databases, and Storage
- Implement and manage Microsoft Defender Vulnerability Management
- Log Analytics workspace
- Manage data retention in a Log Analytics workspace
- Deploy the Azure Monitor Agent
- Collect data with Azure Monitor Agent
- Data collection rules (DCRs) in Azure Monitor
- Transformations in data collection rules (DCRs)
- Monitor network security events and performance data by configuring data collection rules (DCRs) in Azure Monitor
- Connect your Azure subscriptions
- Just-in-time machine access
- Enable just-in-time access
- Container security in Microsoft Defender for Containers
- Managed Kubernetes threat factors
- Defender for Containers architecture
- Configure Microsoft Defender for Containers components
- Microsoft Defender for Cloud DevOps Security
- DevOps Security support and prerequisites
- DevOps environment security posture
- Connect your GitHub lab environment to Microsoft Defender for Cloud
- Configure the Microsoft Security DevOps GitHub action
- Defender for Cloud AI threat protection
- Enable threat protection for AI workloads in Defender for Cloud
- Gain application and end-user context for AI alerts
Configure and manage security monitoring and automation solutions
- Manage and respond to security alerts in Microsoft Defender for Cloud
- Configure workflow automation by using Microsoft Defender for Cloud
- Log retention plans in Microsoft Sentinel
- Alerts and Incidents from Microsoft Sentinel
- Configure data connectors in Microsoft Sentinel
- Enable analytics rules in Microsoft Sentinel
- Configure automation in Microsoft Sentinel
- Automating Threat Response with Microsoft Sentinel
Manage security controls for identity and access
- Microsoft cloud security benchmark: Identity management and privileged access
- What is Microsoft Entra ID?
- Secure Microsoft Entra users
- Create a new user in Microsoft Entra ID
- Secure Microsoft Entra groups
- Recommend when to use external identities
- Secure external identities
- Implement Microsoft Entra Identity Protection
- Microsoft Entra Connect
- Microsoft Entra Cloud Sync
- Authentication options
- Password hash synchronization with Microsoft Entra ID
- Microsoft Entra pass-through authentication
- Federation with Microsoft Entra ID
- What is Microsoft Entra authentication?
- Implement multifactor authentication (MFA)
- Kerberos authentication
- New Technology Local Area Network Manager (NTLM)
- Passwordless authentication options for Microsoft Entra ID
- Implement passwordless authentication
- Implement password protection
- Microsoft Entra ID single sign-on
- Implement single sign-on (SSO)
- Integrate single sign-on (SSO) and identity providers
- Introduction to Microsoft Entra Verified ID
- Configure Microsoft Entra Verified ID
- Recommend and enforce modern authentication protocols
- Azure management groups
- Configure Azure role permissions for management groups, subscriptions, resource groups, and resources
- Azure role-based access control
- Azure built-in roles
- Assign Azure role permissions for management groups, subscriptions, resource groups, and resources
- Microsoft Entra built-in roles
- Assign built-in roles in Microsoft Entra ID
- Microsoft Entra role-based access control
- Create and assign a custom role in Microsoft Entra ID
- Zero Trust security
- Microsoft Entra Privileged Identity Management
- Configure Privileged Identity Management
- Microsoft Entra ID governance
- Identity lifecycle management
- Lifecycle workflows
- Entitlement management
- Delegation and roles in entitlement management
- Access reviews
- Configure role management and access reviews by using Microsoft Entra ID governance
- Implement Conditional Access policies for Cloud Resources in Azure
- Azure lighthouse overview
- Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants
- Manage app registrations in Microsoft Entra ID
- Configure app registration permission scopes
- Manage app registration permission consent
- Manage and use service principals
- Manage managed identities for Azure resources
- Recommend when to use and configure a Microsoft Entra Application Proxy, including authentication
Zielgruppen
Dieses Training richtet sich an Azure Security Engineers, die die zugehörige Zertifizierungsprüfung ablegen möchten oder bei ihrer täglichen Arbeit Sicherheitsaufgaben ausführen. Dieser Training ist auch für Ingenieure hilfreich, die sich auf die Bereitstellung von Sicherheit für Azure-basierte digitale Plattformen spezialisieren und eine wichtige Rolle beim Schutz der Daten eines Unternehmens spielen möchten.
Vorkenntnisse
- Verständnis bewährter Sicherheitsmethoden und Branchensicherheitsanforderungen, z. B. tiefgehende Verteidigung (Defense in Depth), Zugriff mit geringstmöglichen Berechtigungen, rollenbasierte Zugriffssteuerung, mehrstufige Authentifizierung, gemeinsame Verantwortung und Zero Trust-Modell
- Vertrautheit mit Sicherheitsprotokollen wie VPN (Virtual Private Networks), IPsec (Internet Security Protocol), SSL (Secure Socket Layer), Datenträger- und Datenverschlüsselungsmethoden Erfahrung mit der Bereitstellung von Azure-Workloads In diesem Kurs werden nicht die Grundlagen der Azure-Verwaltung behandelt. Vielmehr baut der Kursinhalt auf diesem Wissen auf und ergänzt es um sicherheitsspezifische Informationen.
- Erfahrung mit Windows- und Linux-Betriebssystemen und Skriptsprachen Kurslabs können PowerShell und die CLI verwenden.
Trainings zur Vorbereitung
Wichtige Information
Dieses Training behandelt prüfungsrelevante Themen zum Exam AZ-500: Microsoft Azure Security Technologies.
Das Ablegen des Examens führt zum Zertifizierungsstatus: Microsoft Azure Security Engineer
Das Ablegen des Examens führt zum Zertifizierungsstatus: Microsoft Azure Security Engineer
Super Schulung, vielleicht etwas konkurrierend mit SC-200 und schwer zu trennen? 1 Stern Abzug weil die Labs leider outdated/problematisch waren.
Microsoft Azure Security Technologies
23.08.2024Super Schulung, vielleicht etwas konkurrierend mit SC-200 und schwer zu trennen? 1 Stern Abzug weil die Labs leider outdated/problematisch waren.
— Lukas S.Sehr gut aufbereitet
Microsoft Azure Security Technologies
31.01.2023Sehr gut aufbereitet
— Ernst S.Alles bestens
Microsoft Azure Security Technologies
19.04.2022Alles bestens
— Peter B.