Please enable JavaScript.
Coggle requires JavaScript to display documents.
AZ-500 (Secure Data and Applications (30-35%) (Configure security for data…
AZ-500
Secure Data and Applications (30-35%)
Configure security policies to manage data
Achieving Compliant Data Residency and Security with Azure
Understand data protection obligations
Data classification with Microsoft Azure
Data location
Shared responsibility
Understand the services that Azure provides
to help customers meet obligations
Azure Secure Score
Data management and data governance services and tools
Customer data residency
Use Azure Policy to control data residence
Tenant separation
Identity Management
Azure encryption
Encryption of data at rest
Encryption of data in transit
Encryption during processing of data–Confidential computing
Azure Key Vault with Bring Your Own Key (BYOK)
Solutions for telemetry data
DevOps access and Lockbox
Solutions for hybrid and on-premise environments
Microsoft Azure Stack
Data Box Edge and gateway
Understand the assurance or evidence
that customers need to assert compliance
Compliance offerings
Compliance Manager
Protected data
Data privacy compliance and the GDPR
Security assurance
Security Development Lifecycle (SDL)
Penetration tests
Commitments defined in the Online Services Terms
Security and Compliance blueprints
How Microsoft handles government requests
Applying the framework to selected
European markets
Configure data sovereignty using Azure Policy
Configure Data Retention
Configure data retention (Storage Analytics)
Azure Data Explorer (Retention)
Configure data classification
Configure security for data infrastructure
Enable database authentication
Configure and manage Azure Active Directory authentication with SQL
Get started with SQL database auditing
Azure SQL Database threat detection for single or pooled databases
Azure Storage security guide
Configure key management for storage accounts
Create and manage Shared Access Signatures (SAS)
An introduction to Apache Hadoop security with Enterprise Security Package
Configure security for HDInsights
Security in Azure Cosmos DB – overview
Secure access to data in Azure Cosmos DB
Data encryption in Azure Cosmos DB
High availability with Azure Cosmos DB
Online backup and on-demand data restore in Azure Cosmos DB
Configure security for Microsoft Azure Data Lake
Configure encryption for data at rest
Implement Microsoft Azure SQL Database Always Encrypted
Implement database encryption
Transparent data encryption for SQL Database and Data Warehouse
Azure SQL Transparent Data Encryption with customer-managed keys in Azure Key Vault: Bring Your Own Key support
How to use Key Vault soft-delete with PowerShell
Azure Storage Service Encryption for data at rest
Storage Service Encryption using customer-managed keys in Azure Key Vault
Azure Disk Encryption for IaaS VMs
Implement backup encryption
Implement security for application delivery
Securing PaaS deployments
Monitor availability and responsiveness of any web site
Configure application security
App Service and Functions hosted apps can now update TLS versions!
Configure SSL/TLS certs
Tutorial: Bind an existing custom SSL certificate to Azure App Service
Configure Microsoft Azure services to protect web apps
Create an application security baseline
Configure and manage Key Vault
About keys, secrets, and certificates
Secure access to a key vault
Manage certificates, manage secrets, configure key rotation
Azure Storage account key management
Azure Key Vault managed storage account – CLI
Azure Storage Account Keys Automatic Rotation
Implement platform protection (35-40%)
Implement network security
What is Azure Virtual Network?
Security Group
Configure Network Security Groups (NSGs)
Understanding Application Security Groups in the Azure Portal
Create and configure application security groups
Services Tags
What is Azure Firewall ?
Tutorial: Deploy and configure Azure Firewall using the Azure portal
Configure remote access management – Security management in Azure
Configure baseline – Protect your network resources in Azure Security Center
Configure Azure Storage firewalls and virtual networks
Azure SQL Database and SQL Data Warehouse IP firewall rules
Implement host security
configure VM Security – Security best practices for IaaS workloads in Azure
Manage endpoint protection issues with Azure Security Center
Manage virtual machine access using just-in-time
Manage Windows updates by using Azure Automation
Automate resources in your datacenter or cloud by using Hybrid Runbook Worker
Configure Baseline – Customize OS security configurations in Azure Security Center
Configure container security
Container Security in Azure
Configure network – Enable containers to use Azure Virtual Network capabilities
Configure authentication – Service principals with Azure Kubernetes Service (AKS)
Secure traffic between pods using network policies in Azure Kubernetes Service (AKS)
Configure AKS security – Security concepts for applications and clusters in Azure Kubernetes Service (AKS)
Configure container registry
Best practices for Azure Container Registry
Configure container instance security
Implement vulnerability management
Implement Microsoft Azure Resource management security
Create Microsoft Azure resource locks
Manage resource group security with Azure RBAC
Built-in roles for Azure resources
Configure custom RBAC roles
Configure Microsoft Azure policies
Configure subscription and resource permissions
Manage identity and access (20-25%)
Configure Microsoft Azure Active Directory for workloads
Transfer ownership of an Azure subscription to another account
Configure Microsoft Azure AD Privileged Identity Management
What is Azure Active Directory Identity Protection?
Vulnerabilities detected by Azure Active Directory Identity Protection
Monitor privileged access, configure Access Reviews, activate Privileged Identity Management
Configure Microsoft Azure tenant security
How to: Use the portal to create an Azure AD application and service principal that can access resources
Permissions and consent in the Azure Active Directory v2.0 endpoint
Configure Multi-Factor Authentication settings
Enterprise user management documentation – Azure Active Directory
Create a basic group and add members using Azure Active Directory
What is guest user access in Azure Active Directory B2B?
Manage security operation (15-20%)
Configure Security Services
Azure Monitor overview
Configure Azure Log Analytics for data security
Configure Azure diagnostic logs
Configure Microsoft Azure Log Analytics
Configure diagnostic logging and log retention
Configure vulnerability scanning
Configure Security Policies
Working with security policies
Azure security policies monitored by Security Center
Configure centralized policy management by using Microsoft Azure Security Center
Configure Just in Time VM access by using Microsoft Azure Security Center
Managed Security Alerts
Custom Alert Rules in Azure Security Center (Preview)
Review and respond to alerts and recommendations
Configure a playbook for a security event by using Microsoft Azure Security Center
Investigate escalated security incidents