AZ-500 - Microsoft Azure Security Technologies: Azure AD Connect

AZ-500 - Microsoft Azure Security Technologies: Azure AD Connect

• discover the key concepts covered in this course
• recognize the purpose of Azure AD Connect
• recognize the purpose of Seamless SSO
• configure an Azure AD custom domain
• download and install Azure AD Connect
• modify the configuration of Azure AD Connect
• explore the Azure AD Synchronization Manager tool
• use PowerShell to sync AD with Azure AD
• use the Azure AD Connect troubleshooting tool
• summarize the key concepts covered in this course

This 10-video course helps prepare learners for AZ-500 Microsoft Azure Security Technologies certification exam by exploring how to configure and use Azure AD Connect to link an on-premises Active Directory with Azure Active Directory. You will examine how Azure AD Connect allows on-premises user credentials to be used for Cloud app authorization. Learners will observe how to modify the Azure AD Connect configuration, and examine both Azure AD Connect and SSO (Seamless Sign-On). Then you will learn how to enable SSO, and to configure an Azure AD custom domain. This course examines different SSO methods, including OpenID Connect and OAuth, to allow user access to on-premises and cloud apps. Learners will examine other tools in AD Connect, including the Azure AD Synchronization Service Manager, and how to force AD sync by using the Synchronization Manager, and you will learn how to sync with PowerShell. Finally, you will learn how to use the Azure AD Connect built-in troubleshooting tool to detect issues that might arise.

AZ-500 - Microsoft Azure Security Technologies: Azure AD Group Management

AZ-500 - Microsoft Azure Security Technologies: Azure AD Group Management

• discover the key concepts covered in this course
• use the portal to configure a static Azure AD group
• use PowerShell to configure a static Azure AD group
• use the CLI to configure a static Azure AD group
• create a dynamic Azure AD group
• enable the SSGM option
• use the SSGM option
• manage Azure AD groups using the CLI
• manage Azure AD groups using PowerShell
• summarize the key concepts covered in this course

In this 10-video course, which helps prepare learners AZ-500 Microsoft Azure Security Technologies certification exam, you can explore several methods for creating and managing Azure Active Directory groups. Learners will observe how to use the Azure AD portal to create a static Azure AD group, and to assignment membership to a static group manually. Then you will learn how to configure a static Azure group by using PowerShell to perform standard group management functions, including adding members to or deleting members from a group. Next, examine how to create a dynamic Azure AD group, which determines group membership on the basis of attributes. You will learn how to enable SSGP (Self-Service Management Group) to allow cloud members to provision and deprovision cloud resources. Continue the course by learning how enable owners of groups to determine who may join the group. Finally, you will learn how to manage Azure AD groups by using the CLI (command-line interface).

AZ-500 - Microsoft Azure Security Technologies: Azure AD User Management

AZ-500 - Microsoft Azure Security Technologies: Azure AD User Management

• discover the key concepts covered in this course
• use the portal to manage Azure AD users
• use PowerShell to manage Azure AD users
• use the CLI to manage Azure AD users
• create an Azure AD guest user
• create multiple Azure AD users from a bulk import
• recognize how MFA enhances sign-in security
• use the portal to enable admin MFA
• use the portal to enable MFA for users
• sign-in as an MFA-enabled user
• configure the SSPR option
• use the SSPR option as a user
• manage Azure AD users with the CLI
• manage Azure AD users with PowerShell
• configure Azure AD password lockout settings
• summarize the key concepts covered in this course

Learners can explore numerous methods for creating, securing, and managing Azure AD user credentials in this 16-video course, which helps prepare learners for AZ-500 Microsoft Azure Security Technologies certification exam. First, you will learn how to enable MFA (multifactor authentication) for some or all Azure AD users to enhance user sign-in security, and learn to configure SSPR (self-service password reset). Next, examine how SSPR allows users to reset their own forgotten passwords, and how password lockout settings prevent brute-force attacks against Azure AD user accounts. Learners will be shown how to create an Azure AD guest user, and how to perform a bulk import to create multiple users at once. You will learn to use the Azure AD portal to enable admin MFA, as well as MFA for individual users, and how to sign in as an MFA enabled user. Finally, you will learn how to use PowerShell and CLI (command-line interface) to manage Azure AD users.

AZ-500 - Microsoft Azure Security Technologies: Azure Key Vault

AZ-500 - Microsoft Azure Security Technologies: Azure Key Vault

• discover the key concepts covered in this course
• identify the purpose of Azure Key Vault
• recognize how cryptography secures data
• identify the PKI certificate lifecycle
• differentiate between SSL and TLS
• create a key vault using the GUI
• create a key vault using the CLI
• create a key vault using PowerShell
• configure a key vault access policy
• create keys using the GUI
• create keys using the CLI
• create keys using PowerShell
• create secrets using the GUI
• create secrets using the CLI
• create secrets using PowerShell
• create certificates using the GUI
• create certificates using the CLI
• create certificates using PowerShell
• summarize the key concepts covered in this course

In this 19-video course, explore Azure key vaults and how they can contain secrets, keys, and certificates, which are used to secure other resources such as VM disks and databases. Examine the key vault access policy and how it controls access to key vault contents in this course, which can be used in preparation for the AZ-500 Microsoft Azure Security Technologies certification exam. Begin by learning about the purpose of Azure key vaults; recognize how cryptography secures data; identify the public key infrastructure (PKI) certificate lifecycle, and recognize how to differentiate between the secure sockets layer (SSL) and transport layer security (TLS). You will learn how to create a key vault using the graphical user interface (GUI); using the command-line interface (CLI), and using PowerShell. Learn how to configure a key vault access policy; create keys using the GUI, the CLI, and PowerShell. Also, create secrets by using the GUI, the CLI, and using PowerShell. Then move on to key vault certificate creation by using the GUI, the CLI, and PowerShell.  

AZ-500 - Microsoft Azure Security Technologies: Azure RBAC & Policies

AZ-500 - Microsoft Azure Security Technologies: Azure RBAC & Policies

• discover the key concepts covered in this course
• identify how roles are used in Azure
• create a custom RBAC role
• manage RBAC using the GUI
• manage RBAC using the CLI
• manage RBAC using PowerShell
• identify how policies are used in Azure
• configure policies using the GUI
• configure policies using PowerShell
• create a custom policy
• lock an Azure resource using the GUI
• lock an Azure resource using the CLI
• summarize the key concepts covered in this course

In this course, discover how to use role-based access control (RBAC) to limit administrative access to Azure resources at the subscription, resource group, and resource levels. This 13-video course explores how Azure policies provide more granularity than RBAC for the deployment and management of Azure resources, in preparation for the AZ-500 Microsoft Azure Security Technologies certification exam. To start, .learners receive an overview of RBAC and how roles are used in Azure. Next, you will learn how to create a custom RBAC role and manage RBAC by using the graphical user interface (GUI), using the command-line interface (CLI), and using PowerShell. Identify how policies are used in Azure; configure policies by using the GUI, and using PowerShell. Then explore how to build your own custom Azure policies that you can apply to a subscription or resource group. Take a look at resource locking and the portal by locking an Azure resource by using the GUI and the CLI.

AZ-500 - Microsoft Azure Security Technologies: Azure Security Center

AZ-500 - Microsoft Azure Security Technologies: Azure Security Center

• discover the key concepts covered in this course
• navigate the Azure Security Center
• view Security Center security alerts
• view Security Center compliance details
• configure VM just-in-time access
• enable file integrity monitoring
• summarize the key concepts covered in this course

In this 7-video course, you will explore how recommendations from the Azure Security Center, which automatically collects resource security metrics, can be used to improve Azure resource security. You will also examine how playbooks can remediate security issues and can be triggered by alerts. This course can be used in preparation for the AZ-500 Microsoft Azure Security Technologies certification exam. Begin the course by navigating the Azure Security Center, which has a wealth of security-related information that is specific to the Azure computing environment. Next, examine how to view Azure Security Center security alerts. Then, learners will take a look at Azure Security Center playbooks and learn how to manage both Security Center policies and regulatory compliance, which is an important aspect of cloud computing. You will also discover how to configure just-in-time virtual machine access. In the final tutorial in the course, learners will explore file integrity monitoring and how to enable it. 

AZ-500 - Microsoft Azure Security Technologies: Azure Storage Account Security

AZ-500 - Microsoft Azure Security Technologies: Azure Storage Account Security

• discover the key concepts covered in this course
• identify ways to harden Azure storage accounts
• control storage account container access
• apply RBAC to storage accounts
• configure custom keys for storage encryption
• limit network access to storage accounts
• enable the soft delete storage account feature
• regenerate storage account keys in the portal
• regenerate storage account keys in PowerShell
• regenerate storage account keys using the CLI
• use storage account keys in Azure Storage Explorer
• use the portal to create a SAS
• use the portal to create a Blob SAS
• use SAS in Azure Storage Explorer
• configure access policies for storage queues
• enable VM disk encryption using PowerShell
• enable storage account geo-replication
• summarize the key concepts covered in this course

This 18-video course helps prepare learners for AZ-500 Microsoft Azure Security Technologies certification exam by exploring several methods available to improve Azure storage account security and encrypt cloud data, and demonstrating how to use VM (virtual machine) disks. You will examine ways to harden Azure storage accounts; how to control storage account container access using access policies; and what is encrypted by default. Next, learners will observe how to use RBAC (role-based access control) to control resource access in a cloud computing environment. You will then learn how to configure custom encryption keys. This course examines the soft delete feature within an Azure storage account for blobs and binary large objects, which is not enabled by default. Next, learn to regenerate storage account keys in the portal, in PowerShell, and using the CLI (command-line interface). You will learn to use shared access signatures in Azure Storage Explorer, and to configure access policies for storage queues. Finally, learn to configure VM disk encryption by using PowerShell.

AZ-500 - Microsoft Azure Security Technologies: Data Classification

AZ-500 - Microsoft Azure Security Technologies: Data Classification

• discover the key concepts covered in this course
• describe personally identifiable information and protected health information
• recognize how data classification feeds into securing sensitive data
• describe how GDPR protects data
• describe how PCI DSS protects data
• describe how Health Insurance Portability and Accountability Act and Federal Risk and Authorization Management Program provide guidance to protect data
• use the portal to tag cloud resources
• use PowerShell to tag cloud resources
• use the CLI to tag cloud resources
• recognize how DLP is used to control sensitive data
• identify how AIP relates to DLP
• create AIP labels
• create AIP policies
• use AIP in Microsoft Word
• view protected data statistics
• use the portal to configure blob lifecycle settings
• summarize the key concepts covered in this course

This 17-video course explores how to organize and secure sensitive data by using data classification, as part of preparations for AZ-500 Microsoft Azure Security Technologies certification exam. First, learners will examine the PCI-DSS (Payment Card Industry Data Security Standard), and laws and regulations of the European Union GDPR (General Data Protection Regulation), and HIPAA (Health Insurance Portability and Accountability Act) to protect data. You will examine how to add tags to Microsoft Azure cloud resources in the Azure portal GUI (graphical user interface), and with PowerShell. Next, learn how DLP (data loss prevention) is used to control sensitive data. You will install AIP (Azure Information Protection) client, and learn to add labels to your data to organize it for security purposes. This course demonstrates how to use AIP in MS Word. You will learn to view protected data statistics. Finally, you will learn how to configure blob lifecycle settings, and blob container policies by using the portal.

AZ-500 - Microsoft Azure Security Technologies: Database Security

AZ-500 - Microsoft Azure Security Technologies: Database Security

• discover the key concepts covered in this course
• identify SQL database characteristics
• identify NoSQL database characteristics
• protect sensitive data with data masking
• enable Cosmos DB security options
• determine how to secure Azure Data Lake
• secure SQL with the Always Encrypted option
• enable SQL column security
• enable SQL auditing
• configure SQL backups
• enable SQL geo-replication
• use the CLI to manage SQL replication
• recognize when SQL failover groups should be used
• restore SQL data using the portal
• restore SQL data using PowerShell
• restore SQL data using the CLI
• summarize the key concepts covered in this course

Explore Azure database security and the available mechanisms designed to protect data in this 17-video course, which helps prepare learners for AZ-500 Microsoft Azure Security Technologies certification exam. First, examine characteristics of the Azure SQL Database, a DBaaS (database as a service), offered in the Azure cloud and the NoSQL database Azure Cosmos DB. Then learn to protect sensitive data with data masking, and how to enable geofencing. Learners will next examine how security is managed in Azure Data Lake, and how to analyze data stored in the data lake. You will learn to work with several Azure SQL database security mechanisms, including the always-encrypted option, column security, auditing, and SQL backups. Then you will learn how to enable SQL Geo-Replication and use the CLI (command-line interface) to manage SQL Replication. Finally, examine when to use SQL failover groups, and how to restore SQL data by using the portal, PowerShell, and the CLI.

AZ-500 - Microsoft Azure Security Technologies: Database User Access

AZ-500 - Microsoft Azure Security Technologies: Database User Access

• discover the key concepts covered in this course
• create SQL logins
• set an Azure AD admin for SQL
• connect to Azure SQL using Management Studio
• use the GUI to enable RBAC for Azure AD administration
• use the CLI to enable RBAC for Azure AD administration
• use PowerShell to enable RBAC for Azure AD administration
• configure the Azure SQL firewall
• use PowerShell to configure custom keys for Azure SQL TDE
• conduct a SQL vulnerability assessment
• manage SQL threat detection
• use the portal to configure SQL threat policies
• use PowerShell to enable threat policies
• summarize the key concepts covered in this course

This 14-video course explores Azure database user access management, SQL threat detection, and how to enable SQL threat policies, while helping prepare learners for AZ-500 Microsoft Azure Security Technologies certification exam. First, you will learn to use SQL and Azure AD (Active Directory) logins to authenticate Azure SQL deployments, and create SQL logins. You will learn how to use SQL Server Management Studio to connect to Azure SQL and how to enable RBAC (role-based access control) for Azure AD administration by  using the GUI (graphical user interface), CLI (command-line interface), and PowerShell. You will learn to configure the Azure SQL Firewall, and to configure custom keys for Azure SQL TDE (transparent data encryption). This course then demonstrates how to conduct a SQL vulnerability assessment to determine security shortcomings. You will examine Advanced Threat Detection, and how to configure threat detection settings at the Azure SQL Server level and at individual database level. Finally, learn to enable threat policies by using CLI and PowerShell.

AZ-500 - Microsoft Azure Security Technologies: Identity & Access Management

AZ-500 - Microsoft Azure Security Technologies: Identity & Access Management

• discover the key concepts covered in this course
• describe how Azure uses identities to control resource access
• recognize the role of Azure AD
• create a new Azure AD tenant
• switch between and manage different Azure AD tenants
• identify the purpose of PIM
• recognize the purpose of Azure AD access reviews
• analyze permissions with an Azure AD access review
• configure Azure AD identity protection
• identify the relationship between subscriptions and tenants
• determine how Azure AD conditional access secures Azure AD
• configure conditional access policies
• register apps in Azure AD
• manage Azure AD security principals
• recognize how OAuth 2.0 is used for authorized resource access
• summarize the key concepts covered in this course

In this 16-video course, learners can prepare for AZ-500 Microsoft Azure Security Technologies certification exam by exploring Azure AD (Active Directory), and how to use it as a secure identity store to control resource access. You will learn how Azure uses identities in AD; how to create a new Azure AD tenant for identity isolation; and how to switch between tenants and manage them. This course examines the function of PIM (privileged identity management), and Azure AD Access review to analyze permissions, manage group memberships, and access to applications. Next, you will learn how to configure and use Azure AD Identity Protection to detect suspicious activity related to user accounts, and how to identify the relationship between subscriptions and tenants. Then learners examine how to use Azure AD Conditional Access to enhance Azure AD security, and how to configure Conditional Access policies. You will learn how to register apps in Azure AD, and to manage Azure AD Principles. Finally, the course discusses how OAuth 2.0 is used for Resource Authorization.

AZ-500 - Microsoft Azure Security Technologies: Monitoring, Logging, & Alerts

AZ-500 - Microsoft Azure Security Technologies: Monitoring, Logging, & Alerts

• discover the key concepts covered in this course
• identify performance and security baselines
• view and filter Azure cloud resource activity logs
• create a Log Analytics workspace
• manage Log Analytics workspace data sources
• run log queries
• use the Azure Monitor tool
• capture Azure VM network traffic
• create an action group
• configure alert notifications
• summarize the key concepts covered in this course

Learners will discover how to use Log Analytic workspaces to centralize Azure resource logged data from a variety of sources and how to run log queries in this 11-video course. Prepare for the AZ-500 Microsoft Azure Security Technologies certification exam by examining how to configure Azure Monitor centralized alert and notification settings. You will begin by examining how to identify performance and security baselines and how to view and filter Azure Cloud resource activity logs. Next, learn how to create a Log Analytics workspace, which is an Azure resource that must be configured to gain insights about activity and usage of your Azure resources. Then discover how to manage Log Analytics workspace data sources and run log queries. Take a look at using the Azure monitor tool in the portal, in order to have a centralized way of monitoring a variety of aspects of your Azure environment. Then learn about Azure monitor network packet capturing, and capturing Azure VM network traffic; create an action group, and finally, explore how to configure alert notifications.

AZ-500 - Microsoft Azure Security Technologies: Network Security

AZ-500 - Microsoft Azure Security Technologies: Network Security

• discover the key concepts covered in this course
• create an Azure VNet using the GUI
• create an Azure VNet using the CLI
• create an Azure VNet using PowerShell
• recognize how NSGs can allow or deny network traffic
• create a NSG using the GUI
• create a NSG using the CLI
• create a NSG using PowerShell
• remotely manage Linux VMs using SSH
• remotely manage Windows VMs using RDP
• deploy a jump box remote management point
• recognize how Azure Firewall is used
• configure Azure Firewall network rules
• configure Azure Firewall application rules
• configure Azure Firewall NAT rules
• configure a route table entry so that traffic is sent to Azure Firewall
• summarize the key concepts covered in this course

Learners will discover how virtual networks (VNets) can be used to isolate Azure cloud resources and how network security groups (NSGs) allow or deny traffic to or from subnets and virtual machine (VM) network interfaces, in this 17-video course, helping prepare for AZ-500 Microsoft Azure Security Technologies certification exam. The course examines use of Secure Shell (SSH) for managing Linux, remote desktop protocol (RDP) for managing Windows, and jump boxes as central, publicly accessible administrative points. Begin the course by creating an Azure VNet using the graphical user interface (GUI), the command-line interface (CLI), and using PowerShell. Next, an overview of NSGs, and how they can allow or deny network traffic. Create an NSG by using the GUI, the CLI, and using PowerShell. Remotely manage Linux VMs with both SSH and RDP. Deploy a jump box remote management point. Explore how Azure Firewall is used, configure Azure Firewall network rules, application rules, and network address translation (NAT) rules. Finally, learn how to configure a route table entry so that traffic is sent to Azure Firewall.

AZ-500 - Microsoft Azure Security Technologies: Review Course 1

AZ-500 - Microsoft Azure Security Technologies: Review Course 1

• discover the key concepts covered in this course
• control storage account access
• encrypt cloud data using custom keys
• generate a storage account SAS
• use a storage account key
• tag cloud resources
• enable database masking
• configure Azure SQL firewall
• summarize the key concepts covered in this course

In this 18-video course, learners can explore various techniques for securely implementing and managing Azure resources, while preparing for the AZ-500 Microsoft Azure Security Technologies Certification exam, focusing on security engineers' abilities. Security must be considered when designing, implementing, managing, and monitoring Microsoft Azure usage. In this course, you will examine how to control admin access to storage accounts, how to use custom keys to encrypt cloud data, and how to use a shared access signature to limit storage account access. The course then demonstrates how to use a storage account key for access; how to secure sensitive data by using Azure Information Protection (AIP); and how to organize cloud resources by using tags (cloud resource tagging). Learn about Azure partner SAS Institute, Inc., and their joint efforts. Next, watch demonstrations of how to enable database masking and replication, and how to configure a database backup and restore. Finally, learn to configure Azure SQL firewall and how to enable Azure AD Conditional Access.

AZ-500 - Microsoft Azure Security Technologies: Review Course 2

AZ-500 - Microsoft Azure Security Technologies: Review Course 2

• discover the key concepts covered in this course
• enable Azure AD user MFA
• configure Azure AD password lockout
• create a network security group (NSG)
• enable site-to-site VPN connectivity
• enable JIT for VMs
• limit resource access through Azure RBAC
• use the Azure Security Center to view security issues
• summarize the key concepts covered in this course

In this 9-video course, learners will explore additional techniques for secure implementation and management of Azure resources, while preparing for the AZ-500 Microsoft Azure Security Technologies certification exam. You will begin the course by examining how to enable Azure AD user multifactor authentication (MFA) and how to configure password lockout. Other topics covered are virtual private networks (VPNs); Transport Layer Security (TLS); just-in-time (JIT) access; and core concepts of Azure security. Then watch a demonstration of how to create a network security group (NSG), and how to control access to virtual networks (VNets). Next, learn how to configure Azure firewall; how to configure site-to-site VPN connectivity; and how to enable web app TLS bindings. The course continues by demonstrating how to harden Azure VMs to reduce the attack surface, and how to create an Azure Key Vault. Finally, you will see how to limit resource access through Azure role-based access control or RBAC (role-based access control) as well as through Azure policies.

AZ-500 - Microsoft Azure Security Technologies: VM Security

AZ-500 - Microsoft Azure Security Technologies: VM Security

• discover the key concepts covered in this course
• identify steps taken to harden VMs
• use roles to limit VM admin access
• recognize how SSH public key authentication works
• generate SSH keys using PuttyGen
• enable SSH public key authentication for Linux VMs
• identify how to harden HDInsights
• install an antimalware VM extension
• manage VM OS updates
• enable VM backup
• enable VM inventory and change tracking
• enable VM replication to a secondary region
• deploy a VM scale set
• execute built-in VM run commands
• execute custom VM run commands
• view VM NSG effective security rules
• restore an Azure VM
• recognize the steps for restoring files
• use the portal to view VM inventory
• use the portal to execute a VM test failover
• summarize the key concepts covered in this course

In this course, learners can explore Azure VM security and hardening techniques to reduce the attack surface of Azure VMs. This 21-video course can be used in preparation for the AZ-500 Microsoft Azure Security Technologies certification exam. Begin with an overview of the steps taken to harden VMs. Then learn how to use roles to limit VM admin access. Next, receive an overview of Linux secure shell (SSH) public key authentication. Learn how to generate SSH keys with PuttyGen; enable SSH public key authentication for Linux VMs; and identify how to harden HDInsights; install an antimalware VM extension. Then learn to manage VM operating systems (OS) updates, and enable VM backup. Next, learn to enable VM inventory and change tracking; enable VM replication to a secondary region; deploy a VM scale set, execute built-in VM run commands, and execute custom VM run commands. View effective VM network security group (NSG) security rules; restore an Azure VM; recognize the steps for restoring files; use the portal to view VM Inventory, and to execute a VM test fallover.

AZ-500 - Microsoft Azure Security Technologies: VPNs

AZ-500 - Microsoft Azure Security Technologies: VPNs

• discover the key concepts covered in this course
• identify how VPNs allows secure connections to Azure
• use PowerShell to generate PKI certificates
• configure a point-to-site VPN
• connect a Windows 10 device to an Azure VPN
• configure a site-to-site VPN
• summarize the key concepts covered in this course

In this course, used in preparation for the AZ-500 Microsoft Azure Security Technologies certification exam, you will discover how VPNs provide an encrypted tunnel over the Internet from clients or on-premises networks to the Azure cloud. Explore how to configure a point-to-site or site-to-site VPN and how to connect a Windows 10 device to an Azure VPN. You will begin the 7-video course by receiving an overview of how VPNs allow secure connections to Azure. Next, you will explore how to use PowerShell to generate public key infrastructure (PKI) certificates. To take advantage of Azure VPN connectivity, you need to establish a virtual network gateway in the Azure cloud, which is a configuration that represents a VPN appliance in the Azure cloud. You will do this in order to configure both a point-to-site and site-to-site VPN. In the final tutorial, learners will discover how to connect a Windows 10 device to an Azure VPN. 

AZ-500 - Microsoft Azure Security Technologies: Web Application Security

AZ-500 - Microsoft Azure Security Technologies: Web Application Security

• discover the key concepts covered in this course
• identify common web app vulnerabilities
• deploy an Azure web app
• configure a web app custom domain name
• enable a web app TLS binding
• configure web app authentication
• enable web app backups
• enable a web app WAF
• identify the purpose of the Azure API gateway
• configure an app security group
• summarize the key concepts covered in this course

Learners will discover how the design and implementation of a web app in the Azure cloud can determine its security posture in this 11-video course, used in preparation for the AZ-500 Microsoft Azure Security Technologies certification exam. Begin by learning to identify and understand the common web app security flaws. Then examine how to use the Azure portal to deploy a web application. You will explore how using custom domain names with transport layer security (TLS) bindings allows the use of a custom domain name system (DNS) domain with connectivity over HTTPS. You will learn how to configure web app authentication and how web apps can be backed up and protected by a web application firewall (WAF). You will also examine how API Gateways serve as proxies between the calling of an application programming interface (API) and the API itself and how Application Security Groups organize and protect VMs based on their running workloads.

AZ-500 - Microsoft Azure Security Technologies: Application Containers

AZ-500 - Microsoft Azure Security Technologies: Application Containers

• discover the key concepts covered in this course
• identify how app containers provide app isolation
• harden app containers
• recognize how AKS provides container cluster services
• deploy a Azure Docker VM running Ubuntu
• deploy an Azure container registry
• push a Docker image to an Azure container registry
• summarize the key concepts covered in this course

Discover how application containers isolate app files and settings from the operating system (OS) and other apps in this 8-video course. You will also explore how containers can be secured in similar ways to app workloads, including how to apply updates and provide limited access, as part of preparation for the AZ-500 Microsoft Azure Security Technologies certification exam. To begin, learners will examine how application containers can provide app isolation on different networks, and explore how to harden application containers to improve their security posture. Next, learners will take a look at Azure Kubernetes Service (AKS) and how it provides users with container cluster services. You will then learn how to deploy an Azure Docker VM running Ubuntu, an open-source software OS that runs from the desktop. You will conclude the course by discovering how to deploy an Azure container registry, and how to push a Docker image to an Azure container registry.