By: Sudeep Phal
November 24, 2020
AZ-500: Microsoft Azure Security Technologies Course Review
By: Sudeep Phal
November 24, 2020
Want to be part of cloud security, but you are not sure how to start it? I have gone through an amazing certificate preparation course on Cybrary.
It's AZ-500 Microsoft Azure Security Technologies. This is a certification provided by Microsoft Azure. On passing the certification exam, you earn the Azure security engineer credentials certificate. Cloud security has become a key component in the journey of cloud adoption. The course instructor is David Okeyode. The instructor has very well articulated and bifurcated topics into nine sections to understand better each section talking about different security parts.
The instructor explains the content in a crisp and clear format and paves the way for using Azure in practice by way of lab demos. In each section, the instructor has explained using theoretical and practical approaches, which I liked the most.
The 1st section is the introductory section, wherein the instructor has provided the course introduction and introduces cloud security. In this section, the instructor talks about the shared responsibility between the service provider and the customer. Mind you, it's the responsibility of both customer and service provider to put security controls in place.
The 2nd section is about managing identity and access. In this section, there are 19 subsections with a video length of not more than 10 mins. Because of each video's length, it's easy to complete the sections.
In this section, there is a detailed approach to Azure Active Directory and its services. It tells about different ways any user can be authenticated and ways in which we can protect passwords. The section helps with understanding Azure AD connect and its implementation. It also helps the student better understand how to manage the higher risk accounts with privileged identities since they have much more access than a normal user. In Azure, there is Privileged Identity Management for such privileged users. This module also has a subsection on multi-factor authentication, wherein the author demonstrates how to implement it in your Azure environment.
The 3rd section is about implementing network security, with eight subsections. Having roots in networking, I liked this section because it had different network security parameters and their implementations. The section starts with an Azure virtual network overview, then shows how to implement Azure virtual IP addresses. David then tells us about Network Security Group and Application Security Group implementations, both playing different roles in the environment. Then there is something called an Azure Bastion server. The author describes the advantages and how to implement this type of server, which helps to secure the virtual machines in our environment. Then come the Azure firewall and its implementation. Also, the instructor helps us understand the different ways in which we can create secure connections. Section 3 ends with WAF and DDoS protection and explains the Azure service used to protect from DDoS attacks.
The 4th section is about configuring Azure subscription security, describing the Azure subscription and management group, and giving a demo on the management group. Okeyode informs us about the functionality and implementation of Azure policies. At the end of the section is a demo of role-based access control, wherein access is provided as per the role the user has in the company.
The 5th section is about implementing host security and has four subsections. Virtual machine security students learn about the different security controls that need to be applied to secure the virtual machine. The final subsection here discusses the app service security controls and how to implement them.
In the 6th section, which contains five subsections, the instructor talks about implementing container security. This was new for me, as I did not know about the container's different security controls.
The 7th section is about managing security operations, and it has eight subsections. This is an important section of when there is a data loss or breach in any organization. We learn how to understand different Azure services, like Azure logging and monitoring, Log Analytics, Azure Sentinel, and Azure Security Center. Each of these services has a specific role in securing the Azure environment.
The 8th section is about securing data and applications, is comprised of 6 subsections, and primarily helps the student understand the Azure environment's data security controls.
Lastly, the 9th section provides us the conclusion of the course. All in all, I like the way the course is designed, and I gained a great amount of insights through the different quizzes and questions in each section. The instructor, David, has given the gist of the exam as well.