AZ-500: Microsoft Azure Security Technologies

Course Description

Secure your cloud infrastructure with confidence. The AZ-500: Microsoft Azure Security Technologies course is a comprehensive, instructor-led training designed for IT professionals who manage and secure cloud-based solutions. This 4-day course explores how to implement strong security controls, maintain security posture, protect identities, access, data, applications, and networks, and respond effectively to threats using Microsoft Azure-native tools like Azure Active Directory, Microsoft Defender for Cloud, Azure Firewall, Azure Key Vault, and Microsoft Sentinel.

Built for real-world application, the course helps you develop the skills needed to become a Microsoft Certified: Azure Security Engineer Associate, equipping you to design and enforce comprehensive cloud security strategies across enterprise environments.

Target Audience

This course is ideal for:

• Azure Security Engineers, Cloud Security Architects, and IT Security Professionals responsible for securing Azure environments

• Professionals preparing for the AZ-500 certification and seeking to improve cloud security posture

• Security-focused administrators with experience in Azure infrastructure, access management, and system administration

Prerequisites:

• Hands-on experience with Azure administration or development

• Understanding of general security concepts, networking, and virtualization

Course Outline

Module 1: Manage Identity and Access in Azure

• Secure access with Azure Active Directory, role-based access control (RBAC), and Azure AD Conditional Access

• Implement Privileged Identity Management (PIM) and multi-factor authentication (MFA)

• Protect hybrid identities with Azure AD Connect and Identity Protection

Module 2: Secure Networking and Compute Resources

• Configure network security using Network Security Groups (NSGs), Application Security Groups (ASGs), Azure Firewall, and Azure DDoS Protection

• Protect Azure Virtual Machines with Just-in-Time access, endpoint protection, and OS hardening

• Apply isolation strategies using virtual networks, service endpoints, and private endpoints

Module 3: Secure Azure Data and Applications

• Implement data protection with Azure Key Vault, customer-managed keys, and double encryption

• Secure Azure Storage and databases using shared access signatures (SAS), Azure Defender for SQL, and transparent data encryption (TDE)

• Apply security best practices for app services and managed identities

Module 4: Manage Security Operations and Threat Protection

• Monitor, detect, and respond to threats with Microsoft Defender for Cloud and Microsoft Sentinel

• Configure and interpret Azure activity logs, alerts, and threat detection recommendations

• Automate security response with Logic Apps and SIEM/SOAR integrations

Hands-On Experience

Approximately 40–50% of the course consists of hands-on exercises. Participants will configure identity protection, deploy security solutions, investigate threats, and implement real-time monitoring scenarios in live Azure environments, reinforcing key concepts through practical application.

Key Skills Gained

• Implement identity and access management using Azure AD and PIM

• Secure virtual networks, compute resources, and containerized workloads

• Protect data and application infrastructure with Key Vault and encryption

• Monitor and manage cloud security posture using Defender for Cloud

• Investigate threats and automate responses using Microsoft Sentinel