Microsoft Azure Security Engineer AZ-500
Implement Azure security controls, manage identity and access, protect platforms and data, and respond to security threats. The core certification for cloud security engineers and SOC teams working on Azure.
Certification Roadmap
1Module 1 (25–30%): Manage Identity and Access
Secure identities using Azure Active Directory, Privileged Identity Management, and Conditional Access policies.
Azure Active Directory (Entra ID)
Users, groups, hybrid identity, managed identities, app registrations
Configure Azure AD users, groups, and external identities. Implement Azure AD Connect and hybrid identity, manage Managed Identities, and configure application registrations.
Privileged Identity Management (PIM)
JIT access, access reviews, role monitoring
Configure and activate PIM for Azure AD roles, implement just-in-time privileged access, configure access reviews, and monitor privileged role assignments.
Conditional Access and MFA
CA policies, MFA, Identity Protection, Password Protection
Create and manage Conditional Access policies, configure Multi-Factor Authentication, implement Identity Protection risk policies, and configure Azure AD Password Protection.
2Module 2 (35–40%): Implement Platform Protection
Secure Azure network perimeter, compute workloads, containers, and Azure Key Vault.
Network Security
NSG, ASG, Azure Firewall, DDoS, WAF
Configure Network Security Groups and ASGs, deploy Azure Firewall and Firewall Policy, implement DDoS Protection Standard, and configure WAF on App Gateway.
Compute and Container Security
VM encryption, Defender for Servers, AKS, container registry
Configure VM endpoint protection and disk encryption, enable Microsoft Defender for Servers, secure AKS clusters, and implement container registry security policies.
Key Vault and Secrets Management
Keys, secrets, certificates, RBAC, managed HSM
Create and configure Azure Key Vault, manage keys, secrets and certificates, configure Key Vault access policies and RBAC, and implement Key Vault managed HSM.
3Module 3 (25–30%): Manage Security Operations
Monitor, investigate, and respond to threats using Microsoft Sentinel, Defender, and Azure Monitor.
Microsoft Sentinel (SIEM)
Connectors, analytics rules, KQL threat hunting, playbooks
Configure Microsoft Sentinel workspace and connectors, create analytics rules and incident detection, perform threat hunting with KQL, and configure automation rules and playbooks.
Microsoft Defender for Cloud
Secure score, security policies, alerts, threat intelligence
Enable and configure Defender for Cloud plans, interpret secure score and recommendations, configure security policies and compliance, and manage alerts and threat intelligence.
Monitoring and Incident Response
Azure Monitor, Log Analytics, incident investigation, audit logging
Configure Azure Monitor diagnostic logs and alerts, analyze security logs in Log Analytics, investigate security incidents, and configure audit logging for Azure resources.
4Module 4 (5–10%): Secure Data and Applications
Protect Azure storage, databases, and application configurations using encryption and security policies.
Storage and Database Security
Storage encryption, SQL ATP, TDE, SQL auditing
Configure Azure Storage encryption and access policies, enable Advanced Threat Protection for SQL, implement Transparent Data Encryption, and configure SQL auditing and vulnerability assessments.
Application Security
App Service security, OAuth 2.0, Managed Identities, API Management
Configure App Service security and authentication, implement OAuth 2.0 and OpenID Connect, use Managed Identities for app-to-service auth, and configure API Management security policies.
Ready to Master this Track?
Get training schedules, role-based pathways, and expert guidance for your certification journey. Our industry-recognized mentors will guide you from fundamentals to professional level.
Program Details
Duration
4-8 Weeks
Mode
Live (Online)
Experience Level
Associate