Introduction

This course covers the fundamentals of securing your Azure workloads. It starts with the basics of identity and access management, along with security best practices, and then dives into details on securing various components such as compute, storage, networking, and the security operations side of Azure.

Prerequisites

Before taking this course, you should be familiar with the following concepts:

• You should have an understanding of fundamental cloud computing concepts. Additionally, knowledge of Azure services is beneficial for this course.

• It is recommended to have basic skills in using the Azure portal for administering and configuring various services.

• Additionally, we will need a Microsoft Entra ID P2 subscription to execute some of the tasks in Microsoft Entra ID and an Azure subscription to execute some of the tasks in Azure.

Microsoft Azure security engineer

Azure security engineers are responsible for managing secure workloads in Azure. They should be able to perform the following operations:

• They must have a deep understanding of cloud security best practices and be able to configure appropriate security configurations within the constraints of the organization’s requirements.

• They must be able to assess risk and develop strategies for mitigating threats to an organization’s data, systems, and applications. They must also regularly monitor for anomalies or suspicious activity.

• They must be able to establish a framework for managing identities, such as authentication and authorization processes, to ensure the security of data.

• They should have experience with encryption technologies and disk encryption standards like BitLocker or Advanced Encryption Standard (AES).

• Lastly, they must be well versed in network security fundamentals such as firewalls, intrusion detection systems (IDS), virtual private networks (VPNs), etc., to protect against external attacks or malicious actors trying to gain access to the system.

The course covers all the aspects of Azure security and is closely in line with the Microsoft Azure security engineering exam (AZ-500). Passing this exam will certify you as an expert in protecting your organization’s workloads on Microsoft Azure. However, to pass the exam, you will need to understand the overall security in Azure, which is covered in this course, and also gain hands-on experience with Azure. This includes deploying resources from the portal, troubleshooting connectivity, and administering workloads.

The course assesses your skills in securing the Azure cloud environment. This course will provide expertise enabling users to protect data and resources using a defined set of strategies, tools, and services. It covers identity management, threat detection and response, data protection, network security, and operational security controls.

Other Microsoft certifications and exams

Additionally, several other exams focus on working with virtual machines or networking within the Azure platform. The Azure Administrator exam tests your knowledge of deploying and managing virtual machines (VMs), networks, storage accounts, and more. Similarly, for networking professionals looking to get certified in using Microsoft’s network services in an Azure environment, the Azure Networking certification covers topics such as configuring VNet peering and routing tables and designing secure access policies.

Finally, some other security-specific exams focus on core areas like:

• SC-200 (Microsoft Security Operations Analyst) focuses on operations side of Azure and M365.

• SC-300 (Microsoft Identity and Access Administrator) is focused on identity and access management systems.

• SC-100 (Microsoft Cybersecurity Architect) is an expert-level exam on overall security design and implementation.