AZ-500: Microsoft Azure Security Technologies - Course Overview

This AZ-500 certification training course from CloudThat is designed to train IT professionals who plan to take the Microsoft AZ-500 certification exam. This course and passing the AZ-500 exam will meet all the requirements to become a Microsoft Certified Azure Security Engineer Associate.

The Microsoft Certified Azure Security Engineer Associate certification offers in-depth knowledge and understanding of Azure Security Technologies.

Azure security engineers often serve as part of a larger team to plan and implement cloud-based management and security. The responsibilities of an Azure security engineer include managing the security posture, identifying and remediating vulnerabilities, performing threat modeling, implementing threat protection, and responding to security incident escalations.

After completing Azure AZ 500 course, students will be able to:

  • Describe specialized data classifications on Azure
  • Identify Azure data protection mechanisms
  • Implement Azure data encryption methods
  • Secure Internet protocols and how to implement them on Azure
  • Describe Azure security services and features

Upcoming Batches

Enroll Online
Start Date End Date

To be Decided

Main Highlights of Microsoft AZ-500 Training

  • Our Azure Security certification AZ-500 training modules have 50% -60% hands-on lab sessions to encourage Thinking-Based Learning (TBL).
  • Interactive-rich virtual and face-to-face classroom teaching to inculcate Problem-Based Learning (PBL).
  • Microsoft certified instructor-led training and mentoring sessions to develop Competency-Based Learning (CBL) and inculcate Problem-Based Learning (PBL). Additional, access comprehensive study guide materials for the course to enhance learning experience.
  • Well-structured use-cases to simulate challenges encountered in a Real-World environment during Microsoft AZ-500 certification training.
  • Integrated teaching assistance and support through experts designed Learning Management System (LMS) and ExamReady platform.
  • Being a Microsoft Learning Partner provides us with the edge over competition.

Who Should Attend

  • Azure Professionals working on Security aspects
  • Cloud Professionals / Architects

Prerequisites Of Microsoft AZ-500 Training

Before attending this Azure Security training course, students must have knowledge of:

  • Microsoft Azure Administrator Associate

Why Choose CloudThat as AZ 500 Certification Training Partner?

  • Expertise in Azure: CloudThat is a Microsoft Gold Partner with extensive expertise in Azure. They specialize in cloud technologies and have a team of highly skilled and certified trainers.
  • Comprehensive Training Programs: CloudThat offers comprehensive training programs specifically designed to prepare individuals for Microsoft Azure certifications. They provide a structured curriculum that covers all the key concepts, skills, and topics required to pass the certification exams.
  • Hands-on Labs and Real-World Scenarios: Cloud Training courses are highly interactive, with hands-on labs allowing learners to apply their skills and knowledge in the real world.
  • Customized and Flexible Training Options: CloudThat understands that different individuals and organizations have unique training requirements. They offer customized training options tailored to specific needs, whether you are an individual looking for personal development or an organization seeking to train your team.
  • Supportive learning environment: Trainers provide a supportive and collaborative learning environment. They are available to answer questions, provide guidance throughout the training process, and provide personalized feedback to learners.
  • Updated Content and Exam Preparation: Microsoft Azure is a rapidly evolving platform, and it's crucial to stay up-to-date with the latest features, services, and exam objectives. CloudThat ensures its training content is regularly updated to reflect the current Azure environment and certification requirements.

Advantages of Earning a Microsoft Azure Security Engineer Associate AZ-500 Certification

  • The demand for skilled cloud security professionals is rapidly growing, and holding the Azure Security Engineer Associate certification can open various career opportunities.
  • Receive higher salary benefits of USD 126,000 in the US and 14 lakhs to 28 lakhs on average for Microsoft Azure Certified Security Engineer Associate Training (AZ-500).
  • Earn the Microsoft Azure Security Certification, which validates your expertise and knowledge in securing Azure environments. It demonstrates that you possess the skills required to design and implement secure solutions on the Azure platform, including identity and access management, data protection, and threat protection.
  • As a security professional, you require hands-on experience and practical skills in implementing security controls and threat protection measures in Azure.
  • Industry recognition: Microsoft certifications are widely recognized in the IT industry. Achieving the Azure Security Engineer Associate certification can boost your professional credibility and make you stand out to potential employers or clients.
  • Azure 500 training certification equips you with the knowledge and skills to identify and address security risks and vulnerabilities in Azure environments. This knowledge enables you to build secure cloud solutions, implement security controls, and respond effectively to security incidents.
  • Azure is one of the leading cloud platforms, and organizations are increasingly adopting it. By earning the Azure Security Engineer Associate certification, you position yourself for career growth in the field of cloud security.

Course Outline Download Course Outline

Manage Microsoft Entra identities

  • Secure Microsoft Entra users
  • Secure Microsoft Entra groupsAzure AD vs AD DS
  • Recommend when to use external identities
  • Secure external identities
  • Implement Microsoft Entra ID Protection

Manage Microsoft Entra authentication

  • Implement multi-factor authentication (MFA)
  • Configure Microsoft Entra Verified ID
  • Implement passwordless authentication
  • Implement password protection
  • Implement single sign-on (SSO)
  • Integrate single sign on (SSO) and identity providers
  • Recommend and enforce modern authentication protocols

Manage Microsoft Entra authorization

  • Configure Azure role permissions for management groups, subscriptions, resource groups, and resources
  • Assign Microsoft Entra built-in roles
  • Assign Azure built-in roles
  • Create and assign custom roles, including Azure roles and Microsoft Entra roles
  • Implement and manage Microsoft Entra Permissions Management
  • Configure Microsoft Entra Privileged Identity Management
  • Configure role management and access reviews in Microsoft Entra
  • Implement Conditional Access policies

Manage Microsoft Entra application access

  • Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants
  • Manage Microsoft Entra app registrations
  • Configure app registration permission scopes
  • Manage app registration permission consent
  • Manage and use service principals
  • Manage managed identities for Azure resources
  • Recommend when to use and configure an Microsoft Entra Application Proxy, including authentication

Plan and implement security for virtual networks

  • Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs)
  • Plan and implement user-defined routes (UDRs)
  • Plan and implement Virtual Network peering or VPN gateway
  • Plan and implement Virtual WAN, including secured virtual hub
  • Secure VPN connectivity, including point-to-site and site-to-site
  • Implement encryption over ExpressRoute
  • Configure firewall settings on PaaS resources
  • Monitor network security by using Network Watcher, including NSG flow logging

Plan and implement security for private access to Azure resources

  • Plan and implement virtual network Service Endpoints
  • Plan and implement Private Endpoints
  • Plan and implement Private Link services
  • Plan and implement network integration for Azure App Service and Azure Functions
  • Plan and implement network security configurations for an App Service Environment (ASE)
  • Plan and implement network security configurations for an Azure SQL Managed Instance

Plan and implement security for public access to Azure resources

  • Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management
  • Plan, implement, and manage an Azure Firewall, including Azure Firewall Manager and firewall policies
  • Plan and implement an Azure Application Gateway
  • Plan and implement an Azure Front Door, including Content Delivery Network (CDN)
  • Plan and implement a Web Application Firewall (WAF)
  • Recommend when to use Azure DDoS Protection Standard

Plan and implement advanced security for compute

  • Plan and implement remote access to public endpoints, including Azure Bastion and just-in-time (JIT) virtual machine (VM) access
  • Configure network isolation for Azure Kubernetes Service (AKS)
  • Secure and monitor AKS
  • Configure authentication for AKS
  • Configure security monitoring for Azure Container Instances (ACIs)
  • Configure security monitoring for Azure Container Apps (ACAs)
  • Manage access to Azure Container Registry (ACR)
  • Configure disk encryption, including Azure Disk Encryption (ADE), encryption at host, and confidential disk encryption
  • Recommend security configurations for Azure API Management

Plan and implement security for storage

  • Configure access control for storage accounts
  • Manage life cycle for storage account access keys
  • Select and configure an appropriate method for access to Azure Files
  • Select and configure an appropriate method for access to Azure Blob Storage
  • Select and configure an appropriate method for access to Azure Tables
  • Select and configure an appropriate method for access to Azure Queues
  • Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage
  • Configure Bring your own key (BYOK)
  • Enable double encryption at the Azure Storage infrastructure level

Plan and implement security for Azure SQL Database and Azure SQL Managed Instance

  • Enable Microsoft Entra database authentication
  • Enable database auditing
  • Identify use cases for the Microsoft Purview governance portal
  • Implement data classification of sensitive information by using the Microsoft Purview governance portal
  • Plan and implement dynamic masking
  • Implement Transparent Data Encryption (TDE)
  • Recommend when to use Azure SQL Database Always Encrypted

Plan, implement, and manage governance for security

  • Create, assign, and interpret security policies and initiatives in Azure Policy
  • Configure security settings by using Azure Blueprints
  • Deploy secure infrastructures by using a landing zone
  • Create and configure an Azure Key Vault
  • Recommend when to use a dedicated Hardware Security Module (HSM)
  • Configure access to Key Vault, including vault access policies and Azure Role Based Access Control
  • Manage certificates, secrets, and keys
  • Configure key rotation
  • Configure backup and recovery of certificates, secrets, and keys

Manage security posture by using Microsoft Defender for Cloud

  • Identify and remediate security risks by using the Microsoft Defender for Cloud Secure Score and Inventory
  • Assess compliance against security frameworks and Microsoft Defender for Cloud
  • Add industry and regulatory standards to Microsoft Defender for Cloud
  • Add custom initiatives to Microsoft Defender for Cloud
  • Connect hybrid cloud and multi-cloud environments to Microsoft Defender for Cloud
  • Identify and monitor external assets by using Microsoft Defender External Attack Surface Management

Configure and manage threat protection by using Microsoft Defender for Cloud

  • Enable workload protection services in Microsoft Defender for Cloud, including Microsoft Defender for Storage, Databases, Containers, App Service, Key Vault, and Resource Manager
  • Configure Microsoft Defender for Servers
  • Configure Microsoft Defender for Azure SQL Database
  • Manage and respond to security alerts in Microsoft Defender for Cloud
  • Configure workflow automation by using Microsoft Defender for Cloud
  • Evaluate vulnerability scans from Microsoft Defender for Server

Configure and manage security monitoring and automation solutions

  • Monitor security events by using Azure Monitor
  • Configure data connectors in Microsoft Sentinel
  • Create and customize analytics rules in Microsoft Sentinel
  • Evaluate alerts and incidents in Microsoft Sentinel
  • Configure automation in Microsoft Sentinel


    • By earning Microsoft Azure AZ-500 certification, you can be competent Microsoft Certified Azure Security Engineer Associate Start your journey towards earning the Microsoft Azure Security Certification today!
    • Demonstrate skills of Identifying Azure data protection mechanisms.
    • Display abilities to Implement Azure data encryption methods.
    • On successful completion of Microsoft AZ-500 certification training, aspirants receive a Course Completion certificate from us.
    • By successfully clearing the AZ-500 exams, aspirants earn Microsoft Certification

Course Fee

Select Course date

Can't See the Date? Contact Us to Enroll and Get More Information

Add to Wishlist

Course ID: 13465

Course Price at

₹39900 + 18% GST
Enroll Now

Frequently Asked Questions

Being an associate level certification, AZ-500 is valid for 1 year and thereafter free renewal is available by passing the exam at no extra cost.

Trainer will be explaining theory alongwith demonstration as well as hands on lab environment will also be provided to the individuals for practice.

Being an associate level certification, AZ-500 is valid for 1 year and thereafter free renewal is available by passing the exam at no extra cost.

The total duration of training will be 32 hours (4 Full days) and it can also be customized as per the requirement.

Enquire Now