AZ 500: Microsoft Azure Security Engineer Associate Training

The AZ-500: Microsoft Azure Security Engineer Associate course equips IT professionals with the practical knowledge and hands-on skills needed to secure Azure cloud environments. This training covers identity and access management, platform protection, data and application security, and comprehensive monitoring strategies. Whether you aim to enhance your cloud security capabilities or prepare for the official Microsoft certification, this course delivers a strong security engineering foundation.

This course provides an in-depth exploration of Azure’s security technologies and best practices. Participants learn how to implement robust security controls, protect workloads, detect threats, and ensure compliance across cloud environments. Through real-world labs and guided instruction, learners will develop the capabilities required to secure Azure infrastructure end-to-end and support enterprise-level cloud security operations.

Module 1: Introduction to Azure Security

Topics:

• Azure Security concepts & Zero Trust model
• Shared responsibility in Azure
• Core Azure security services (Defender, Sentinel, Key Vault, Policies)

Lab 1: Getting Started with Azure Security

• Explore Azure Portal Security Center
• View secure score and security recommendations
• Navigate Key Azure security tools (Monitor, Policies, Identity)

Module 2: Manage Identity and Access (IAM)

Topics:

• Azure AD (Entra ID) identity concepts
• RBAC roles and permissions
• Conditional Access policies
• MFA, SSPR, and identity protection
• Privileged Identity Management (PIM) setup
• Just-In-Time access and access reviews

Lab 2: Implementing Azure AD Security

• Create Azure AD users & groups
• Assign RBAC roles
• Configure Conditional Access for MFA
• Enable & test Identity Protection policies

Lab 3: Configuring PIM

• Activate PIM for Administrator roles
• Configure JIT access
• Set up PIM alerts & access review policies

Module 3: Implement Platform Protection

Network Security

Topics:

• Virtual Network security fundamentals
• Network Security Groups (NSGs)
• Application Security Groups (ASGs)
• Azure Firewall
• Web Application Firewall (WAF)
• DDoS Protection Standard

Lab 4: Securing Azure Networks

• Create & apply NSGs to subnets/VMs
• Deploy ASGs for workload segmentation
• Configure DDoS Standard (simulation mode)

Compute & Host Security

Topics:

• Protecting Azure Virtual Machines
• Endpoint protection options
• Just-In-Time VM access
• Security baselines for compute

Lab 5: Secure VM Workloads

• Enable JIT VM Access
• Configure Microsoft Defender for endpoint
• Apply a security baseline to a VM

Container & Kubernetes Security

• AKS security concepts
• Network policies
• Container registry security

Lab 6: Securing Containers

• Enable Azure Defender for Containers
• Configure AKS security policies

Module 4: Secure Data & Applications

Data Protection

Topics:

• Encryption at rest and in transit
• Azure Disk Encryption
• Storage account security (private endpoints, SAS)
• Database security controls (SQL, Cosmos DB)

Lab 7: Securing Data in Azure

• Enable disk encryption
• Configure Storage firewall, private endpoint & SAS tokens

Application Security

Topics:

• Managed identities
• Key Vault secrets & certificate management
• App Service security configurations
• Secure DevOps (DevSecOps) practices

Lab 8: Secure Applications with Managed Identities

• Enable Managed Identity for an App
• Use Key Vault from an App Service
• Restrict access & rotate secrets

Module 5: Manage Security Operations

Monitoring & Logging

Topics:

• Azure Monitor
• Log Analytics Workspace
• Diagnostic settings
• Logging best practices

Lab 9: Configuring Azure Monitoring

• Create Log Analytics Workspace
• Connect multiple resources for logging
• Analyze logs with KQL queries

Microsoft Defender for Cloud

Topics:

• Secure Score & recommendations
• Workload-level protections
• Alerts & automated responses

Lab 10: Implement Microsoft Defender for Cloud

• Enable Defender plans
• Review security recommendations
• Trigger and analyze simulated attacks

Microsoft Sentinel (SIEM/SOAR)

Topics:

• Deploy Sentinel
• Connect data sources
• Create workbooks
• Automation rules & playbooks

Lab 11: Setting Up Microsoft Sentinel

• Deploy Azure Sentinel
• Connect Azure AD & Activity Logs
• Create detection rules & incidents
• Build a Sentinel Workbook dashboard

Module 6: Azure Governance & Compliance

Topics:

• Azure Policy
• Initiatives
• Blueprints
• Resource Locks
• Compliance offerings in Azure

Lab 12: Enforcing Governance with Azure Policy

• Create custom Azure Policy
• Assign policy to a resource group
• Remediate non-compliant resources

Module 7: Incident Response

Topics:

• Detecting and analyzing threats
• Using Sentinel for investigation
• Using playbooks for automated response
• Root Cause Analysis (RCA) workflow

Lab 13: Azure Security Incident Response

• Analyze a security incident from Sentinel
• Use Investigation Graph
• Trigger Logic App playbook for automated remediation

Module 8: Certification Preparation

Topics:

• Exam structure & question types
• Key areas of focus
• Practice questions
• Scenario walkthrough

Lab 14: Exam Practice Lab

• Complete a hands-on practice assignment mapping to exam objectives