MCA microsoft certified associate azure security engineer study guide : exam AZ-500 / Shimon Brathwaite.

Format:

Book

Author/Creator:

Brathwaite, Shimon, author.

Language:

English

Subjects (All):

Cloud computing--Security measures--Examinations--Study guides.

Cloud computing.

Microsoft Azure (Computing platform).

Physical Description:

1 online resource (355 pages)

Place of Publication:

Hoboken, New Jersey : John Wiley & Sons, Inc., [2023]

Summary:

Prepare for the MCA Azure Security Engineer certification exam faster and smarter with help from Sybex In the MCA Microsoft Certified Associate Azure Security Engineer Study Guide: Exam AZ-500, cybersecurity veteran Shimon Brathwaite walks you through every step you need to take to prepare for the MCA Azure Security Engineer certification exam and a career in Azure cybersecurity. You'll find coverage of every domain competency tested by the exam, including identity management and access, platform protection implementation, security operations management, and data and application security. You'll learn to maintain the security posture of an Azure environment, implement threat protection, and respond to security incident escalations. Readers will also find: Efficient and accurate coverage of every topic necessary to succeed on the MCA Azure Security Engineer exam Robust discussions of all the skills you need to hit the ground running at your first--or next--Azure cybersecurity job Complementary access to online study tools, including hundreds of bonus practice exam questions, electronic flashcards, and a searchable glossary The MCA Azure Security Engineer AZ-500 exam is a challenging barrier to certification. But you can prepare confidently and quickly with this latest expert resource from Sybex. It's ideal for anyone preparing for the AZ-500 exam or seeking to step into their next role as an Azure security engineer.

Contents:

Cover

Title Page

Copyright Page

Contents at a Glance

Contents

Introduction

What Does This Book Cover?

Who Should Read This Book

Study Guide Features

Interactive Online Learning Environment and Test Bank

Additional Resources

MCA Azure Security Engineer Study Guide Exam Objectives

Objective Map

How to Contact Wiley or the Author

Assessment Test

Answers to Assessment Test

Chapter 1 Introduction to Microsoft Azure

What Is Microsoft Azure?

Cloud Environment Security Objectives

Confidentiality

Integrity

Availability

Nonrepudiation

Common Security Issues

Principle of Least Privilege

Zero-Trust Model

Defense in Depth

Avoid Security through Obscurity

The AAAs of Access Management

Encryption

End-to-End Encryption

Symmetric Key Encryption

Asymmetric Key Encryption

Network Segmentation

Basic Network Configuration

Unsegmented Network Example

Internal and External Compliance

Cybersecurity Considerations for the Cloud Environment

Configuration Management

Unauthorized Access

Insecure Interfaces/APIs

Hijacking of Accounts

Compliance

Lack of Visibility

Accurate Logging

Cloud Storage

Vendor Contracts

Link Sharing

Major Cybersecurity Threats

DDoS

Social Engineering

Password Attacks

Malware

Summary

Exam Essentials

Review Questions

Chapter 2 Managing Identity and Access in Microsoft Azure

Identity and Access Management

Identifying Individuals in a System

Identifying and Assigning Roles in a System and to an Individual

Assigning Access Levels to Individuals or Groups

Adding, Removing, and Updating Individuals and Their Roles in a System

Protecting a System's Sensitive Data and Securing the System

Enforcing Accountability

IAM in the Microsoft Azure Platform.

Creating and Managing Azure AD Identities

Managing Azure AD Groups

Managing Azure Users

Adding Users to Your Azure AD

Managing External Identities Using Azure AD

Managing Secure Access Using Azure Active Directory

Implementing Conditional Access Policies, Including MFA

Implementing Azure AD Identity Protection

Enabling the Policies

Implement Passwordless Authentication

Configuring an Access Review

Managing Application Access

Integrating Single Sign-On and Identity Providers for Authentication

Creating an App Registration

Configuring App Registration Permission Scopes

Managing App Registration Permission Consent

Managing API Permission to Azure Subscriptions

Configuring an Authentication Method for a Service Principal

Managing Access Control

Interpret Role and Resource Permissions

Configuring Azure Role Permissions for Management Groups, Subscriptions, Resource Groups, and Resources

Assigning Built-In Azure AD Roles

Creating and Assigning Custom Roles, Including Azure Roles and Azure AD Roles

Chapter 3 Implementing Platform Protections

Implementing Advanced Network Security

Securing Connectivity of Hybrid Networks

Securing Connectivity of Virtual Networks

Creating and Configuring Azure Firewalls

Azure Firewall Premium

Creating and Configuring Azure Firewall Manager

Creating and Configuring Azure Application Gateway

Creating and Configuring Azure Front Door

Creating and Configuring a Web Application Firewall

Configuring Network Isolation for Web Apps and Azure Functions

Implementing Azure Service Endpoints

Implementing Azure Private Endpoints, Including Integrating with Other Services

Implementing Azure Private Link

Implementing Azure DDoS Protection

Configuring Enhanced Security for Compute.

Configuring Azure Endpoint Protection for VMs

Enabling Update Management in Azure Portal

Configuring Security for Container Services

Managing Access to the Azure Container Registry

Configuring Security for Serverless Compute

Microsoft Recommendations

Configuring Security for an Azure App Service

Chapter 4 Managing Security Operations

Configure Centralized Policy Management

Configure a Custom Security Policy

Create Custom Security Policies

Creating a Policy Initiative

Configuring Security Settings and Auditing by Using Azure Policy

Configuring and Managing Threat Protection

Configuring Microsoft Defender for Cloud for Servers (Not Including Microsoft Defender for Endpoint)

Configuring Microsoft Defender for SQL

Using the Microsoft Threat Modeling Tool

Azure Monitor

Visualizations in Azure Monitor

Configuring and Managing Security Monitoring Solutions

Creating and Customizing Alert Rules by Using Azure Monitor

Configuring Diagnostic Logging and Retention Using Azure Monitor

Monitoring Security Logs Using Azure Monitor

Microsoft Sentinel

Configuring Connectors in Microsoft Sentinel

Evaluating Alerts and Incidents in Microsoft Sentinel

Chapter 5 Securing Data and Applications

Configuring Security for Storage in Azure

Storage Account Access Keys

Configuring Access Control for Storage Accounts

Configuring Storage Account Access Keys

Configuring Azure AD Authentication for Azure Storage and Azure Files

Configuring Delegated Access for Storage Accounts

Configuring Security for Databases

Appendix A: An Azure Security Tools Overview

Chapter 2, "Managing Identity and Access on Microsoft Azure".

Azure Active Directory (AD)

Microsoft Authenticator App

Azure API Management

Chapter 3, "Implementing Platform Protections"

Azure Firewall

Azure Firewall Manager

Azure Application Gateway

Azure Front Door

Web Application Firewall

Azure Service Endpoints

Azure Private Links

Azure DDoS Protection

Microsoft Defender for Cloud

Azure Container Registry

Azure App Service

Chapter 4, "Managing Security Operations"

Azure Policy

Microsoft Threat Modeling Tool

How Does Microsoft Sentinel Work?

Automation

Chapter 5, "Securing Data and Applications"

Azure Key Vault

Appendix B: Answers to Review Questions

Chapter 1: Introduction to Microsoft Azure

Chapter 2: Managing Identity and Access in Microsoft Azure

Chapter 3: Implementing Platform Protections

Chapter 4: Managing Security Operations

Chapter 5: Securing Data and Applications

Index

EULA.

Notes:

Description based on print version record.

Includes index.

Other Format:

Print version: Brathwaite, Shimon MCA Microsoft Certified Associate Azure Security Engineer Study Guide

ISBN:

9781119870395

1119870399

9781119870388

1119870380

OCLC:

1348491293