Mca Microsoft Certified Associate Azure Security Engineer Study Guide - Exam Az-500

Read more

Prepare for the MCA Azure Security Engineer certification exam faster and smarter with help from Sybex
 
In the MCA Microsoft Certified Associate Azure Security Engineer Study Guide: Exam AZ-500, cybersecurity veteran Shimon Brathwaite walks you through every step you need to take to prepare for the MCA Azure Security Engineer certification exam and a career in Azure cybersecurity. You'll find coverage of every domain competency tested by the exam, including identity management and access, platform protection implementation, security operations management, and data and application security.
 
You'll learn to maintain the security posture of an Azure environment, implement threat protection, and respond to security incident escalations. Readers will also find:
* Efficient and accurate coverage of every topic necessary to succeed on the MCA Azure Security Engineer exam
* Robust discussions of all the skills you need to hit the ground running at your first--or next--Azure cybersecurity job
* Complementary access to online study tools, including hundreds of bonus practice exam questions, electronic flashcards, and a searchable glossary
 
The MCA Azure Security Engineer AZ-500 exam is a challenging barrier to certification. But you can prepare confidently and quickly with this latest expert resource from Sybex. It's ideal for anyone preparing for the AZ-500 exam or seeking to step into their next role as an Azure security engineer.

List of contents

Introduction xix
 
Assessment Test xxv
 
Chapter 1 Introduction to Microsoft Azure 1
 
What Is Microsoft Azure? 3
 
Cloud Environment Security Objectives 4
 
Confidentiality 4
 
Integrity 4
 
Availability 5
 
Nonrepudiation 5
 
Common Security Issues 5
 
Principle of Least Privilege 5
 
Zero- Trust Model 6
 
Defense in Depth 6
 
Avoid Security through Obscurity 9
 
The AAAs of Access Management 9
 
Encryption 10
 
End- to- End Encryption 11
 
Symmetric Key Encryption 11
 
Asymmetric Key Encryption 11
 
Network Segmentation 13
 
Basic Network Configuration 13
 
Unsegmented Network Example 14
 
Internal and External Compliance 15
 
Cybersecurity Considerations for the Cloud Environment 16
 
Configuration Management 17
 
Unauthorized Access 17
 
Insecure Interfaces/APIs 17
 
Hijacking of Accounts 17
 
Compliance 18
 
Lack of Visibility 18
 
Accurate Logging 18
 
Cloud Storage 18
 
Vendor Contracts 19
 
Link Sharing 19
 
Major Cybersecurity Threats 19
 
DDoS 19
 
Social Engineering 20
 
Password Attacks 21
 
Malware 21
 
Summary 24
 
Exam Essentials 24
 
Review Questions 26
 
Chapter 2 Managing Identity and Access in Microsoft Azure 29
 
Identity and Access Management 31
 
Identifying Individuals in a System 31
 
Identifying and Assigning Roles in a System and to an Individual 32
 
Assigning Access Levels to Individuals or Groups 33
 
Adding, Removing, and Updating Individuals and Their Roles in a System 33
 
Protecting a System's Sensitive Data and Securing the System 33
 
Enforcing Accountability 34
 
IAM in the Microsoft Azure Platform 34
 
Creating and Managing Azure AD Identities 34
 
Managing Azure AD Groups 37
 
Managing Azure Users 39
 
Adding Users to Your Azure AD 39
 
Managing External Identities Using Azure AD 40
 
Managing Secure Access Using Azure Active Directory 42
 
Implementing Conditional Access Policies, Including MFA 44
 
Implementing Azure AD Identity Protection 45
 
Enabling the Policies 47
 
Implement Passwordless Authentication 50
 
Configuring an Access Review 52
 
Managing Application Access 57
 
Integrating Single Sign- On and Identity Providers for Authentication 57
 
Creating an App Registration 58
 
Configuring App Registration Permission Scopes 58
 
Managing App Registration Permission Consent 59
 
Managing API Permission to Azure Subscriptions 60
 
Configuring an Authentication Method for a Service Principal 61
 
Managing Access Control 62
 
Interpret Role and Resource Permissions 62
 
Configuring Azure Role Permissions for Management Groups, Subscriptions, Resource Groups, and Resources 63
 
Assigning Built- In Azure AD Roles 64
 
Creating and Assigning Custom Roles, Including Azure Roles and Azure AD Roles 65
 
Summary 66
 
Exam Essentials 67
 
Review Questions 70
 
Chapter 3 Implementing Platform Protections 73
 
Implementing Advanced Network Security 75
 
Securing Connectivity of Hybrid Networks 75
 
Securing Connectivity of Virtual Networks 77
 
Creating and Configuring Azure Firewalls 78
 
Azure Firewall Premium 79
 
Creating and Configuring Azure Firewall Manager 82
 
Creating and Conf

About the author

ABOUT THE AUTHOR SHIMON BRATHWAITE is Editor-in-Chief of securitymadesimple.org, a website dedicated to teaching business owners how to secure their companies and helping cybersecurity professionals start and advance their careers. He is the author of three cybersecurity books and holds CEH, Security+, and AWS Security specialist certifications.