AZ-500: Implement platform protection

By the end of this module, you will be able to:

• Define defense in depth
• Protect your environment from denial-of-service attacks
• Secure your solutions using firewalls and VPNs
• Explore your end-to-end perimeter security configuration based on your security posture

By the end of this module, you will be able to:

• Deploy and configure network security groups to protect your Azure solutions
• Configure and lockdown service endpoints and private links
• Secure your applications with Application Gateway, Web App Firewall, and Front Door
• Configure ExpressRoute to help protect your network traffic

By the end of this module, you will be able to:

• Configure and deploy Endpoint Protection
• Deploy a privileged access strategy for devices and privileged workstations
• Secure your virtual machines and access to them
• Deploy Windows Defender
• Practice layered security by reviewing and implementing Security Center and Security Benchmarks

By the end of this module, you will be able to:

• Define the available security tools for containers in Azure
• Configure security settings for containers and Kubernetes services
• Lock down network, storage, and identity resources connected to your containers
• Deploy RBAC to control access to containers

• Introduction
• Define defense in depth
• Explore virtual network security
• Enable Distributed Denial of Service (DDoS) Protection
• Configure a distributed denial of service protection implementation
• Explore Azure Firewall features
• Deploy an Azure Firewall implementation
• Configure VPN forced tunneling
• Create User Defined Routes and Network Virtual Appliances
• Explore hub and spoke topology
• Perform try-this exercises
• Knowledge check
• Summary

• Introduction
• Explore Network Security Groups (NSG)
• Deploy a Network Security Groups implementation
• Create Application Security Groups
• Enable service endpoints
• Configure service endpoint services
• Deploy private links
• Implement an Azure application gateway
• Deploy a web application firewall
• Configure and manage Azure front door
• Review ExpressRoute
• Perform try-this exercises
• Knowledge check
• Summary

• Introduction
• Enable endpoint protection
• Define a privileged access device strategy
• Deploy privileged access workstations
• Create virtual machine templates
• Enable and secure remote access management
• Configure update management
• Deploy disk encryption
• Deploy and configure Windows Defender
• Explore Microsoft Defender for Cloud recommendations
• Secure Azure workloads with Azure Security Benchmarks
• Perform Try-This exercises
• Knowledge check
• Summary

• Introduction
• Explore containers
• Configure Azure Container Instances security​
• Manage security for Azure Container Instances (ACI)​
• Explore the Azure Container Registry (ACR)​
• Enable Azure Container Registry authentication
• Review Azure Kubernetes Service (AKS)​
• Implement an Azure Kubernetes Service architecture​
• Configure Azure Kubernetes Service networking​
• Deploy Azure Kubernetes Service storage​
• Secure authentication to Azure Kubernetes Service with Active Directory​
• Manage access to Azure Kubernetes Service using Azure role-based access controls
• Knowledge check
• Summary