AZ-500: Manage security operation

By the end of this module, you will be able to:

• Configure and monitor Azure Monitor
• Define metrics and logs you want to track for your Azure applications
• Connect data sources to and configure Log Analytics
• Create and monitor alerts associated with your solutions security

By the end of this module, you will be able to:

• Define the most common types of cyber-attacks
• Configure Azure Security Center based on your security posture
• Review Secure Score and raise it
• Lock down your solutions using Security Center and Defender
• Enable Just-in-Time access and other security features

By the end of this module, you will be able to:

• Explain what Azure Sentinel is and how it is used
• Deploy Azure Sentinel
• Connect data to Azure Sentinel, like Azure Logs, Azure AD, and others
• Track incidents using workbooks, playbooks, and hunting techniques

• Introduction
• Explore Azure Monitor
• Configure and monitor metrics and logs
• Enable Log Analytics
• Manage connected sources for log analytics
• Enable Azure monitor Alerts
• Configure properties for diagnostic logging
• Perform try-this exercises
• Knowledge check
• Summary

• Introduction
• Review the cyber kill chain
• Implement Microsoft Defender for Cloud
• Configure security center policies
• Manage and implement security center recommendations
• Explore secure score
• Deploy Microsoft Defender for Cloud
• Define brute force attacks
• Implement Just-in-time VM access
• Perform try-this exercises
• Knowledge check
• Summary

• Introduction
• Enable Microsoft Sentinel
• Configure data connections to Sentinel
• Create workbooks for explore Sentinel data
• Enable rules to create incidents
• Configure playbooks
• Hunt and investigate potential breaches
• Knowledge check
• Summary