Muutke küpsiste eelistusi

Exam Ref AZ-500 Microsoft Azure Security Technologies, 2/e 2nd edition [Pehme köide]

3.78/5 (26 hinnangut Goodreads-ist)
,
  • Formaat: Paperback / softback, 336 pages, kõrgus x laius x paksus: 230x184x20 mm, kaal: 605 g
  • Sari: Exam Ref
  • Ilmumisaeg: 01-Jun-2022
  • Kirjastus: Addison Wesley
  • ISBN-10: 0137834462
  • ISBN-13: 9780137834464
Teised raamatud teemal:
Exam Ref AZ-500 Microsoft Azure Security Technologies, 2/e 2nd editionSuurem pilt
  • Formaat: Paperback / softback, 336 pages, kõrgus x laius x paksus: 230x184x20 mm, kaal: 605 g
  • Sari: Exam Ref
  • Ilmumisaeg: 01-Jun-2022
  • Kirjastus: Addison Wesley
  • ISBN-10: 0137834462
  • ISBN-13: 9780137834464
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9780137834464.html
Märksõnad:

Prepare for Microsoft Exam AZ-500: Demonstrate your real-world knowledge of Microsoft Azure security, including tools and techniques for protecting identity, access, platforms, data, and applications, and for effectively managing security operations. Designed for professionals with Azure security experience, this Exam Ref focuses on the critical thinking and decision-making acumen needed for success at the Microsoft Certified: Azure Security Engineer Associate level.

Focus on the expertise measured by these objectives:

  • Manage identity and access
  • Implement platform protection
  • Manage security operations
  • Secure data and applications

This Microsoft Exam Ref:

  • Organizes its coverage by exam objectives
  • Features strategic, what-if scenarios to challenge you
  • Assumes you have expertise implementing security controls and threat protection, managing identity and access, and protecting assets in cloud and hybrid environments

About the Exam

Exam AZ-500 focuses on the knowledge needed to manage Azure Active Directory identities; configure secure access with Azure AD; manage application access and access control; implement advanced network security; configure advanced security for compute; monitor security with Azure Monitor, Azure Firewall manager, Azure Security Center, Azure Defender, and Azure Sentinel; configure security policies; configure security for storage and databases; and configure and manage Key Vault.

About Microsoft Certification

Passing this exam fulfills your requirements for the Microsoft Certified: Azure Security Engineer Associate credential, demonstrating your expertise as an Azure Security Engineer capable of maintaining security posture, identifying and remediating vulnerabilities, implementing threat protection, and responding to incident escalations as part of a cloud-based management and security team.

See full details at: microsoft.com/learn

Introduction xi
Organization of this book xii
Preparing for the exam xii
Microsoft certifications xii
Quick access to online references xiii
Errata, updates & book support xiii
Stay in touch xiii
Chapter 1 Manage identity and access
1(90)
Skill 1.1 Manage Azure Active Directory identities
1(1)
Create and manage a managed identity for Azure resources
2(4)
Manage Azure AD groups
6(6)
Manage Azure AD users
12(2)
Manage external identities by using Azure AD
14(7)
Manage administrative units
21(2)
Skill 1.2 Manage secure access by using Azure AD
23(1)
Configure Azure AD Privileged Identity Management (PIM)
23(3)
Implement conditional access policies, including multifactor authentication
26(14)
Implement Azure AD Identity Protection
40(3)
Implement passwordless authentication
43(2)
Configure access reviews
45(4)
Skill 1.3 Manage application access
49(1)
Integrate single sign-on (SSO) and identity providers for authentication
50(18)
Create an app registration
68(5)
Configure app registration permission scopes
73(1)
Manage app registration permission consent
74(2)
Manage API permissions to Azure subscriptions and resources
76(1)
Configure an authentication method for a service principal
76(1)
Skill 1.4 Manage access control
77(1)
Configure Azure role permissions for management groups, subscriptions, resource groups, and resources
77(4)
Interpret role and resource permissions
81(2)
Assign built-in Azure AD roles
83(3)
Create and assign custom roles, including Azure roles and Azure AD roles
86(3)
Thought experiment
89(1)
Identity and access at Tailwind Traders
89(1)
Thought experiment answers
90(1)
Chapter summary
90(1)
Chapter 2 Implement platform protection
91(90)
Skill 2.1 Implement advanced network security
91(1)
Overview of Azure network components
91(15)
Secure the connectivity of hybrid networks
106(5)
Secure connectivity of virtual networks
111(9)
Create and configure Azure Firewall
120(9)
Create and configure Azure Firewall Manager
129(2)
Create and configure Azure Front Door
131(8)
Create and configure Web Application Firewall (WAF)
139(1)
Configure resource firewall
140(7)
Implement Azure service endpoints
147(3)
Azure private endpoints and Private Links
150(1)
Implement Azure DDoS protection
151(4)
Skill 2.2 Configure advanced security for compute
155(1)
Configure Azure endpoint protection for virtual machines (VMs)
155(5)
Implement and manage security updates for VMs
160(3)
Configure security for containers services
163(1)
Manage access to Azure Container Registry
164(2)
Configure security for serverless compute
166(3)
Configure security for Azure App Service
169(5)
Configure encryption at rest
174(1)
Configure encryption in transit
175(2)
Thought experiment
177(1)
Advanced security for compute at Tailwind Traders
177(1)
Thought experiment answers
178(1)
Chapter summary
178(3)
Chapter 3 Manage security operations
181(52)
Skill 3.1 Configure centralized policy management
181(1)
Configure a custom security policy
181(1)
Create a policy initiative
182(3)
Configure security settings and auditing by using Azure Policy
185(5)
Skill 3.2 Configure and manage threat protection
190(1)
Microsoft Defender for servers
190(5)
Evaluate vulnerability scan from Microsoft Defender for servers
195(5)
Configure Microsoft Defender for SQL
200(1)
Skill 3.3 Configure and manage security monitoring solutions
201(1)
Introduction to Azure Monitor
201(4)
Create and customize alert rules in Azure Monitor
205(6)
Configure diagnostic logging and log retention by using Azure Monitor
211(4)
Introduction to Microsoft Sentinel's architecture
215(6)
Create and customize alerts
221(7)
Evaluate alerts and incidents in Microsoft Sentinel
228(3)
Thought experiment
231(1)
Monitoring Security at Tailwind Traders
231(1)
Thought experiment answers
232(1)
Chapter summary
232(1)
Chapter 4 Secure data and applications
233(70)
Skill 4.1 Configure security for storage
233(1)
Configure access control for storage accounts
234(9)
Configure storage account access keys
243(4)
Configure Azure AD authentication for Azure Storage and Azure Files
247(6)
Configure delegated access
253(5)
Skill 4.2 Configure security for databases
258(1)
Enable database authentication by using Azure AD
258(1)
Enable database auditing
259(3)
Configure dynamic masking on SQL workloads
262(2)
Implement database encryption for Azure SQL Database
264(5)
Implement network isolation for data solutions, including
Azure Synapse Analytics and Azure Cosmos DB
269(2)
Configure Microsoft Defender for SQL
271(3)
Skill 4.3 Configure and manage Key Vault
274(1)
Create and configure Key Vault
274(1)
Configure access to Key Vault
275(6)
Manage certificates, secrets, and keys
281(13)
Configure key rotation
294(2)
Configure backup and recovery of certificates, secrets, and keys
296(3)
Thought experiment
299(1)
Securing data at Tailwind Traders
300(1)
Thought experiment answers
300(1)
Chapter summary
300(3)
Index 303
YURI DIOGENES, MSC Yuri holds a Master of Science in cybersecurity intelligence and forensics investigation (UTICA College) and is the principal PM manager for the Microsoft CxE Microsoft Defender for Cloud Team, where he manages a team of PMs who are responsible for improving the product and helping customers deploy it. Yuri has been working for Microsoft since 2006 in different positions, including five years as a senior support escalation engineer for the CSS Forefront Edge Team. From 2011 to 2017, he was a member of Microsofts content development team, where he also helped create the Azure Security Center content experience since its launch in 2016. Yuri has published 26 books, mostly about information security and Microsoft technologies. Yuri also holds an MBA and many IT/Security industry certifications, such as CISSP, E|CND, E|CEH, E|CSA, E|CHFI, CompTIA Security+, CySA+, Cloud Essentials Certified, Mobility+, Network+, CASP, CyberSec First Responder, MCSE, and MCTS. You can follow Yuri on Twitter at @yuridiogenes.

ORIN THOMAS is a principal cloud operations advocate at Microsoft and has written more than three dozen books for Microsoft Press covering topics including Windows Server, Windows Client, Azure, Microsoft 365, Office 365, System Center, Exchange Server, Security, and SQL Server. He has authored Azure Architecture courses at Pluralsight, has authored multiple Microsoft Official Curriculum and EdX courses on a variety of IT Pro topics, and is completing a Doctor of Information Technology on cloud computing security and compliance at Charles Sturt University. You can follow him on Twitter at @orinthomas.