Nueva certificación Azure

Feb 21, 2019 · 4 min read · Microsoft Certificación  ·
Compartir en:
Nueva certificación Azure

Navegando por la pagina de Pearson Vue he localizado un nuevo examen de certificación que tiene la nomenclatura:

AZ-500: Microsoft Azure Security Technologies.

ACTUALIZACIÓN 06/03/2019.

Todo apunta a una nueva certificación basada en roles centrada en la securización de Azure y sus servicios asociados.

Todavía desconozco si este examen completa una ruta como así hace el examen MS-500: Microsoft 365 Security Administration en el entorno de Microsoft 365, que permite conseguir la certificación Microsoft 365 Certified Security Administrator Associate.

El examen ya aparece visible en la pagina de Pearson Vue y tienen como fecha de programación inicial el próximo día 27 de Febrero de 2019.

De momento no he localizado mas información al respecto del contenido del examen o de los recursos disponibles de formación. Entiendo que los irán publicando en las próximas semanas.

ACTUALIZACIÓN 06/03/2019.

El examen ya no se encuentra disponible de la pagina de Pearson VUE, pero hoy esta activa la pagina de examen en el sitio de Microsoft.

EXAM AZ-500: Microsoft Azure Security Technologies (beta)

Estas son las habilidades medidas.

Manage Identity and Access (20-25%)

  • Configure Microsoft Azure Active Directory for workloads
    • May include but is not limited to: Create App Registration, configure App Registration permission scopes, manage App Registration permission consent, configure Multi-Factor Authentication settings, manage Microsoft Azure AD directory groups, manage Microsoft Azure AD users, install and configure Microsoft Azure AD Connect, configure authentication methods, implement Conditional Access policies, configure Microsoft Azure AD identity protection
  • Configure Microsoft Azure AD Privileged Identity Management
    • May include but is not limited to: Monitor privileged access, configure Access Reviews, activate Privileged Identity Management
  • Configure Microsoft Azure tenant security
    • May include but is not limited to: Transfer Microsoft Azure subscriptions between Microsoft Azure AD tenants, manage API access to Microsoft Azure subscriptions and resources

Implement Platform Protection (35-40%)

  • Implement network security
    • May include but is not limited to: Configure virtual network connectivity, configure Network Security Groups (NSGs), create and configure Microsoft Azure Firewall, create and configure application security groups, configure remote access management, configure baseline, configure resource firewall
  • Implement host security
    • May include but is not limited to: Configure endpoint security within the VM, configure VM security, harden VMs in Microsoft Azure, configure system updates for VMs in Microsoft Azure, configure baseline
  • Configure container security
    • May include but is not limited to: Configure network, configure authentication, configure container isolation, configure AKS security, configure container registry, configure container instance security, implement vulnerability management
  • Implement Microsoft Azure Resource management security
    • May include but is not limited to: Create Microsoft Azure resource locks, manage resource group security, configure Microsoft Azure policies, configure custom RBAC roles, configure subscription and resource permissions

Manage Security Operations (15-20%)

  • Configure security services
    • May include but is not limited to: Configure Microsoft Azure Monitor, configure Microsoft Azure Log Analytics, configure diagnostic logging and log retention, configure vulnerability scanning
  • Configure security policies
    • May include but is not limited to: Configure centralized policy management by using Microsoft Azure Security Center, configure Just in Time VM access by using Microsoft Azure Security Center
  • Manage security alerts
    • May include but is not limited to: Create and customize alerts, review and respond to alerts and recommendations, configure a playbook for a security event by using Microsoft Azure Security Center, investigate escalated security incidents

Secure Data and Applications (30-35%)

  • Configure security policies to manage data
    • May include but is not limited to: Configure data classification, configure data retention, configure data sovereignty
  • Configure security for data infrastructure
    • May include but is not limited to: Enable database authentication, enable database auditing, configure Microsoft Azure SQL Database threat detection, configure access control for storage accounts, configure key management for storage accounts, create and manage Shared Access Signatures (SAS), configure security for HDInsights, configure security for Cosmos DB, configure security for Microsoft Azure Data Lake
  • Configure encryption for data at rest
    • May include but is not limited to: Implement Microsoft Azure SQL Database Always Encrypted, implement database encryption, implement Storage Service Encryption, implement disk encryption, implement backup encryption
  • Implement security for application delivery
    • May include but is not limited to: Implement security validations for application development, configure synthetic security transactions
  • Configure application security
    • May include but is not limited to: Configure SSL/TLS certs, configure Microsoft Azure services to protect web apps, create an application security baseline
  • Configure and manage Key Vault
    • May include but is not limited to: Manage access to Key Vault, manage permissions to secrets, certificates, and keys, manage certificates, manage secrets, configure key rotation