Tag: Security

AZ-500 Microsoft Azure Security Technologies Engineer Exam Study Guide

AZ-500 Study Guide: Microsoft Azure Security Technologies 2020

The content of the AZ-500 Microsoft Azure Security Technologies exam was just updated in May 2020. That is why I want to share my new updated AZ-500: Microsoft Azure Security Technologies Certification Exam Study Guide for 2020 with you.  If you are passing the AZ-500 exam, you will earn the Microsoft Certified: Azure Security Engineer Associate certification, that you understand how to implement security controls and threat protection; manage identity and access; and protect data, applications, and networks in cloud and hybrid environments as part of end-to-end infrastructure.

To learn and prepare for the exam, I usually use a couple of online resources, mainly Microsoft Docs and Microsoft Learn, which I am going to share with you. You can find more information about how I prepare for a Microsoft Certification exam on my blog post: How to prepare and pass Microsoft Certification Exam.

Also, check out other Microsoft Azure Certification Exam Study Guides:

Here is my AZ-500 Microsoft Azure Security Technologies

It is essential to get familiar with the exam objectives and skills measured first. That is why I recommend reading the description of the exam and the skills measured.

Exam AZ-500: Microsoft Azure Security Technologies

Candidates for this exam are Microsoft Azure security engineers who implement security controls, maintain the security posture, manage identity and access, and protect data, applications, and networks. Candidates identify and remediate vulnerabilities by using a variety of security tools, implement threat protection, and respond to security incident escalations. As a Microsoft Azure security engineer, candidates often serve as part of a larger team dedicated to cloud-based management and security and may also secure hybrid environments as part of an end-to-end infrastructure.

Candidates for this exam should have strong skills in scripting and automation; a deep understanding of networking, virtualization, and cloud N-tier architecture; and a strong familiarity with cloud capabilities, Microsoft Azure products and services, and other Microsoft products and services.

The high-level view of the skills measured in the exam:

  • Manage identity and access (20-25%)
  • Implement platform protection (35-40%)
  • Manage security operations (15-20%)
  • Secure data and applications (30-35%)

You can find more information on the exam website.

Free Online Microsoft Learn AZ-500 Exam Study Guide resources

Microsoft Learn provides you with free online training and learning paths for different Microsoft technologies. They not just offer reading material, but also control questions and free online labs. Here are some relevant Microsoft Learn modules and learning paths for the AZ-500 Microsoft Azure Security Technologies Certification Exam. Microsoft Learn is an important part of my AZ-500 exam study guide.

Microsoft Docs AZ-500 study guide resources

One thing I always used to prepare for my Microsoft exams is Microsoft Docs. Here are the relevant Microsoft Docs which I used to prepare and study for the AZ-500 exam.



Secure your Server with Azure Security Center

Use Azure Security Center with Windows Server on-premises

Windows Admin Center makes it easy to connect Azure Hybrid Cloud services to your on-premises Windows Server environment. For a while now we can connect services like Azure Monitor, Azure File Sync, Azure Update Management and many more to Windows Server. This helps us to make our on-premises environment even better, by using Azure Cloud Services. At Microsoft Ignite we also announced Azure Arc, which brings cloud-native management to your on-premises environment. With the latest version of the Windows Admin Center, we can now easily connect Windows Servers to Azure Security Center. Azure Security Center will help you to quickly strengthen your security posture and protect against threats. It will not just scan your Azure resources but also your hybrid resources, for example, servers running on-premises or at other cloud providers. You can add Linux and Windows servers to Azure Security Center, and Windows Admin Center makes it easy to onboard your Windows Server.

Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on premises.

Keeping your resources safe is a joint effort between your cloud provider, Azure, and you, the customer. You have to make sure your workloads are secure as you move to the cloud, and at the same time, when you move to IaaS (infrastructure as a service) there is more customer responsibility than there was in PaaS (platform as a service), and SaaS (software as a service). Azure Security Center provides you the tools needed to harden your network, secure your services and make sure you’re on top of your security posture.

You can find more about Azure Security Center here.

Add an on-premises Windows Server to Azure Security Center

To add an on-premises Windows Server to Azure Security Center you can install an agent or you can use Windows Admin Center.

Secure your Server with Azure Security Center

Secure your Server with Azure Security Center

Open Windows Admin Center and click on Azure Security Center in the menu. Click on Sign into Azure and set up. This will open the wizard to onboard the server.

Onboard Server to Azure Security Center with Windows Admin Center

Onboard Server to Azure Security Center with Windows Admin Center

The wizard will ask you to with Azure subscription, resource group and log analytics workspace the server should be connected to. After a couple of minutes, you will get recommendations which you can review in the Azure Security Center or directly for the Windows Server in Windows Admin Center.

Azure Security Center Recommendations

Azure Security Center Recommendations

Get Windows Admin Center

Windows Admin Center is a free download to use with your Windows Servers, you can download Windows Admin Center here. If you want to know more about the Hybrid capabilities, check out my blog post on ITOpsTalk.com. If you want to know more about Azure Hybrid Cloud, check out azure.com/hybrid.

I hope this gives you an overview of how you add Windows Servers to Azure Security Center using Windows Admin Center. Let me know if you have any questions in the comments.



Altaro Azure Security Center Webinar

Free Webinar: Azure Security Center: How to Protect Your Datacenter with Next Generation Security

I am happy to announce that I will be speaking in a free webinar together with Microsoft MVP Andy Syrewicze about Azure Security Center. The Altaro webinar called Azure Security Center: How to Protect Your Datacenter with Next Generation Security will be focusing on Azure Security Center, and how you can protect your Cloud and Datacenter Infrastructure. The webinar will be free and it will be held twice on Tuesday, July 30th, 2019. You can save your seat by filling out the form here.

Webinar presented live twice:

  • Session 1: 2pm CEST – 8am EDT – 5am PDT
  • Session 2: 7pm CEST – 1pm EDT – 10am PDT

Free Webinar

Azure Security Center: How to Protect Your Datacenter with Next Generation Security

Azure Security Center: How to Protect Your Datacenter with Next Generation Security

Security has always been a fundamental concern of IT admins and now more than ever, in the age of the cloud datacenter, you need to ensure your workload security is ahead of the curve.

Join Thomas Maurer from the Microsoft Azure Team, alongside Microsoft MVP Andy Syrewicze, for a value-packed webinar that will show you how to batten down the hatches, even when your workloads are hosted in the public cloud! You’ll learn:

  • Azure Security Center Introductions
  • Deployment and first steps
  • Best Practices
  • Integration with other tools
  • And more!

With the industry’s transition to the cloud, we’ve seen a number of workloads migrate to service provider datacenters and public clouds like Azure. While many IT Pros are comfortable in dealing with core services in this manner, many find themselves at a loss when it comes to securing these next generation deployments. Pair that with an overly eager bad-actor community, and you have a recipe for disaster. However, new tools are designed to enhance existing security paradigms and help you sleep at night, such as Azure Security Center. Are you concerned about the strength of your Azure workload security? Struggling with where to start? We’ve got the webinar for you!

Taking advantage of the latest in security tools will ensure your organization stays one step ahead of the bad guys, and we’re here to help you get started!

See you there!

As mentioned, we will give you an overview of how Azure Security Center and strengthen your security posture and protect against threats with Azure Security Center. I will also show you features like Azure Just-in-Time VM access and many others.

I hope that you join the webinar and if you have any questions, let me know in the comments.



AZ-500 Microsoft Certified Azure Security Engineer Associate

Passed Exam AZ-500 Microsoft Certified Azure Security Engineer Associate

The new Azure Security exam just came out of beta, and I took some time to learn and see if I would pass it. I am happy that I just passed exam AZ-500: Microsoft Azure Security Technologies, which focuses on Microsoft Azure security engineers who implement security controls, maintain the security posture, manages identity and access and protects data, applications, and networks. After passing this exam, you can call yourself a Microsoft Certified: Azure Security Engineer Associate. Azure Security Engineers implement security controls and threat protection, manage identity and access, and protect data, applications, and networks in cloud and hybrid environments as part of the end-to-end infrastructure. That means this exam covers different topics across the Azure infrastructure and many various Azure services like Azure AD, Azure IaaS, Azure Networking, Azure Kubernetes Service (AKS), Databases, Azure Monitor, Azure Security Center and many more.

If you are thinking of taking this exam, check out my AZ-500: Microsoft Azure Security Technologies Exam Study Guide.

Exam AZ-500: Microsoft Azure Security Technologies

Candidates identify and remediate vulnerabilities by using a variety of security tools, implements threat protection, and responds to security incident escalations. As a Microsoft Azure security engineer, candidates often serve as part of a larger team dedicated to cloud-based management and security and may also secure hybrid environments as part of an end-to-end infrastructure.

Candidates for this exam should have strong skills in scripting and automation, a deep understanding of networking, virtualization, and cloud N-tier architecture, and a strong familiarity with cloud capabilities, Microsoft Azure products and services, and other Microsoft products and services.

You can find more detailed information on the Microsoft exam website. There you will find all the skills measured in this exam.

How to prepare for the AZ-500 exam

Microsoft Learn

Microsoft Learn

Exams always have a specific focus; this one covers a broad set of Azure security topics over different Azure services. This means you not only need to have particular security know-how, but also a good overview of the various Azure services. If you don’t have that right now, I recommend that you might start with other exams, such as AZ-900 and AZ-10X for the Microsoft Certified: Azure Administrator Associate. But if you want to go forward with the AZ-500 exam and become a Microsoft Certified: Azure Security Engineer Associate, first have a look at the more detailed information on the Microsoft exam website. Start reading through the Microsoft Docs about the different security topics mentioned in the skills measured, and also get some hands-on experience by trining out the various technologies. My favorite place to learn and understand some tutorials about different topics is Microsoft Learn! On Microsoft learn, you can use a lot of different learning modules, and some of them are focused on Azure Security. If you want to know more about Microsoft learn, check out my blog post: Microsoft Learn – A Great Place To Learn!

At Microsoft Ignite The Tour, our team also presented a session on securing your Azure environment, my session in Amsterdam was recorded, you can watch it here: Microsoft Ignite The Tour 2019 Azure Hybrid Session Recordings.

Are you also interested in becoming Microsoft Azure Certified? Check out my blog posts about why you should become Microsoft Azure Certified, how to pick the right Azure exam certification path and how to prepare and pass a Microsoft Azure certification exam. With that, I wish you happy learning and good luck with the AZ-500 Microsoft Azure Security Technologies exam!



Windows Server 2019 ATP

Windows Server 2019 Windows Defender Advanced Threat Protection

Windows Server 2019 comes with a lot of new feature. One of the large investment Microsoft is making in this Windows Server release, is in security. And one of my favorite new security features in Windows Server 2019 is the support for Windows Defender Advanced Thread Protection. Windows Defender Advanced Threat Protection (ATP) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. It was available for Windows 10 devices for awhile, and now it is available for Windows Server 2019 and other version of Windows Server.

What is Windows Defender Advanced Threat Protection

Windows Defender ATP

Windows Defender Advanced Threat Protection brings some great security features to your platform.

  • Agentless, cloud-powered – No additional deployment or infrastructure. No delays or update compatibility issues. Always up to date.
  • Unparalleled optics – Built into Windows and Windows Server for deeper insights. Exchanges signals with the Microsoft Intelligent Security Graph.
  • Automated security – Take your security to a new level, by going from alert to remediation in minutes – at scale.

Onboard Windows Server 2019 to Windows Defender Advanced Thread Protection

Windows Defender Advanced Thread Protection Onboarding

If you’re already using Windows Defender Advanced Threat Protection (ATP), preview these features by simply installing the latest preview build of Windows Server, and onboard it to Windows Defender ATP.

Otherwise, sign up for the Windows Defender ATP trial on Windows Defender Advanced Threat Protection.

Quick Look at Windows Defender ATP for Windows Server 2019

Windows Server 2019 ATP

Using Windows Defender ATP is pretty simple. It is also very simple with Windows Server 2019. After you have onboarded your Windows Server you can already see alerts and recommendations in your dashboard.

Windows Server ATP

To have some active alerts, you can create a test alert. This is also recommended to do after you have onboarded your machine. With that you can see if the connection is working.

Windows Server 2019 ATP Machine Page

You can find alters, events and actions in the machine page in the Windows Defender Security Center.

I hope this just gives you a short overview about Windows Defender ATP for Windows Server 2019. If you have any questions just leave a comment.



Windows Server 2019

Windows Server 2019 – What is coming Next

A while ago Microsoft announced the next key versions Windows Server 2019 and System Center 2019. And a couple of weeks ago, at the Windows Server Summit, Microsoft was taking more about what is new in Windows Server 2019. Microsoft also talked a lot about the positioning of Windows Server and what we can expect in the future. With the news finally released to the public, I can start talking and blogging about the new features and investments. I decided to create a series of blogs, to show the world the great new features. This blog post here, should give you a high level overview about how Microsoft is investing in Windows Server 2019.

Windows Server – The Power behind the Intelligent Cloud and the Intelligent Edge

Intelligent Cloud and Intelligent Edge

Windows Server is not only powering the Intelligent Edge where you have a great Software-Defined Datacenter plaform running Hyper-V or Stroage Spaces Direct, or as application platform. It is also powering the Microsoft Azure Intelligent Cloud. Windows Server is running the foundation of the platform of Azure and also many many services running in Microsoft Azure and Microsoft Azure Stack. If the innovation happening in the Microsoft Public Cloud, we as customers also benefit from that.

Windows Server – Hybrid Cloud in the DNA

Windows Server Hybrid Cloud

Windows Server is a great platform and it runs where ever you are. If you run on-premises in your Software-Defined Datacenter running in on physical hardware or in virtual machines or on Azure Stack, Windows Server is your platform. If you are running in the Public Cloud, Windows Server is not only the platform powering Azure. Windows Server is also a great platform for you to run application in Microsoft Azure or other cloud services providers.

Azure Hybrid Benefit for Windows Server

Azure Hybrid Benefit for Windows Server Reserved Instances

The Azure Hybrid Benefit for Windows Server is also a great option to run Windows Server workloads in the cloud. It allows customer to leverage the licensing they already have. This can bring down cost by a huge factor, and this together with Azure Reserved VM Instances up to 82%.

Windows Server 2019 – Innovation and Investments

Windows Server 2019 Investments

If we have a look at the investments done in Windows Server 2019, we can see that we can categorize them in 4 categories.

  • Hybrid Datacenter Platform
  • Security
  • Application Innovation
  • Hyper-Converged Infrastructure

Unique hybrid datacenter platform

Windows Server 2019 brings new functionality and features to extend your datacenter to Azure to maximize existing investments and gain new hybrid capabilities. To achieve this Microsoft brings improvements to Windows Server 2019 like built-in Azure Active Directory integration, Azure Backup, Azure Site Recovery, Storage Migration Services and many more.

Enhanced security capabilities

One of the key factors in today’s IT landscape is security. Microsoft started the journey by bringing enhanced security features to Windows Server 2016. With Windows Server 2019 Microsoft improves these security features of their server operating system. Microsoft adds new capabilities like Shield Virtual Machines for Linux, Exploit Guard, Encrypted Virtual Networks and under a lot of others. My favorite, the integration of Windows Defender Advanced Thread Protection or Windows Defender ATP.

Faster innovation for applications

With the Semi-Annual Channel releases of Windows Server, Microsoft already released some great investments to enable developers and IT pros. These allow them to create cloud native apps or modernize their traditional apps using containers and micro-services. In Windows Server 2019, Microsoft goes one step further and releases the SAC Improvement s like Linux Containers on Windows Server and the Windows Subsystem for Linux on Windows Server to the LTSC release. Microsoft also invest heavily to improve the container experience on Windows Server, by optimizing the container images for Server Core and Nano Server, a new Windows Container Image and better integration into orchestrators like Kubernetes and Service Fabric.

Unprecedented Hyper-converged Infrastructure

Microsoft is also improving your software-defined datacenter experience to achieve greater efficiency and security. With Windows Admin Center, Microsoft introduced a new web-based management UI which will be a perfect solution to manage your Windows Server 2019 servers. However, Microsoft is also investing in more hardware support like Storage Class Memory support. But also, on adding scale, resilience and performance improvements to your Storage Spaces Direct deployments. This includes improvements like Cluster Sets, improved performance for Mirror-accelerated parity volumes and much more.

In the next couple of days and weeks I will release some blog posts. These will covering the new features and improvements in Windows Server 2019 with a little more technical depth. And I am sure we will even have more to share after Microsoft Ignite. So ,stay tuned and follow my blog :)



Windows Server Banner

Microsoft Windows Server Summit – Online Summit

On Tuesday, June 26, 2018 Microsoft will held the Windows Server Summit Online, a virtual experience to learn tips and tricks for modernizing your infrastructure and applications—regardless of whether you’re running it on-premises or in the cloud. And you can bet you will also get some new information on Windows Server 2019.

Learn how to build the future with Windows Server

Microsoft will talk about the roadmap for Windows Server, and let you discover new skills and best practices, and get your questions answered in conversations with the Microsoft experts behind our products.

This online summit will focus on 4 key areas of Windows Server:

  • Hybrid – Learn how Windows Server helps you integrate Azure services into your on-premises environment and how to better run Windows Server in Azure.
  • Security – Better security starts with the Operating System. Learn how Windows Server helps you elevate your company’s security posture.
  • Hyper-converged infrastructure (HCI) – Windows Server 2016 introduced new HCI capabilities that are game-changers. Now, check what’s new around HCI for Windows Server 2019.
  • Application platform – Containers are changing the way developers and operations teams run applications. Learn how Windows Server helps you modernize yours.

So if you want to know more, join the Microsoft online event!