This exam will be updated July 29, 2020. Following the current exam guide, we have
included the new guide that will take effect July 29, 2020 as well as the marked-up guide
along with a comparison table in the final portion of this document.
Audience Profile
Candidates for this exam should have subject matter expertise implementing security controls
and threat protection, managing identity and access, and protecting data, applications, and
networks in cloud and hybrid environments as part of an end-to-end infrastructure.
Responsibilities for an Azure Security Engineer include maintaining the security posture,
identifying and remediating vulnerabilities by using a variety of security tools, implementing
threat protection, and responding to security incident escalations.
Azure Security Engineers often serve as part of a larger team dedicated to cloud-based
management and security or hybrid environments as part of an end-to-end infrastructure.
A candidate for this exam should be familiar with scripting and automation, should have a deep
understanding of networking and virtualization. A candidate should also have a strong
familiarity with cloud capabilities, Azure products and services, and other Microsoft products
and services.
Skills Measured
NOTE: The bullets that appear below each of the skills measured are intended to illustrate how
we are assessing that skill. This list is not definitive or exhaustive.
NOTE: In most cases, exams do NOT cover preview features, and some features will only be
added to an exam when they are GA (General Availability).
Manage identity and access (20-25%)
Configure Azure Active Directory for workloads
create App Registration
configure App Registration permission scopes
manage App Registration permission consent
configure Multi-Factor Authentication settings
manage Azure AD directory groups
manage Azure AD users
install and configure Azure AD Connect
configure authentication methods
implement Conditional Access policies
configure Azure AD identity protection
Configure Azure AD Privileged Identity Management
monitor privileged access
configure Access Reviews
activate Privileged Identity Management
Configure Azure tenant security
transfer Azure subscriptions between Azure AD tenants
manage API access to Azure subscriptions and resources
Implement platform protection (35-40%)
Implement network security
configure virtual network connectivity
configure Network Security Groups (NSGs)
create and configure Azure Firewall
create and configure Azure Front Door service
create and configure application security groups
configure remote access management
configure baseline
configure resource firewall
Implement host security
configure endpoint security within the VM
configure VM security
harden VMs in Azure
configure system updates for VMs in Azure
configure baseline
Configure container security
configure network
configure authentication
configure container isolation
configure AKS security
configure container registry
implement vulnerability management
Category | exam bundles |
Comments | 0 |
Rating | |
Sales | 0 |