AZ-400: Develop a security and compliance plan

Beginner
DevOps Engineer
Administrator
Developer
Solution Architect
Security Engineer
Azure
Azure Active Directory
Key Vault
API Management
Monitor

Build strategies around security and compliance that enable you to authenticate and authorize your users, handle sensitive information, and enforce proper governance.

Take this learning path to help prepare for Exam AZ-400: Designing and Implementing Microsoft DevOps Solutions.

Prerequisites

None

Modules in this learning path

Secure internal resources, external resources, SaaS applications, and more by using Azure Active Directory. Learn about the features and capabilities of Azure AD.

Create users in Azure Active Directory. Understand different types of groups. Create a group and add members. Manage business-to-business guest accounts.

Securely authenticate applications to Azure to manage and access Azure services. Service principals and managed identities for Azure resources give your app an Azure Active Directory identity.

Storing and handling secrets, encryption keys, and certificates directly is risky, and every usage introduces the possibility of unintentional data exposure. Azure Key Vault provides a secure storage area for managing all your app secrets so you can properly encrypt your data in transit or while it's being stored.

Discover how to protect your APIs from unauthorized use with API keys and client certificate authentication.

Learn how Azure can help you protect the workloads that you run both in the cloud and in your on-premises datacenter.

Keep tabs on security events in your Azure AD resources by using built-in reporting and monitoring capabilities. Respond to events as they happen, and address security risks before they become a problem.

Learn best practices for building, hosting, and maintaining a secure repository on GitHub.

Learn how access policies, resource locks, and tags, as well as Azure services such as Azure Policy and Azure Blueprints, can help you build a comprehensive cloud governance strategy.

Incidents will happen—there’s no doubt about that. The key question is whether you will treat them as a learning opportunity to make your operations practice better or just as a loss of time, money, and reputation. Learn the practice and the Azure tools that can help level up your operations practice by learning from failure.

Everyone has incidents, but the top performing organizations know how to respond to them effectively. Learn the fundamentals of efficient incident response and the Azure tools that make them possible.