Skip to main content

Designing for Identity and Security

Enroll in AZ-301.1

Welcome to Designing for Identity and Security


Welcome to Designing for Identity and Security (AZ-301t1). This course is part of a series of four courses to help students prepare for Microsoft’s Azure Solutions Architect technical certification exam AZ-301: Microsoft Azure Architect Design. These courses are designed for IT professionals and developers with experience and knowledge across various aspects of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data management, budgeting, and governance.

This course contains the following two modules:

Module 1 - Managing Security & Identity for Azure Solutions

This module discusses both security and identity within the context of Azure. For security, this module reviews the various options for monitoring security, the options available for securing data and the options for securing application secrets. For identity, this module focuses specifically on Azure Active Directory (Azure AD) and the various features available such as Multi-Factor Authentication (MFA), Managed Service Identity, Azure AD Connect, ADFS and Azure AD B2B/B2C.

The module includes the hands-on lab entitled Securing Secrets in Azure.

After completing this module, students will be able to:

• Integrate their existing solutions with external identity providers using Azure AD B2B or B2C.

• Design a hybrid identity solution.

• Determine when to use advanced features of Azure AD such as Managed Service Identity, MFA and Privileged Identity Management.

• Secure application secrets using Key Vault.

• Secure application data using SQL Database and Azure Storage features.

Module 2 - Integrating SaaS Services Available on the Azure Platform

This module introduces multiple SaaS services available in Azure that are available for integration into existing Azure solutions. These services include Cognitive Services, Bot Service, Machine Learning and Media Services.

The module includes the hands-on lab entitled Deploying Service Instances as Components of Overall Azure Solutions.

After completing this module, students will be able to:

• Detail the various APIs available in Cognitive Services.

• Identify when to use the Face API, Speech API or Language Understanding (LUIS) service.

• Describe the relationship to Bot Framework and Azure Bot Services.

• Create a simple bot using QnA Maker.

• Describe Azure Machine Learning.

• Describe Azure Media Services.

• Discuss Media Services workflows including live streaming, dynamic packaging and static conversion.

• Detail uses of the Computer Vision API.

 Prerequisites

This course requires that students have the following knowledge and skills:

• Create resources and resource group in Azure.

 • Manage users, groups, and subscriptions in an Azure Active Directory instance.

 • Build an Azure Virtual Machine with related resources.

 • Manage containers and blobs stored in an Azure Storage account.

 • Create App Service Plans and manage apps related to the plan.

 • Configure an Azure Virtual Network and enable S2S and P2S connectivity.

 • Protect networked application components using Network Security Groups.

 • Automate everyday Azure resource tasks using Azure CLI or Azure PowerShell.

 • Deploy an Azure SQL, MySQL, Postgres or Cosmos database instance.

 • Monitor existing Azure solutions using built-in metrics, Application Insights, or Operational Insights.

  1. Course Number

    AZ-301.1

  2. Classes Start

  3. Classes End

  4. Estimated Effort

    30-35 hours total
Enroll