Welcome to the Exam Study tips for the AZ-500 exam, Microsoft Azure Security Technologies. This article describes my experience with the exam and gives you tips to prepare yourself well for this exam.
Who is the exam for?
This exam is for those who want to learn more about Security and Identity using Azure Cloud. Whether you’re a developer, a system administrator, or an architect, security is essential everywhere (I know from my personal experience that very few developer questions are asked).
Sensible to know that there is also a security exam specifically for Office 365. That is exam MS-500. So if you (also) want to learn about Microsoft Office 365 security, check out this exam.
If you pass the AZ-500 exam, you may call yourself Microsoft Certified: Azure Security Engineer Associate.
AZ-500 Exam
The exam has recently (Nov. 1, 2022) been wholly updated again and updated with the latest updates in Azure Security. The exam consists of the following topics :
- Manage identity and access (20-25%)
- Implement platform protection (35-40%)
- Manage security operations (15-20%)
- Secure data and applications (30-35%)
Exam Format
The exam includes :
- One or more case studies, each with multiple questions
- Single and multiple-choice questions
- Drag and drop questions
In my experience, you cannot scroll back to previously answered questions during the exam. So make sure you do time management during the exam. You also get points for each correct answer on some questions, even if you get part of it wrong.
You will be given between 40 and 60 questions and must get a minimum score of 700 to pass. You will have 150 minutes to do this.
My Personal Experience
I recently renewed the AZ-500 again. Of course, I respect the NDA and can’t share specific confidential information. But some things I can share:
- RBAC and custom roles
- Azure AD (incl. PIM), AD Connect, ADFS, SSO, MFA, tenant security Consider link(s) between Active Directory and Azure AD, as well as how to secure them and give users single sign-on rights to resources
- Identity Protection
- Azure services related to Security (NSG’s, Policy’s, Key vaults)
- AKS | Kubernetes & Containers
Know which roles (based on least privilege) to configure for which type of work.
Which services can you use in which way for Identity Protection, and which licenses are required.
Know how to secure the most common Azure services. Think about network security, but also how you can enforce security settings with policies or how best to handle confidential data such as passwords and SSL certificates by storing them in an Azure Keyvault, for example.
As with many other Azure exams, expect questions dealing with AKS (Kubernetes), especially regarding security
The above list is not exhaustive but it gives an idea of the types of questions you can expect.
Do I need specific knowledge prior to doing the exam?
The AZ-500 exam is relatively tricky, and even though other exams are not required, Microsoft assumes that you already have the necessary experience with Azure and Security. I noticed that a wide range of topics was covered during the exam, sometimes including things on-premise or Office 365. It is fair to assume that you should have a broad knowledge of issues.
To make optimal use of the time available, I would recommend going through Microsoft’s study guide (see left at the bottom of this article) and going through all the Microsoft Learn exercises as well. Make sure you have plenty of hands-on experience.
My personal tips
- Get plenty of hands-on experience
- Review the topics in the study guide and the exercises on the Microsoft Learn page
- Make sure you know how to configure different things in a lab
- Often your 1st hunch is the best. Try not to switch answers at the last minute
- Make sure you review the main topics of AZ-104 and AZ-900
- With this link, you can get a 50% discount on your exam
Links useful for study and/or reference:
- Microsoft AZ-500 Study Guide
- Pluralsight AZ-500
- Azure Security Center Labs
- John Savill AZ-500 Study Playlist
- WhizLabs
- Microsoft Learn Modules
Related Articles:
Designing and Implementing Microsoft DevOps Solutions AZ-400 – Study Tips
Microsoft Azure Solutions Architect AZ-305 – Study Tips
Microsoft Azure Administrator AZ-104 – Study Tips
Follow our Twitter and Facebook feeds for new releases, updates, insightful posts and more.