You dont have javascript enabled! Please enable it! How I Passed AZ-500 Azure Security Engineer Exam

Passed AZ-500 Exam: Microsoft Certified Azure Security Engineer

14 Min. Read

DISCLOSURE: This post may contain affiliate links, which means that when you click the links and make a purchase, we receive a commission. We appreciate your support!

Updated — 13/05/2024 — The AZ-500 exam study guide below includes Free On-demand Instructor-led video training.

Updated – 03/08/2023 – The exam guide below shows the changes to be implemented starting on August 23, 2023. The study guide has been updated to reflect the new exam objectives added by Microsoft.

Updated – 21/04/2023 – The exam study guide below includes a new Free practice assessment for the AZ-500 certification.

Updated – 26/03/2023 – The exam guide below shows the changes that will be implemented starting on February 2, 2023. The study guide has been updated to reflect the new exam objectives added and removed by Microsoft.

Updated – 25/11/2021 – This study guide has been updated to reflect the new lab questions added by Microsoft. Please check the following hands-on lab section to help you prepare and gain more practical experience.

Updated – 09/02/2021 – The AZ-500 exam guide below shows the changes that will be implemented starting on January 27, 2021. This article has been updated to reflect the new exam objectives added by Microsoft and new study references to help you prepare successfully. Please check the following section where you can download the appendix that covers the new additions per skill measure.

Introduction

Microsoft is keeping evolving its learning programs to help you and your career keep pace with today’s demanding IT environments. At Ignite in September 2018, Microsoft announced new role-based certifications to help you and your career keep pace with today’s business requirements. They are evolving their learning program to better offer what you need to skill up, prove your expertise to employers and peers, and get the recognition—and opportunities—you’ve earned.

After passing the Microsoft Azure Solutions Expert exam, the Azure Developer Associate exam, the Microsoft Azure Administrator certification, and the Microsoft Azure Fundamentals exam. I decided to sit for the Microsoft Azure Security Engineer exam.

I am so happy and grateful that I passed the AZ-500 Microsoft Certified: Azure Security Engineer Associate. I figured that I would share my experience in this post to help you prepare and tackle this exam successfully.

Updated – 09/11/2021 — In this exam, I got around 44 questions, 2 massive case studies, and a lab with 10 practical tasks, and it took only 120 minutes (2 hours). Microsoft started introducing performance-lab questions. The practical lab also wasted valuable seconds because it was slow. As you can see, the exam is getting a bit tough, so you need to prepare well. The questions pretty much match the list of skills measured below.

Updated – 05/05/2024  I got 25 questions without any case study for the renewal assessment.

Renewal assessment results for Microsoft Certified: Azure Security Engineer Associate
Renewal assessment results for Microsoft Certified: Azure Security Engineer Associate

The performance assessment is based on the following topics:

  • Manage identities in Microsoft Entra ID
  • Manage authentication by using Microsoft Entra ID
  • Manage authorization by using Microsoft Entra ID
  • Plan and implement security for virtual networks
  • Plan and implement security for private access to Azure resources
  • Plan and implement security for public access to Azure resources
  • Plan and implement advanced security for compute
  • Plan, implement, and manage governance for security
  • Manage security posture by using Microsoft Defender for Cloud
  • Configure and manage security monitoring and automation solutions

Exam Profile Audience

This exam is for Azure Security Engineers or IT Administrators with a security focus or wanting to focus on security. The security engineer focuses on implementing Azure security controls that protect identity, access, data, applications, and networks in cloud and hybrid environments as part of an end-to-end infrastructure.

An Azure security engineer’s responsibilities include managing the security posture, identifying and remediating vulnerabilities, performing threat modeling, implementing threat protection, and responding to security incident escalations.

Candidates for this exam should have strong skills in scripting and automation, a deep understanding of networking, virtualization, and cloud n-tier architecture, and a strong familiarity with cloud capabilities in general and Microsoft Azure products and services in particular. The Azure Security Engineer should also know other Microsoft products and services.

Please note that the Azure Security Engineer role does NOT focus on helping secure Microsoft 365 and remains separate from the M365 Security and Compliance Administrator role.

Prerequisites study guide

If you are new to the Azure Security Engine role, please check the following references that will help you understand security fundamentals:

> Introduction to Azure security

> Azure security technical capabilities

> Azure identity management security overview

> Azure network security overview

> Fundamentals of Network Security

> Microsoft Azure Well-Architected Framework Security

Skills measured on this exam

This exam measures your ability to accomplish the technical topics listed below based on the latest update from Microsoft. Please note that most questions cover features that are General Availability (GA). However, the exam may contain questions on Preview features if those features are commonly used by users.

Links to relevant reading from the official Microsoft documentation for each skill tested are listed below to help you prepare:

Manage Identity and Access (25-30%)

Manage identities in Azure AD

Manage authentication by using Azure AD

Manage authorization by using Azure AD

Manage application access in Azure AD

Secure Networking (20-25%)

Plan and implement security for virtual networks

Plan and implement security for private access to Azure resources

Plan and implement security for public access to Azure resources

Secure Compute, Storage, and Databases (20-25%)

Plan and implement advanced security for compute

Plan and implement security for storage

Plan and implement security for Azure SQL Database and Azure SQL Managed Instance

Manage Security Operations (25-30%)

Plan, implement and manage governance for security

Manage security posture by using Microsoft Defender for Cloud

Configure and manage threat protection by using Microsoft Defender for Cloud

Configure and manage security monitoring and automation solutions

Lessons Learned and Exam Preparation

Practice, practice, and read… I cannot stress enough that hands-on experience and understanding of all the security concepts will help you to pass this exam. The key to success in passing this exam is to work with Microsoft Azure daily, especially cloud governance and security.

Based on my experience to get the most from this preparation you need the following trial subscriptions or equivalent access:

> An Azure subscription – you can create your free Azure account today and start practicing the latest and greatest security features.

> Microsoft 365 E5 plan.

> Microsoft Defender for Cloud with Defender plan enabled (free for 30 days).

> Microsoft Sentinel.

I usually use Microsoft Azure Security Documentation which is a great resource to dive deep into each topic, and I use Microsoft Learn the new learning approach which is more structured to learn all the topics required for the exam. I highly recommend going through the free learning modules below on Microsoft Learn to prepare for the AZ-500 exam:

You can watch the free Azure Security Expert Series videos provided by Microsoft to get you prepared. Pluralsight also offers a great learning path for the Microsoft Azure Security Engineer preparation, you can check it out here.

You can also go through the following free Azure Security AZ-500 course from Microsoft to get prepared for this exam:

If you have access to a LinkedIn Learning platform, then I highly recommend going through the following fast preparation path in just 6 hours:

I also recommend the comprehensive course on Azure Cloud Security on Udemy to learn how to implement security controls across the board.

Additionally, Skillmeup.com offered a great path for AZ-500 Exam preparation, and Skylinesacademy.com just released the AZ-500 course at a low cost, I highly recommend checking them out.

Books

As of December 10, 2020, Microsoft released the Exam Reference AZ-500 Book – Microsoft Azure Security Technologies (2nd Edition), which you can place the order from here. I highly recommend this book to prepare and pass this exam.

Exam Ref AZ-500 Book 2nd Edition - Microsoft Azure Security Technologies
Exam Ref AZ-500 Book 2nd Edition – Microsoft Azure Security Technologies

As of April 21st, 2022, you can order the updated Exam Ref AZ-500 Microsoft Azure Security Technologies with Practice Test (2nd Edition). I highly recommend this book to prepare and pass the new version of the AZ-500 exam.

On January 27, 2021, Microsoft updated the AZ-500 Exam objectives to add new topics to the existing areas of the exam. This appendix covers the new additions per the skill measure section. You can download the AZ-500 book appendix from here to help you prepare for the latest exam questions.

AZ-500 Exam Training Labs

Recently, Microsoft has added lab questions to the AZ-500 exam. Please make sure to check the following step-by-step hands-on labs that will help you to gain more practical experience and pass this exam:

1) LAB 01 Role-Based Access Control.
2) LAB 02 Azure Policy.
3) LAB 03 Resource Manager Locks.
4) LAB 04 MFA, and Conditional Access.
5) LAB 05 Azure AD Privileged Identity Management.

6) LAB 06 Implement Directory Synchronization.
7) LAB 07 Network Security Groups and Application Security Groups.
8) LAB 08 Azure Firewall.
9) LAB 09 Configuring and Securing ACR and AKS.
10) LAB 10 Key Vault (Implementing Secure Data by setting up Always Encrypted).

11) LAB 11 Securing Azure SQL Database.
12) LAB 12 Service Endpoints and Securing Storage.
13) LAB 13 Azure Monitor.
14) LAB 14 Microsoft Defender for Cloud.
15) LAB 15 Microsoft Sentinel.

AZ-500 Free Practice Assessment

Are you preparing for the AZ-500 certification exam? Microsoft just announced Practice Assessments on Microsoft Learn, the newest free exam preparation resource that allows you to assess your knowledge and fill knowledge gaps so that you are better prepared the take the AZ-500 certification exam.

The following assessment provides you with an overview of the style, wording, and difficulty of the questions you’re likely to experience on the exam. Through this assessment, you’re able to assess your readiness, determine where additional preparation is needed, and fill knowledge gaps bringing you one step closer to the likelihood of passing your AZ-500 exam.

> Take now the Exam AZ-500: Microsoft Azure Security Technologies Practice Assessment (50 questions).

Prepare for your certification exam by assessing your knowledge through Practice Assessments, which are free and can be attempted multiple times. These assessments are created and regularly updated by the same team that develops the official certification exams.

You can access practice assessments on Microsoft Learn by signing in or creating an account. The score report for each question includes the answer, rationale, and links to additional information.

AZ-500 Free Instructor-led Video Training

Microsoft Learning recently published a FREE special 17-module on-demand video training course, “AZ-500 Azure Security Technologies.” Instructors were video-recorded for all modules.

This course is designed to equip IT Security Professionals with the necessary knowledge and skills to implement effective security controls, maintain an organization’s security posture, and identify and remediate security vulnerabilities. It covers various aspects of security, including identity and access, platform protection, data and applications, and security operations.

All video-recorded modules for “AZ-500 Azure Security Technologies” are available below:

Additionally, you may find written versions of this course located at Microsoft Learn: Microsoft Azure Security Technologies. This course is designed for Azure Security Engineers who are preparing to take the associated certification exam or performing security tasks as part of their job responsibilities. The course is also helpful for engineers who want to specialize in providing security for digital platforms based on Azure and play a crucial role in safeguarding an organization’s data. If you prefer to prepare for the AZ-500 exam with Microsoft MCT instructor-led training, a written, non-video recorded version of this course, you can contact me here.

AZ-500 Certification

By passing the AZ-500 Microsoft Azure Security Technologies, you will earn the Microsoft Azure Security Engineer Associate certificate.

Azure Security Engineer Associate certificate
Azure Security Engineer Associate certificate

If you are planning to take the AZ-500 exam… I wish you all the best and Happy Studying!!!

__
Thank you for reading my blog.

If you have any questions or feedback, please leave a comment.

-Charbel Nemnom-

Photo of author
About the Author:
Charbel Nemnom
Charbel Nemnom is a Senior Cloud Architect with 21+ years of IT experience. As a Swiss Certified Information Security Manager (ISM), CCSP, CISM, Microsoft MVP, and MCT, he excels in optimizing mission-critical enterprise systems. His extensive practical knowledge spans complex system design, network architecture, business continuity, and cloud security, establishing him as an authoritative and trustworthy expert in the field. Charbel frequently writes about Cloud, Cybersecurity, and IT Certifications.
Previous

How To Reset Network Adapter Advanced Properties With PowerShell

How to Copy Files From One Azure Storage Account to Another

Next

6 thoughts on “Passed AZ-500 Exam: Microsoft Certified Azure Security Engineer”

Leave a comment...

  1. I didn’t know that you get lab practical tests as well.
    Do they still come now?
    How do I prepare for those, are they tough?

  2. Hello Nikita, thanks for the comment!
    Yes, Microsoft started to add lab practical questions in the AZ-500 exam.
    I have updated the study guide to include Training Labs.
    Please make sure to check the following hands-on lab section that will help you prepare and gain more practical experience.
    Good Luck!

  3. Hello Mark, thanks for the comment!
    There are 10 practical questions in the AZ-500 exam. But please note that this might change.
    Good luck!

  4. Hey, Do I need a Azure subscription or shall I be able to practice labs in my free subscription on a student account.

  5. Hello Batuk, thanks for the comment!
    No, you should be able to practice the labs in your free student account subscription.
    Good Luck!

Let us know what you think, or ask a question...