I have recently passed the AZ-500 exam and got my Microsoft Certified: Azure Security Engineer badge. It was a great learning experience. In this article I’ll share my personal experience that may help you pass the exam.
The AZ-500 exam tests candidates on below four different subject areas on a high level:
- Manage identity and access (30-35%
- Implement platform protection (15-20%)
- Manage security operations (25-30%)
- Secure data and applications (20-25%)
More details on can be found on the exam page here on Microsoft Docs website. It is important that one understands the above topics and section that are in the skills measured/ skills outline document. MS Docs website has an Online - Free learning path as well, which is really handy.
While it is important to study and understand all the above topics, from the exam point of view, the hands experience with last two subject areas is very important because these two areas seem to have more topics that would require one to work in portal or CLI/Powershell.
Also, below topics in my opinion are most essential and must know for any one attempting the exam (Please not these are from the Skill measured document):
- Azure AAD - Identity and Access management using PIM, MFA, Access Reviews, service principals, app registrations and RBAC, User groups. - In general get a good understanding and hands on different options with Azure AAD. Spend lot of time configuring user / app permissions etc.
- Azure Security Center - Security Posture, Azure Monitor & KQL, JIT Access, Policies, Governance, Blue Prints and Azure Sentinel. It is important to understand all security aspects from operations point of view.
- Network and VM Security: Configuring VPNs, NSG, ASGs, Azure Firewall, WAF, Azure Key Vault, Service End Points, Resource Locks.
- Data and Application Security: Configure security for Azure Store (blobs, table, etc), CosmosDB, SAS tokens, Azure Defender for SQL, Encryption Data at rest, Azure Key Vault, RBAC, Storage key rotation.
Tips for the exam:
- Practice Practice Practice. While it us important to study for the exam, its more important that one spends time doing things in the portal and using CLI.
- Use practice exams and get good at various question types, especially those with case studies and tabular data (Because they tend to take more time to answer - Analysis).
- Create a plan and book the exam in advance and study as per the plan, booking in advance will serve as a goal.
- Use self assessment to find areas of focus and work on those areas (see link below).
Resources:
- Microsoft Learn Learning Path
- Azure Security AZ-500 Certification Training Course on cloudskill.io.
- AZ-500 Exam Cram on youtube by Dwayne Natwick.
- Whizlabs practice Exams
- Measureup practice test.
- Free self assessment from Build5Nines