AZ-500 Microsoft Azure Security Technologies – Study Guide

Updated February 2021

Azure has a sole security focused exam, AZ-500 Microsoft Azure Security Technologies. Passing this single exam will allow you to earn a Microsoft Certified: Azure Security Engineer Associate certification.

So, if you’re interested and wondering if you should take this exam? Here is what Microsoft have to say:

Candidates for this exam are Microsoft Azure security engineers who implement security controls, maintain the security posture, manages identity and access, and protects data, applications, and networks. Candidates identify and remediate vulnerabilities by using a variety of security tools, implements threat protection, and responds to security incident escalations. As a Microsoft Azure security engineer, candidates often serve as part of a larger team dedicated to cloud-based management and security and may also secure hybrid environments as part of an end-to-end infrastructure.

Candidates for this exam should have strong skills in scripting and automation, a deep understanding of networking, virtualization, and cloud N-tier architecture, and a strong familiarity with cloud capabilities, Microsoft Azure products and services, and other Microsoft products and services.

Below, I’ve put together a collection of links relevant to the sections highlighted as being part of the skills measured for this exam. As always, these are only guide links, sometimes you need to explore a topic much more deeply if you are not familiar with it.

If you spot something, or have a better link for a topic, get in touch! I will update this post as regularly as possible and always appreciate any feedback.

A good place to start is the Azure Security Documentation page. This site includes most of the key concepts and services covered in this exam, as well as several best practice approaches you should consider.

Manage Identity and Access (30-35%)

Manage Azure Active Directory identities
Configure secure access by using Azure AD
Manage application access
Manage access control

Implement Platform Protection (15-20%)

Implement advanced network security
Configure advanced security for compute

Manage Security Operations (25-30%)

Monitor security by using Azure Monitor
Monitor security by using Azure Security Center
Monitor security by using Azure Sentinel
Configure Security Policies

Secure Data and Applications (20-25%)

Configure security for storage
Configure security for databases
Configure and manage Key Vault