After doing AZ-104, I started AZ-500. I was able to pass in my first attempt. I’m sharing with you all my preparation journey in this blog.
Candidates for this exam should have subject matter expertise implementing security controls and threat protection, managing identity and access, and protecting data, applications, and networks. Responsibilities for an Azure Security Engineer include maintaining the security posture, identifying and remediating vulnerabilities by using a variety of security tools, implementing threat protection, and responding to security incident escalations.
Azure Security Engineers often serve as part of a larger team dedicated to cloud-based management and security and may also secure hybrid environments as part of an end-to-end infrastructure.
If your job role is to manage security for Azure, then you can take the AZ-500: Microsoft Azure Security Technologies which makes you a certified Azure Security Engineer Associate.
However, the AZ-500 exam is not equivalent to expert-level certification in Azure. There is no pre-requisite for taking AZ-500 but in my opinion, take AZ-900 at a bare minimum. It will prepare you with what format of questions you can expect.
I got around 50 Exam questions in total: 1 case study and the rest were MCQ questions. I did not get any labs.
What does AZ-500 expects from you?
AZ-500 Azure Security Engineer Exam expects you to know how to implement security controls, maintain the security posture, manages identity and access, and protects data, applications, and networks. If you do not want to spend too much money on this cert, checkout the following free content that really helped me understand the concepts as opposed to only reading.
Resources for AZ-500 Certification Exam
- Microsoft official link
- Free Pluralsight – You can register and start for free.
- I got a free offer for LinkedIn learning but IMO, it isn’t as effective as Pluralsight. You can create another account if you don’t want to pay.
- Good old Youtube videos from John Savill.
- Check out Practice Exams here.
Practice Exams on AZ-500 from ReviewNPrep for just $7. Click here.
Important Pointers for AZ-500 Certification Exam
1. Manage your time well. If you do not know the answer, move on. There are some questions that you cannot revisit again. These are the ones where you have to suggest an implementation technique.
2. I used the process of elimination for the ones I wasn’t sure of. In essence, remove the options you know for sure are wrong and then go with your gut feeling on the remaining left options.
3. You don’t have to go through all of the links provided in this study guide but highly recommended if you want to prepare to be a better security engineer.
4. There is nothing that beats hands on. So, get your hands dirty in Azure portal.
5. Few areas from which I got questions were NSG’s, Tags, conditional Policies, PIM, Azure monitor, alerts, resource locks, AD groups, MFA, Azure Bastion, SAS, KeyVault. There were a number of questions that required understanding of policies, lifecycles, access control, and more relating to Key Vault.
6. Many questions do not test you on one thing alone. It’s almost a combination of few services taken together. Example Azure Storage with RBAC.
NOTE: On January 27, 2021 this exam will be updated. Additional topic introduced are implement Azure Firewall Manager and how to configure Azure Defender for SQL, Storage and Key Vault.
You may find the below links all over the internet, but this is my guide reading from MS documentation and hunting for links from other blogs and websites. I started with this in parallel with the official Microsoft training mentioned above.
Manage Identity and Access (30-35%)
Manage Azure Active Directory identities
- configure security for service principals
- manage Azure AD directory groups
- manage Azure AD users
- configure password writeback
- configure authentication methods including password hash and Pass Through Authentication (PTA), OAuth, and passwordless
- transfer Azure subscriptions between Azure AD tenants
Configure secure access by using Azure AD
- monitor privileged access for Azure AD Privileged Identity Management (PIM)
- configure Access Reviews
- activate and configure PIM
- implement Conditional Access policies including Multi-Factor Authentication (MFA)
- Conditional Access
- Configure Azure Multi-Factor Authentication settings
- Manage user settings for Azure Multi-Factor Authentication
- Change your two-factor verification method and settings
- configure Azure AD identity protection
Manage application access
- create App Registration
- configure App Registration permission scopes
- manage App Registration permission consent
- manage API access to Azure subscriptions and resources
Manage access control
- configure subscription and resource permissions
- configure resource group permissions
- configure custom RBAC roles
- identify the appropriate role
- apply principle of least privilege
- interpret permissions
- check access
Implement Platform Protection (15-20%)
Implement advanced network security
- secure the connectivity of virtual networks (VPN authentication, Express Route encryption)
- configure Network Security Groups (NSGs) and Application Security Groups (ASGs)
- create and configure Azure Firewall
- implement Azure Firewall Manager
- create and configure Azure Front Door service as an Application Gateway
- configure a Web Application Firewall (WAF) on Azure Application Gateway
- configure Azure Bastion
- configure a firewall on a storage account, Azure SQL, KeyVault, or App Service
- implement Service Endpoints
- implement DDoS protection
Configure advanced security for compute
- configure endpoint protection
- configure and monitor system updates for VMs
- configure authentication for Azure Container Registry
- configure security for different types of containers
- implement vulnerability management
- configure isolation for AKS
- configure security for container registry
- implement Azure Disk Encryption
- configure authentication and security for Azure App Service
- configure SSL/TLS certs
- configure authentication for Azure Kubernetes Service
- configure automatic updates
Manage Security Operations (25-30%)
Monitor security by using Azure Monitor
- create and customize alerts
- monitor security logs by using Azure Monitor
- configure diagnostic logging and log retention
Monitor security by using Azure Security Center
- evaluate vulnerability scans from Azure Security Center
- configure Just in Time VM access by using Azure Security Center
- configure centralized policy management by using Azure Security Center
- configure compliance policies and evaluate for compliance by using Azure Security Center
Monitor security by using Azure Sentinel
- create and customize alerts
- configure data sources to Azure Sentinel
- evaluate results from Azure Sentinel
- configure workflow automation by using Azure Sentinel
Configure security policies
- configure security settings by using Azure Policy
- configure security settings by using Azure Blueprint
- configure a playbook by using Azure Sentinel
Secure Data and Applications (20-25%)
Configure security for storage
- configure access control for storage accounts
- configure key management for storage accounts
- configure Azure AD authentication for Azure Storage
- configure Azure AD Domain Services authentication for Azure Files
- create and manage Shared Access Signatures (SAS)
- create a shared access policy for a blob or blob container
- implement Storage Service Encryption
- configure Azure Defender for Storage
Configure security for databases
- enable database authentication
- enable database auditing
- configure Azure Defender for SQL
- configure Azure SQL Database Advanced Threat Protection
- implement database encryption
- implement Azure SQL Database Always Encrypted
Configure and manage Key Vault
- manage access to Key Vault
- manage permissions to secrets, certificates, and keys
- configure RBAC usage in Azure Key Vault
- manage certificates
- manage secrets
- configure key rotation
- backup and restore of Key Vault items
Good Luck with your exams.
ReviewNPrep is a community-based website. Follow us on LinkedIn to stay in touch with the certification community.
Need help from the community in preparation. Join our Forums.