Having recently passed the AZ-500, I wanted to share my study guide and the resources I used to help get me over the line for this certification. Once you pass the AZ-500 exam you will earn the Microsoft Certified: Azure Security Engineer Associate certification, demonstrating that you are able to understand how to implement security controls and threat protection, manage identity and access, and protect data, applications, and networks.
With any Microsoft Exam the content changes on a regular basis, so it is always best to ensure you keep updated with the latest guidance from Microsoft. This can usually be found on the Exam page. In terms of the AZ-500 exams the skills measured are broken down into the following categories and weighted as such:
- Manage identity and access (30-35%)
- Implement platform protection (15-20%)
- Manage security operations (25-30%)
- Secure data and applications (20-25%)
It’s worth noting that by default, most of the questions cover features that are General Availability (GA), however, the exam may contain questions on Preview features if those features are commonly used.
Microsoft Learn Resources
By default, I always try to use the Microsoft Learn resources. If you aren’t aware of Microsoft Learn, it is a training platform built and maintained by Microsoft and is completely free of charge. Microsoft Learn provides a vast amount of online training and learning paths for a range of Microsoft technologies, the training is delivered through videos, reading materials, and labs, but also has quizzes at the end of sections, so that you can gauge your knowledge. By default, my first point is always to check the Microsoft Learn materials.
- Secure your cloud applications in Azure (6 modules)
- Implement resource management security in Azure (6 modules)
- Implement network security in Azure (5 modules)
- Implement virtual machine host security in Azure (6 modules)
- Manage identity and access in Azure Active Directory (9 modules)
- Manage security operations in Azure (8 modules)
Microsoft Docs Resources
On top of the Microsoft Learn resources, is Microsoft Docs, again this is another free Microsoft Resource. Now I personally used the list provided by Thomas Maurer in his Study guide for AZ-500. This provides a very good list of links to the relevant Microsoft docs for this exam.
Tips and other resources
On top of these Microsoft resources, I always recommend trying to get some actual Azure time with the toolsets. This can be difficult to do unless you have a test Azure subscription, so it may be worth looking at signing up for a free trial and putting some money aside for a very basic configuration. Alternatively, you could look at an A Cloud Guru subscription, which will offer the ability to have a time-limited cloud sandbox.
All the best and good luck on your journey to passing AZ-500 and gaining your Microsoft Certified: Azure Security Engineer Associate certification. If you have any further links and resources then please let me know in the comments and I can add them to this blog.