The Microsoft Azure Security Technologies (AZ-500) exam is designed to test the candidate’s knowledge and skills in implementing security controls and threat protection, managing identity and access, protecting data and applications, and managing security operations in an Azure environment. The exam covers the following topics:
- Manage identity and access (20-25%)
- Configure Azure Active Directory (Azure AD) for workloads
- Configure Azure AD Privileged Identity Management
- Configure security for Azure AD
- Manage application access
- Manage access control
- Implement platform protection (35-40%)
- Implement advanced network security
- Implement platform security
- Implement subscription and governance
- Monitor security by using Azure Monitor
- Implement key vault
- Manage security operations (15-20%)
- Configure security services
- Configure security policies by using Azure Security Center
- Manage security alerts
- Respond to and remediate security issues
- Secure data and applications (30-35%)
- Configure security for storage
- Configure security for databases
- Implement and manage Azure Backup
- Configure and manage Azure Site Recovery
- Configure security for Azure Kubernetes Service (AKS)
The exam consists of multiple-choice questions, and candidates will have two hours to complete it. To pass the exam, candidates must score at least 700 out of 1000 points. Microsoft recommends that candidates have at least one year of experience in implementing security controls and threat protection, managing identity and access, protecting data and applications, and managing security operations in an Azure environment. It is also recommended that candidates have experience with Azure Portal, Azure PowerShell, Azure CLI, Azure Monitor, Azure Security Center, and Azure Log Analytics.
Prerequisites
The official prerequisites for taking the Microsoft Azure Security Technologies (AZ-500) exam are as follows:
- Candidates should have a strong understanding of core Azure services and capabilities, as well as experience with security controls for Azure and hybrid environments.
- Candidates should be proficient in one or more of the following areas:
- Microsoft Azure administration
- Azure development
- DevOps
- Data science and analysis
- Candidates should have experience with Microsoft Azure Security Center and Azure Sentinel, as well as with Azure governance features like Azure Policy and Azure Resource Manager templates.
- Microsoft recommends that candidates have at least one year of experience in implementing security controls and threat protection, managing identity and access, protecting data and applications, and managing security operations in an Azure environment.
It’s important to note that the above prerequisites are only recommended, and not strictly required. However, having the recommended knowledge and experience will help ensure that candidates are adequately prepared to take and pass the AZ-500 exam. Additionally, Microsoft also recommends that candidates have experience with Azure Portal, Azure PowerShell, Azure CLI, Azure Monitor, Azure Security Center, and Azure Log Analytics.
