The AZ-500 exam is about to be updated, with some very minor revisions. The good news is that it shouldn’t have an impact on the preparation that you need to do, just keep focused on the weaknesses you have identified and should be working on. One of the topics that has been coming up is where the new security and compliance exams fit in, so I’ll address that.

If Azure is your primary focus, with little to no Microsoft 365 exposure apart from Azure Active Directory, make sure you are aware that most of the newly released exams include Azure and Microsoft 365 content. This means that those of you who only work with Azure would be better served by doing this exam, and then perhaps looking into one of the SC-x00 exams. If you work across both, then the new exams could be low hanging fruit within your grasp

Manage identity and access (30-35%)

Manage Azure Active Directory identities 

Configure secure access by using Azure AD

Manage application access

Manage access control

Implement platform protection (15-20%)

Implement advanced network security

Configure advanced security for compute

Manage security operations (25-30%)

Monitor security by using Azure Monitor

Monitor security by using Azure Security Center

Monitor security by using Azure Sentinel

Configure security policies

Secure data and applications (20-25%)

Configure security for storage

Configure security for databases

Configure and manage Key Vault