The AZ-500 exam description had a major revision in September, both structurally and in content, with some items being removed while others have been expanded, especially in the networking, containers and data sections. There are enough changes in this exam that you should definitely re-evaluate your comfort level with the items on a line by line basis to make sure that the changes aren’t being missed.

Some of the areas that have been deemphasized in this update are as follows. Azure AD has less of a focus on hybrid identity, some of the focus on Azure Security Center/Azure Defender has been reduced, and the Azure Monitor and Sentinel sections are combined. This streamlining suggests to me that the exams in the SC-x00 series are taking on more of the burden for testing on these technologies, but they haven’t been eliminated from this exam as they are foundations of a secure Azure environment.

If you are starting your preparation from scratch, following are some examples of guidance for how you should focus your preparation.

If you are already familiar with Azure Active Directory (AAD) Premium P2 functionality, whether through Azure of through Microsoft 365 related services, you should be in pretty good shape for this exam. There is an exception here though – make sure you spend extra time in the managing application access section, this isn’t something you may have had exposure to. If you don’t have much AAD experience, then you will need to spend time here understanding the capabilities of AAD Premium P2, not just the free edition that’s included with Azure subscriptions by default.

If you are approaching this exam with a fairly solid understanding of networking concepts including subnets, routing, appliances etc. you are off to a strong start with the advanced network security section. The most important thing here is for you to understand how the Azure native versions of the services may differ from those of other solutions from other vendors. If you don’t have much or any networking in your prior experiences, make sure you spend some time going through some basics of TCP/IP and networking including what’s mentioned earlier in this paragraph, and then focus on the technologies in the exam objectives.

During the early days of this exam, understanding how to protect Azure virtual machines worked would have covered you quite well in the advanced security for compute section, but now you can’t just know what acronyms like ACI, ACR, AKS etc. stand for, you also need to how to secure them, including their networking configuration. At this stage it’s most likely you’re familiar with these container related technologies if you have Linux experience, but over the last few years I’ve seen more Windows centric exam takers having some exposure to these technologies as well. This update has had some major changes in the container and serverless related objectives so expect to see more questions on those.

The final thing here is to make sure you have an understanding of what’s in Azure Security Center, and the additional features you get when you move up to Azure Defender capabilities for the different workloads. Use the additional workload protections to help drive your understanding of the workloads that you aren’t familiar with. Even though this seems to have been deemphasized a little in this update, Azure Defender for Servers and Azure Defender for SQL do get mentioned, along with Azure defender vulnerability scans.

The examples I’ve just provided don’t cover all of the different combinations of exam preparation scenarios based on your skills, but hopefully they give you some idea of what I see catch people out.

Manage identity and access (30-35%)

Manage Azure Active Directory (Azure AD) identities

Manage secure access by using Azure AD

Manage application access

Manage access control

Implement platform protection (15-20%)

Implement advanced network security

Configure advanced security for compute

Manage security operations (25-30%)

Configure centralized policy management

Configure and manage threat protection

Configure and manage security monitoring solutions

Secure data and applications (25–30%)

Configure security for storage

Configure security for data

Configure and manage Azure Key Vault