The AZ-500 exam objectives had a minor revision last week. nothing notable to speak of that should affect your current preparations if you are already in study mode. If you are starting your preparation from scratch, following are some examples of guidance for how you should focus your preparation.

If you are already familiar with Azure Active Directory (AAD) Premium P2 functionality, whether through Azure of through Microsoft 365 related services, you should be in pretty good shape for this exam. There is an exception here though – make sure you spend extra time in the managing application access section, this isn’t something you may have had exposure to. If you don’t have much AAD experience, then you will need to spend time here understanding the capabilities of AAD Premium P2, not just the free edition that’s included with Azure subscriptions by default.

If you are approaching this exam with a fairly solid understanding of networking concepts including subnets, routing, appliances etc. you are off to a strong start with the advanced network security section. The most important thing here is for you to understand how the Azure native versions of the services may differ from those of other solutions from other vendors. If you don’t have much or any networking in your prior experiences, make sure you spend some time going through some basics of TCP/IP and networking including what’s mentioned earlier in this paragraph, and then focus on the technologies in the exam objectives.

During the early days of this exam, understanding how to protect Azure virtual machines worked would have covered you quite well in the advanced security for compute section, but now you can’t just know what acronyms like ACI, ACR, AKS etc. stand for, you also need to how to secure them, including their networking configuration. At this stage it’s most likely you’re familiar with these container related technologies if you have Linux experience, but over the last few years I’ve seen more Windows centric exam takers having some exposure to these technologies as well. This update has had some major changes in the container and serverless related objectives so expect to see more questions on those.

The final thing here is to make sure you have an understanding of what’s in Microsoft Defender for Cloud, and the additional features you get when you move up to workload protections in Microsoft Defender for Cloud. Use the additional workload protections to help drive your understanding of the workloads that you aren’t familiar with. Defender for Servers and Defender for SQL do get mentioned specifically, so they are the ones to focus on.

The examples I’ve just provided don’t cover all of the different combinations of exam preparation scenarios based on your skills, but hopefully they give you some idea of what I see catch people out.

Manage identity and access (30-35%)

Manage Azure Active Directory (Azure AD) identities

Manage secure access by using Azure AD

Manage application access

Manage access control

Implement platform protection (15-20%)

Implement advanced network security

Configure advanced security for compute

Manage security operations (25-30%)

Configure centralized policy management

Configure and manage threat protection

Configure and manage security monitoring solutions

Secure data and applications (25–30%)

Configure security for storage

Configure security for data

Configure and manage Azure Key Vault