AZ-500 (Microsoft Azure Security) Exam Study Guide

Preparing for AZ-500 Microsoft Azure Security Technologies exam? Don’t know where to start? This post is the AZ-500 Certificate Study Guide (with links to each exam objective).

I have curated a list of articles from Microsoft documentation for each objective of AZ-500 exam. Hope this article will be your AZ-500 Study Guide.

Also, please share the post within your circles so it helps them to prepare for the exam.


AZ-500 Course (Online Training)

Pluralsight (Learning Path)Microsoft Azure Security Engineer Course
LinkedIn Learning (Free trial)Microsoft Azure: Security Concepts for the exam
WhizlabsMicrosoft Azure Security Technologies Certification
UdemyA Course on Security in Azure


AZ-500 Practice Tests & Labs

Whizlabs (Try Sample questions)3 Practice Tests (a total of 165 questions)
Udemy Practice TestsSecurity Technologies Practice Questions
Labs on GitHubLabs resources on Security topics


AZ-500 E-book (Related Topics in PDF)

AmazonAzure Security Infrastructure


AZ-500 Exam Voucher

Test VoucherMicrosoft Azure Single Shot Exam Voucher ($30 OFF)


To view other Azure certificate study guides, click here

Full Disclosure: Some of the links in this post are affiliate links. I receive a commission when you purchase through them.


Looking for AZ-500 dumps? Read this!

Using az-500 exam dumps can get you permanently banned from taking any future Microsoft certificate exam. Read the FAQ page for more information. However, I strongly suggest you validate your understanding with practice questions.


Manage Identity and Access (20-25%)

Check out this free course on Managing Identity and Access

Configure Azure Active Directory for Workloads

Create App Registration

Configure App Registration permission scopes

Manage App Registration permission consent

Configure Multi-Factor Authentication settings

Manage Azure AD directory groups

Manage Azure AD users

Install and configure Azure AD Connect

Configure authentication methods

Implement Conditional Access policies

Configure Azure AD identity protection


Configure Azure AD Privileged Identity Management

Monitor privileged access

Configure Access Reviews

Activate Privileged Identity Management


Configure Azure tenant security

Transfer Azure subscriptions between Azure AD tenants

Manage API access to Azure subscriptions and resources

PS Course Module: Managing API Access to Microsoft Azure Subscriptions and Resources (check with free trial)


Implement Platform Protection (35-40%)

Check out this free course on Implementing Platform Protection

Implement Network Security

Configure virtual network connectivity

Configure Network Security Groups (NSGs)

Create and configure Azure Firewall

Create and configure Azure Front Door service

Create and configure application security groups

Configure remote access management

Udemy Course: Check the module Network Security

Configure baseline

LinkedIn (Free Trial): Configure baseline for resources

Configure resource firewall

Amazon link (affiliate)

Implement host security

Configure endpoint security within the VM

Configure VM security

Harden VMs in Azure

Configure system updates for VMs in Azure

Configure baseline

LinkedIn (Free Trial): Configure baseline for resources


Configure container security

Configure network

Configure authentication

Configure container isolation

Configure AKS security

Configure container registry

Implement vulnerability management


Implement Azure Resource management security

Create Azure resource locks

Manage resource group security

PS Module: Securing and Controlling for Resource Groups (check with free trial)

Configure Azure policies

Configure custom RBAC roles

Configure subscription and resource permissions

Amazon link (affiliate)

Manage security operations (15-20%)

Configure security services

Configure Azure Monitor

Configure diagnostic logging and log retention

Configure vulnerability scanning


Configure security policies

Configure centralized policy management by using Azure Security Center

Configure Just in Time VM access by using Azure Security Center


Manage security alerts

Create and customize alerts

PS Course Module: Create and customize alerts in Azure (Check with free trial)

Review and respond to alerts and recommendations

Configure a playbook for a security event by using Azure Security Center

Investigate escalated security incidents

Secure data and applications (25-30%)

Configure security policies to manage data

Configure data classification

Configure data retention

Configure data sovereignty


Configure security for data infrastructure

Enable database authentication

Enable database auditing

Configure Azure SQL Database Advanced Threat Protection

Configure access control for storage accounts

Configure key management for storage accounts

Configure Azure AD authentication for Azure Storage

Configure Azure AD Domain Services authentication for Azure Files

Create and manage Shared Access Signatures (SAS)

Configure security for HDInsight

Configure security for Cosmos DB

Configure security for Azure Data Lake


Configure encryption for data at rest

Implement Azure SQL Database Always Encrypted

Implement database encryption

Implement Storage Service Encryption

Implement disk encryption


Configure application security

Configure SSL/TLS certs

Configure Azure services to protect web apps

Create an application security baseline

Amazon link (affiliate)

This brings us to the end of AZ-500 Study Guide

What do you think? Let me know in the Comments section if I have missed out on anything. Also, I love to hear from you how your preparation is going on!

In case you are looking for other Azure certification exams check out this page

Sign up for Newsletter

Want to be notified as soon as I post? Subscribe to RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

  • 1

You may also like


  1. Why? Would you like to tell me the reasons in more detailed?

    Is not the case study a sample for how to answer the questions followed by in the section?
    Is it the requirement information for answering the questions in the section?
    I am very sorry for so simple question.

    Best regards,
    Linshan Xu

    1. If you do not answer, there will be fewer questions available to achieve the passing marks.
      I did not understand what you are saying properly, but, yes, the required information will be available in each section
      I suggest you go through a couple of practice tests and labs to alleviate your fears

  2. Hi, Ravikiran
    I heard that there is a case study in the Exam AZ-500.
    Must I answer the questions in the case study?

    Best regards,
    Linshan Xu

Leave a Reply

Your e-mail address will not be published. Required fields are marked *