After passing the AZ-400 exam to earn the Microsoft Certified: Azure DevOps Engineer Expert certification, I decided to delve into the world of Azure Security and work towards the final certification on my initial “want to get” list.
Disclaimer: Microsoft reviews certifications regularly to help ensure that they remain relevant, technically accurate and that they assess the skills needed to thrive in a cloud-based world. Exams evolve over time and may change without notice. This post represents my best knowledge of the AZ-500 exam as of Q2 2021, but you should always consult Microsoft’s Official AZ-500 Exam Page for the contents of the exam.
What is an Azure Security Engineer Associate?
The Azure Security Engineer Associate Exam is an opportunity to demonstrate subject matter expertise implementing Azure security controls that protect identity, access, data, applications, and networks in cloud and hybrid environments as part of an end-to-end infrastructure.
If you plan to take this exam you should have practical experience in administration of Azure and hybrid environments. You should also have experience with infrastructure as code, security operations processes, cloud capabilities, and Azure services.
Azure Security Engineers will often serve as part of a larger team that plans and implements cloud-based management and security. This role is typically responsible for managing security posture, identifying and remediating vulnerabilities, performing threat modeling, implementing threat protection, and responding to security incident escalations.
How Did I Prepare?
I’ve never been a full time security architect or engineer, but security has been a part of every IT job I have ever had. If you work in IT, you are also likely in the same position.
Twenty years of IT experience has provided a broad range of knowledge across many aspects of IT security. I was able to use my experience along with the resources outlined in the next section to prepare. I spent about two weeks studying an hour or two a night for the exam, which worked out well.
What Resources Did I Use to Prepare?
I used the following resources to get ready:
- Microsoft Learn – AZ-500 Part 1: Manage Identity and Access
- Microsoft Learn – AZ-500 Part 2: Implement Platform Protection
- Microsoft Learn – AZ-500 Part 3: Secure your Data and Applications
- Microsoft Learn – AZ-500 Part 4: Manage Security Operation
Security is a part of every IT job I have ever worked in, but I am not a deep expert in all the services and topics covered by this exam. I worked through all four learning paths above which provided me with the confidence to move forward.
I also worked through the CloudSkills Microsoft Certified Azure Security Engineer AZ-500 course.
My Challenge Area
While I cannot talk about exam specifics for obvious reasons, I do want to point out the area that I struggled with the most:
Managing Identity and Access related questions make up 30-35% and were the most challenging for me on this exam. I scored the lowest in this area overall.
This was my tenth exam taken remotely through PearsonVue due to COVID-19. I gave myself two weeks to prepare and study when I scheduled the exam continuing to follow my pattern of giving myself a deadline to force the work needed to pass.
This was my fourth exam since leaving Mars and joining Microsoft. Once again, I couldn’t take the exam in my home office as I no longer had a home office (or home for that matter). We were still living in a short-term apartment waiting for our builder to finish our new home in North Carolina.
Once again, I took the exam on a card table in the apartment’s master bedroom walk in closet. Same setup procedure as my last two exam experiences. The exam launched and I spent the next 150 minutes working through questions. I finished with 15 minutes to spare.
Immediately after the test, I received my detailed score breakdown in various areas and was told that I passed (with a nice buffer). An e-mail showed up no more than an hour later with details on getting my certificate, claiming it on Acclaim, sharing it on LinkedIn, etc.
The Azure Security Engineer Associate exam was one of the toughest exams I’ve taken to this point. If working with the security aspects of Azure is not part of your day – study, get hands on experience, and make sure you know your stuff before taking the exam if you want to pass.
I’m now certified with all the Azure roles I had on my initial list. Microsoft has released a few new role-based certifications since the creation of my initial list, but at this point I’m looking to move away from the Microsoft Azure stack for a while and focus on some cloud agnostic technologies. I’ll be looking at the following certifications as my next areas of focus:
- HashiCorp Certified: Terraform Associate
- Docker Certified Associate (DCA)
- Certified Kubernetes Administrator (CKA)
I’ll be sure to post as my journey continues to progress.