Microsoft Azure Security Technologies EXAM AZ-500 STUDY GUIDE & EXAM PREP (IN PROGRESS)

Hey gang – I have another “nights and weekends” project in the works.



As of right now, I am finished with Module 1 which is the following break down of the domains and all the subtopics:

Manage identity and access (30-35%)

  • Manage Azure Active Directory identities
    • Configure security for service principals
    • Manage Azure AD directory groups
    • Manage Azure AD users
    • Configure password writeback
    • Configure authentication methods including password hash and Pass Through Authentication (PTA), OAuth, and passwordless (not ADFS)
    • Transfer Azure subscriptions between Azure AD tenants
  • Configure secure access by using Azure AD
    • Monitor privileged access for Azure AD Privileged Identity Management (PIM)
    • Configure Access Reviews
    • Activate and configure PIM
    • Implement Conditional Access policies including Multi-Factor Authentication (MFA)
    • Configure Azure AD identity protection
  • Manage application access
    • Create App Registration
    • Configure App Registration permission scopes
    • Manage App Registration permission consent
    • Manage API access to Azure subscriptions and resources
  • Manage access control
    • Configure subscription and resource permissions
    • Configure resource group permissions
    • Configure custom RBAC roles
    • Identify the appropriate role
    • Apply principle of least privilege
    • Interpret permissions
    • Check access

These are for the NEW requirements as laid out in the updated skills outline for the end of July 2020.

Here is a snip from the introduction of the book – it’ll give you an idea of what to expect from the finished product:

HOW TO BEST USE THIS STUDY GUIDE

With direct respect to the overview and reference content provided for review study, the materials here align with the main domain objectives for the certification. As much as possible, the topic references and outlines are also followed up with direct links to articles and whitepapers on the Microsoft website that dive deeper into the summary content.

The content has been provided, at least in summary format, for every domain topic and sub item for that topic. In some cases, additional editorial content and technical details are offered to dive down into the item. In other cases, there may be less details, but in all cases, links back to technical documentation has been offered back to a Microsoft Docs page.

All of the supplied information, review links, and notes are meant as a final review as opposed to full, robust information.

If you follow the hyperlinked topics and review the reference pages for the detailed information, you should be able to fill in many of the blanks you might have on the topics and the overall domain objectives.

With direct respect to the practice questions, this book’s style and format is written to partially simulate some of the content and question approach that you might see in an official Microsoft exam.

The questions and the answer choices are provided for you on one page so you can read everything in its entirety.

On the very next page is the same question, with the solution / answer provided, along with the answer explanation and reference information.

This format was chosen so that the solution was not immediately exposed – that allows the reader the ability to think about an answer to select before being presented with the solution.

Additionally, the entire question repeated, with the answer and references being provided on the very next page eliminates the need for searching / flipping through the book.

The practice questions, and the answers, explanations, and reference links, are another direct opportunity to learn additional information on the domain topics; it is a suggested best practice for using this study guide to read everything included it its entirety.  

Stay tuned – I am hoping to have this wrapped up and release for late August 2020.



Azure Certification Question of the Day (QOTD) – AZ-500 Q002

The Zero Trust model states to never assume trust but instead to validate trust continually​

Trust determination components include (choose the four correct answers)​

A) Authentication Tokens​
B) Identity Provider​
C) Device Directory​
D) Policy Evaluation Service​
E) Access Proxy​
F) Access Services 

Azure Certification Question of the Day (QOTD) – AZ-500 Q001 – ANSWERED

To use Azure Active Directory (Azure AD) Privileged Identity Management (PIM), your directory must have a valid license.

Which licenses will you require? (Make three selections – each answer is a complete solution).

A) Azure AD Premium P1
B) Azure AD Premium P2
C) Enterprise Mobility + Security (EMS) E3
D) Enterprise Mobility + Security (EMS) E5
E) Microsoft 365 F1
F) Microsoft 365 M3
G) Microsoft 365 M5

CORRECT ANSWERS:
B) Azure AD Premium P2
D) Enterprise Mobility + Security (EMS) E5
G) Microsoft 365 M5

Licensing requirements

To use Privileged Identity Management, your directory must have one of the following paid or trial licenses:

  • Azure AD Premium P2
  • Enterprise Mobility + Security (EMS) E5
  • Microsoft 365 M5

Deploy Azure AD Privileged Identity Management (PIM)

License requirements to use Privileged Identity Management

Azure Certification Question of the Day (QOTD) – AZ-500 Q001

To use Azure Active Directory (Azure AD) Privileged Identity Management (PIM), your directory must have a valid license.

Which licenses will you require? (Make three selections – each answer is a complete solution).

A) Azure AD Premium P1
B) Azure AD Premium P2
C) Enterprise Mobility + Security (EMS) E3
D) Enterprise Mobility + Security (EMS) E5
E) Microsoft 365 F1
F) Microsoft 365 M3
G) Microsoft 365 M5

And here is the updated blog post with the answer – Azure Certification Question of the Day (QOTD) – AZ-500 Q001 – ANSWERED