The AZ-500 practice test trains you in monitoring security for resources in Azure.
Why should I take the AZ-500 exam?
The AZ-500 certification is a perfect fit for Microsoft Azure security engineers who want to validate their skills in implementing, managing, and monitoring security for resources in Azure, multi-cloud, and hybrid environments as part of an end-to-end infrastructure. The AZ-500 certification builds on the foundations provided by Microsoft's AZ-900 exam, although the AZ-900 is not an official pre-requisite. After obtaining this certification, why not try your luck at one of the Azure Expert-level certifications, the AZ-400 or theAZ-305?
The AZ-500 practice test includes two different modes: certification and practice mode. Certification mode allows you to assess your knowledge and discover your weak areas, with practice mode allowing you to focus on the areas that need development.
The AZ-500 practice test contains 139 questions and covers the following objectives:
Manage identity and access - 38 questions
Manage Microsoft Entra identities
Secure Microsoft Entra users
Secure Microsoft Entra groups
Recommend when to use external identities
Secure external identities
Implement Microsoft Entra ID Protection
Manage Microsoft Entra authentication
Configure Microsoft Entra Verified ID
Implement multi-factor authentication (MFA)
Implement passwordless authentication
Implement password protection
Implement single sign-on (SSO)
Integrate single sign on (SSO) and identity providers
Recommend and enforce modern authentication protocols
Manage Microsoft Entra authorization
Configure Azure role permissions for management groups, subscriptions, resource groups, and resources
Assign Microsoft Entra built-in roles
Assign Azure built-in roles
Create and assign custom roles, including Azure roles and Microsoft Entra roles
Implement and manage Microsoft Entra Permissions Management
Configure Microsoft Entra Privileged Identity Management
Configure role management and access reviews in Microsoft Entra
Implement Conditional Access policies
Manage Microsoft Entra application access
Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants
Manage Microsoft Entra app registrations
Configure app registration permission scopes
Manage app registration permission consent
Manage and use service principals
Manage managed identities for Azure resources
Recommend when to use and configure an Microsoft Entra Application Proxy, including authentication
Secure networking - 28 questions
Plan and implement security for virtual networks
Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs)
Plan and implement user-defined routes (UDRs)
Plan and implement Virtual Network peering or VPN gateway
Plan and implement Virtual WAN, including secured virtual hub
Secure VPN connectivity, including point-to-site and site-to-site
Implement encryption over ExpressRoute
Configure firewall settings on PaaS resources
Monitor network security by using Network Watcher, including NSG flow logging
Plan and implement security for private access to Azure resources
Plan and implement virtual network Service Endpoints
Plan and implement Private Endpoints
Plan and implement Private Link services
Plan and implement network integration for Azure App Service and Azure Functions
Plan and implement network security configurations for an App Service Environment (ASE)
Plan and implement network security configurations for an Azure SQL Managed Instance
Plan and implement security for public access to Azure resources
Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management
Plan, implement, and manage an Azure Firewall, including Azure Firewall Manager and firewall policies
Plan and implement an Azure Application Gateway
Plan and implement an Azure Front Door, including Content Delivery Network (CDN)
Plan and implement a Web Application Firewall (WAF)
Recommend when to use Azure DDoS Protection Standard
Secure compute, storage, and databases - 33 questions
Plan and implement advanced security for compute
Plan and implement remote access to public endpoints, including Azure Bastion and just-in-time (JIT) virtual machine (VM) access
Configure network isolation for Azure Kubernetes Service (AKS)
Secure and monitor AKS
Configure authentication for AKS
Configure security monitoring for Azure Container Instances (ACIs)
Configure security monitoring for Azure Container Apps (ACAs)
Manage access to Azure Container Registry (ACR)
Configure disk encryption, including Azure Disk Encryption (ADE), encryption as host, and confidential disk encryption
Recommend security configurations for Azure API Management
Plan and implement security for storage
Configure access control for storage accounts
Manage life cycle for storage account access keys
Select and configure an appropriate method for access to Azure Files
Select and configure an appropriate method for access to Azure Blob Storage
Select and configure an appropriate method for access to Azure Tables
Select and configure an appropriate method for access to Azure Queues
Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage
Configure Bring your own key (BYOK)
Enable double encryption at the Azure Storage infrastructure level
Plan and implement security for Azure SQL Database and Azure SQL Managed Instance
Enable Microsoft Entra database authentication
Enable database auditing
Identify use cases for the Microsoft Purview governance portal
Implement data classification of sensitive information by using the Microsoft Purview governance portal
Plan and implement dynamic masking
Implement Transparent Database Encryption (TDE)
Recommend when to use Azure SQL Database Always Encrypted
Manage security operations - 40 questions
Plan, implement, and manage governance for security
Create, assign, and interpret security policies and initiatives in Azure Policy
Configure security settings by using Azure Blueprints
Deploy secure infrastructures by using a landing zone
Create and configure an Azure Key Vault
Recommend when to use a dedicated Hardware Security Module (HSM)
Configure access to Key Vault, including vault access policies and Azure Role Based Access Control
Manage certificates, secrets, and keys
Configure key rotation
Configure backup and recovery of certificates, secrets, and keys
Manage security posture by using Microsoft Defender for Cloud
Identify and remediate security risks by using the Microsoft Defender for Cloud Secure Score and Inventory
Assess compliance against security frameworks and Microsoft Defender for Cloud
Add industry and regulatory standards to Microsoft Defender for Cloud
Add custom initiatives to Microsoft Defender for Cloud
Connect hybrid cloud and multi-cloud environments to Microsoft Defender for Cloud
Identify and monitor external assets by using Microsoft Defender External Attack Surface Management
Configure and manage threat protection by using Microsoft Defender for Cloud
Enable workload protection services in Microsoft Defender for Cloud, including Microsoft Defender for Storage, Databases, Containers, App Service, Key Vault, Resource Manager, and DNS
Configure Microsoft Defender for Servers
Configure Microsoft Defender for Azure SQL Database
Manage and respond to security alerts in Microsoft Defender for Cloud
Configure workflow automation by using Microsoft Defender for Cloud
Evaluate vulnerability scans from Microsoft Defender for Server
Configure and manage security monitoring and automation solutions
Monitor security events by using Azure Monitor
Configure data connectors in Microsoft Sentinel
Create and customize analytics rules in Microsoft Sentinel
Evaluate alerts and incidents in Microsoft Sentinel
Configure automation in Microsoft Sentinel
Notes:
The bullets that follow each of the skills measured are intended to illustrate how we are assessing that skill. Related topics may be covered in the exam.
Most questions cover features that are general availability (GA). The exam may contain questions on Preview features if those features are commonly used.
A practice test is an informal test that simulates the actual exam and aims to get you fully prepared for what to expect on the real exam. A MeasureUp practice test comes with around 150 questions covering the exam objective domains. In a MeasureUp practice test there are two test-taking modes to prepare students for their certification: Certification Mode and Practice Mode.
The Practice Mode allows users control over how to customize their testing environment. They may select how many questions they want to include in their assessment, the maximum time to complete the test, if they want to randomize the question order, and how and which questions will be shown in the test.
The Certification Mode simulates the actual testing environment users will encounter when taking a certification exam. They are timed and do not allow users to request the answers and explanations to questions until completing the test.
How does it work?
Take a look at our video to see exactly how MeasureUp’s practice tests work.
Why should you trust MeasureUp over free Learning material?
MeasureUp
Free learning material
A greater number of questions, so more opportunities to learn.
A small proportion of questions to introduce the exam.
Detailed explanations with online references of correct and incorrect answers.
Brief or no explanations of both correct and incorrect answer options.
A total of fourteen different question types.
Limited types of questions out of all the ones you'll find on the exam.
Customize the test based on your needs. Certification & Practice Mode.
Just one type of assessment, without customization options and without a time countdown.
Will studying with a MeasureUp practice test improve my chances of passing at the first attempt?
Yes. MeasureUp's practice tests have been specifically designed to help you both save time and pass at the first attempt. The test is fully customizable, allowing you to discover and focus on your weak areas. This makes the learning process quicker and smoother. Also, as the style, objectives, question type, and difficulty are the same as those found on the official exam, you can be confident that when you pass the practice test three times in Certification Mode, you are exam-ready.
What can I expect to earn if I pass the AZ-500 exam?
On passing the AZ-500 and obtaining a job as a mid-level security engineer, you can expect to earn a salary in the United States of approximately $145,000.
Source: Nigel Franks International.
Continue growing with MeasureUp’s learning material. Explore the Security learning path.
The MeasureUp AZ-500 practice test is the most realistic simulation of the actual certification exam on the market, giving you the perfect opportunity to pass the official exam on the first go. With our Test Pass Guarantee, you can be sure of success as we offerall of your money back if you do not pass. The AZ-500 practice test has been created by leading experts in the field of cloud computing in Azure.
Why should you trust AZ-500 Practice Test from MeasureUp over free learning material?
The MeasureUp AZ-500 practice test has many benefits over free learning material, including:
A higher number of questions, so more opportunities to learn.
Detailed explanations with online references of correct and incorrect answers.
A total of fourteen different question types, replicating the look and feel of the real exam.
Customizable based on your needs. Certification & Practice Modes.
Test Pass Guarantee.
Written, reviewed, and edited by experts.
How to use the AZ-500 Practice Test?
You can use the AZ-500 practice test in two different modes: certification and practice mode. The first gives you the possibility to assess your knowledge and discover your weak areas, and the second allows you to focus on these areas, ensuring you spend your time wisely. MeasureUp recommends you first take the AZ-500 practice test in certification mode. By studying the detailed report generated after completing the test, you will get a helpful overview of which areas require further attention. You should then take the test in practice mode in order to develop those areas. Once you are confident you have improved your knowledge in these areas, you can re-take the test in certification mode and, on passing two consecutive times with a score of 90%, you know you are exam ready
Will the questions be the same as the actual exam?
No, they will not. Although the questions will resemble those of the official exam in terms of style, content, level of difficulty, for reasons of copyright they will not be exactly the same. This set of questions will allow you to fully understand the content you are studying so that, no matter how the actual exam questions are focused, you can be confident you are covering the same material and that you will have no problem in passing the exam.
AZ-500 CERTIFICATION EXAM
How can I prepare for the AZ-500 certification exam?
Review the AZ-500 exam domains carefully.
Create your study plan for your preparation.
Enroll for the MeasureUp practice tests. Our practice tests emulate the actual exam in terms of style, format, skill sets, question structure, and level of difficulty, and can be taken in two different formats: practice mode and certification mode.
Practice, practice, practice! After looking at all the questions available in the test, checking the correct answers, reviewing the explanations regarding all the different answer options, and consulting the carefully chosen references, it is now time to use the test’s Certification Mode. This is the closest experience you’ll get to the real exam. And when you pass the Certification Mode twice consecutively with a score of 90% or more, you know you are… Exam ready!
What is the AZ-500 certification?
The Microsoft Azure Security Technologies (AZ-500) certification validates knowledge relating to implementing, managing, and monitoring security for resources in Azure, multi-cloud, and hybrid environments as part of an end-to-end infrastructure. This certification exam is aimed at Azure security engineers who have responsibility for managing the security posture of an organization, as well as taking steps to remediate vulnerabilities, performing threat modelling, and implementing threat protection.
How hard is the AZ-500?
The AZ-500 certification exam is at the Associate level, meaning that we would recommend you take the AZ-900 Microsoft Azure Fundamentals exam first, which provides a useful foundation for the more advanced Azure certifications at Associate, Specialty, or Expert levels.
How many questions in AZ-500 exam?
Microsoft Associate-level certification exams typically have between 50 and 60 questions.
Is AZ-500 worth it?
The AZ-500 certification exam validates your security engineer skills with respect to managing resources in Azure. The expected annual salary for such positions in the United States is around $145,000.
https://www.measureup.com/microsoft-practice-test-az-500-microsoft-azure-security-technologies.html6267Microsoft Practice Test AZ-500: Microsoft Azure Security Technologies<b>Questions:</b> 139 <br><b>Release Date:</b> 11/2019 (Last Update: 03/2024) <br><b>Job Role:</b> Security Engineer <br><b>Language:</b> English <br><br><p>The AZ-500 practice test contains 139 questions and covers the following objectives:</p>
<h3 aria-level="3"><span data-contrast="none">Manage identity and access - 38 questions</span></h3>
<h4 aria-level="4"><span style="color: #0780c2;">Manage Microsoft Entra identities </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="7" data-aria-level="1"><span style="font-size: 14px;">Secure Microsoft Entra users </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="8" data-aria-level="1"><span style="font-size: 14px;">Secure Microsoft Entra groups </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="9" data-aria-level="1"><span style="font-size: 14px;">Recommend when to use external identities </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="10" data-aria-level="1"><span style="font-size: 14px;">Secure external identities </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="11" data-aria-level="1"><span style="font-size: 14px;">Implement Microsoft Entra ID Protection </span></li>
</ul>
<h4 aria-level="4"> </h4>
<h4 aria-level="4"><span style="color: #0780c2;">Manage Microsoft Entra authentication </span></h4>
<ul>
<li><span style="font-size: 14px;">Configure Microsoft Entra Verified ID </span></li>
<li><span style="font-size: 14px;">Implement multi-factor authentication (MFA) </span></li>
<li><span style="font-size: 14px;">Implement passwordless authentication </span></li>
<li><span style="font-size: 14px;">Implement password protection </span></li>
<li><span style="font-size: 14px;">Implement single sign-on (SSO) </span></li>
<li><span style="font-size: 14px;">Integrate single sign on (SSO) and identity providers </span></li>
<li><span style="font-size: 14px;">Recommend and enforce modern authentication protocols </span></li>
</ul>
<p aria-level="4"> </p>
<h4 aria-level="4"><span style="color: #0780c2;">Manage Microsoft Entra authorization </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span style="font-size: 14px;">Configure Azure role permissions for management groups, subscriptions, resource groups, and resources </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span style="font-size: 14px;">Assign Microsoft Entra built-in roles </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="6" data-aria-level="1"><span style="font-size: 14px;">Assign Azure built-in roles </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="7" data-aria-level="1"><span style="font-size: 14px;">Create and assign custom roles, including Azure roles and Microsoft Entra roles </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="8" data-aria-level="1"><span style="font-size: 14px;">Implement and manage Microsoft Entra Permissions Management </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="9" data-aria-level="1"><span style="font-size: 14px;">Configure Microsoft Entra Privileged Identity Management </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="10" data-aria-level="1"><span style="font-size: 14px;">Configure role management and access reviews in Microsoft Entra </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="11" data-aria-level="1"><span style="font-size: 14px;">Implement Conditional Access policies </span></li>
</ul>
<p aria-level="4"> </p>
<h4 aria-level="4"><span style="color: #0780c2;">Manage Microsoft Entra application access </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="12" data-aria-level="1"><span style="font-size: 14px;">Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="13" data-aria-level="1"><span style="font-size: 14px;">Manage Microsoft Entra app registrations </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="14" data-aria-level="1"><span style="font-size: 14px;">Configure app registration permission scopes </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="15" data-aria-level="1"><span style="font-size: 14px;">Manage app registration permission consent </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="16" data-aria-level="1"><span style="font-size: 14px;">Manage and use service principals </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="17" data-aria-level="1"><span style="font-size: 14px;">Manage managed identities for Azure resources </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="18" data-aria-level="1"><span style="font-size: 14px;">Recommend when to use and configure an Microsoft Entra Application Proxy, including authentication </span></li>
</ul>
<p aria-level="3"> </p>
<h3 aria-level="3"><span data-contrast="none">Secure networking - 28 questions</span></h3>
<h4 aria-level="4"><span style="color: #0780c2;">Plan and implement security for virtual networks </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span style="font-size: 14px;">Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs) </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span style="font-size: 14px;">Plan and implement user-defined routes (UDRs) </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span style="font-size: 14px;">Plan and implement Virtual Network peering or VPN gateway </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span style="font-size: 14px;">Plan and implement Virtual WAN, including secured virtual hub </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span style="font-size: 14px;">Secure VPN connectivity, including point-to-site and site-to-site </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="6" data-aria-level="1"><span style="font-size: 14px;">Implement encryption over ExpressRoute </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="7" data-aria-level="1"><span style="font-size: 14px;">Configure firewall settings on PaaS resources </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="8" data-aria-level="1"><span style="font-size: 14px;">Monitor network security by using Network Watcher, including NSG flow logging </span></li>
</ul>
<p aria-level="4"> </p>
<h4 aria-level="4"><span style="color: #0780c2;">Plan and implement security for private access to Azure resources</span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="9" data-aria-level="1"><span style="font-size: 14px;">Plan and implement virtual network Service Endpoints </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="10" data-aria-level="1"><span style="font-size: 14px;">Plan and implement Private Endpoints </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="11" data-aria-level="1"><span style="font-size: 14px;">Plan and implement Private Link services </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="12" data-aria-level="1"><span style="font-size: 14px;">Plan and implement network integration for Azure App Service and Azure Functions </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="13" data-aria-level="1"><span style="font-size: 14px;">Plan and implement network security configurations for an App Service Environment (ASE) </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="14" data-aria-level="1"><span style="font-size: 14px;">Plan and implement network security configurations for an Azure SQL Managed Instance </span></li>
</ul>
<p aria-level="4"> </p>
<h4 aria-level="4"><span style="color: #0780c2;">Plan and implement security for public access to Azure resources</span></h4>
<ul>
<li><span style="font-size: 14px;">Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management </span></li>
<li><span style="font-size: 14px;">Plan, implement, and manage an Azure Firewall, including Azure Firewall Manager and firewall policies </span></li>
<li><span style="font-size: 14px;">Plan and implement an Azure Application Gateway </span></li>
<li><span style="font-size: 14px;">Plan and implement an Azure Front Door, including Content Delivery Network (CDN) </span></li>
<li><span style="font-size: 14px;">Plan and implement a Web Application Firewall (WAF) </span></li>
<li><span style="font-size: 14px;">Recommend when to use Azure DDoS Protection Standard </span></li>
</ul>
<p aria-level="3"> </p>
<h3 aria-level="3"><span data-contrast="none">Secure compute, storage, and databases - 33 questions</span></h3>
<h4 aria-level="4"><span style="color: #0780c2;">Plan and implement advanced security for compute </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span style="font-size: 14px;">Plan and implement remote access to public endpoints, including Azure Bastion and just-in-time (JIT) virtual machine (VM) access </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="6" data-aria-level="1"><span style="font-size: 14px;">Configure network isolation for Azure Kubernetes Service (AKS) </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="7" data-aria-level="1"><span style="font-size: 14px;">Secure and monitor AKS </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="8" data-aria-level="1"><span style="font-size: 14px;">Configure authentication for AKS </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="9" data-aria-level="1"><span style="font-size: 14px;">Configure security monitoring for Azure Container Instances (ACIs) </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="10" data-aria-level="1"><span style="font-size: 14px;">Configure security monitoring for Azure Container Apps (ACAs) </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="11" data-aria-level="1"><span style="font-size: 14px;">Manage access to Azure Container Registry (ACR) </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="12" data-aria-level="1"><span style="font-size: 14px;">Configure disk encryption, including Azure Disk Encryption (ADE), encryption as host, and confidential disk encryption </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="13" data-aria-level="1"><span style="font-size: 14px;">Recommend security configurations for Azure API Management </span></li>
</ul>
<p aria-level="4"> </p>
<h4 aria-level="4"><span style="color: #0780c2;">Plan and implement security for storage </span></h4>
<ul>
<li><span style="font-size: 14px;">Configure access control for storage accounts </span></li>
<li><span style="font-size: 14px;">Manage life cycle for storage account access keys </span></li>
<li><span style="font-size: 14px;">Select and configure an appropriate method for access to Azure Files </span></li>
<li><span style="font-size: 14px;">Select and configure an appropriate method for access to Azure Blob Storage </span></li>
<li><span style="font-size: 14px;">Select and configure an appropriate method for access to Azure Tables </span></li>
<li><span style="font-size: 14px;">Select and configure an appropriate method for access to Azure Queues </span></li>
<li><span style="font-size: 14px;">Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage </span></li>
<li><span style="font-size: 14px;">Configure Bring your own key (BYOK) </span></li>
<li><span style="font-size: 14px;">Enable double encryption at the Azure Storage infrastructure level </span></li>
</ul>
<p aria-level="4"> </p>
<h4 aria-level="4"><span style="color: #0780c2;">Plan and implement security for Azure SQL Database and Azure SQL Managed Instance </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="6" data-aria-level="1"><span style="font-size: 14px;">Enable Microsoft Entra database authentication </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="7" data-aria-level="1"><span style="font-size: 14px;">Enable database auditing </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="8" data-aria-level="1"><span style="font-size: 14px;">Identify use cases for the Microsoft Purview governance portal </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="9" data-aria-level="1"><span style="font-size: 14px;">Implement data classification of sensitive information by using the Microsoft Purview governance portal </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="10" data-aria-level="1"><span style="font-size: 14px;">Plan and implement dynamic masking </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="11" data-aria-level="1"><span style="font-size: 14px;">Implement Transparent Database Encryption (TDE) </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="12" data-aria-level="1"><span style="font-size: 14px;" data-contrast="none">Recommend when to use Azure SQL Database Always Encrypted</span><span data-ccp-props="{"201341983":0,"335559739":40,"335559740":240,"469777462":[1080],"469777927":[0],"469777928":[8]}"> </span></li>
</ul>
<p aria-level="3"> </p>
<h3 aria-level="3"><span data-contrast="none">Manage security operations - 40 questions</span></h3>
<h4 aria-level="4"><span style="color: #0780c2;">Plan, implement, and manage governance for security </span></h4>
<ul>
<li><span style="font-size: 14px;">Create, assign, and interpret security policies and initiatives in Azure Policy </span></li>
<li><span style="font-size: 14px;">Configure security settings by using Azure Blueprints </span></li>
<li><span style="font-size: 14px;">Deploy secure infrastructures by using a landing zone </span></li>
<li><span style="font-size: 14px;">Create and configure an Azure Key Vault </span></li>
<li><span style="font-size: 14px;">Recommend when to use a dedicated Hardware Security Module (HSM) </span></li>
<li><span style="font-size: 14px;">Configure access to Key Vault, including vault access policies and Azure Role Based Access Control </span></li>
<li><span style="font-size: 14px;">Manage certificates, secrets, and keys </span></li>
<li><span style="font-size: 14px;">Configure key rotation </span></li>
<li><span style="font-size: 14px;">Configure backup and recovery of certificates, secrets, and keys </span></li>
</ul>
<p aria-level="4"> </p>
<h4 aria-level="4"><span style="color: #0780c2;">Manage security posture by using Microsoft Defender for Cloud </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span style="font-size: 14px;">Identify and remediate security risks by using the Microsoft Defender for Cloud Secure Score and Inventory </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="6" data-aria-level="1"><span style="font-size: 14px;">Assess compliance against security frameworks and Microsoft Defender for Cloud </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="7" data-aria-level="1"><span style="font-size: 14px;">Add industry and regulatory standards to Microsoft Defender for Cloud </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="8" data-aria-level="1"><span style="font-size: 14px;">Add custom initiatives to Microsoft Defender for Cloud </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="9" data-aria-level="1"><span style="font-size: 14px;">Connect hybrid cloud and multi-cloud environments to Microsoft Defender for Cloud </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="10" data-aria-level="1"><span style="font-size: 14px;">Identify and monitor external assets by using Microsoft Defender External Attack Surface Management </span></li>
</ul>
<p aria-level="4"> </p>
<h4 aria-level="4"><span style="color: #0780c2;">Configure and manage threat protection by using Microsoft Defender for Cloud </span></h4>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="11" data-aria-level="1"><span style="font-size: 14px;">Enable workload protection services in Microsoft Defender for Cloud, including Microsoft Defender for Storage, Databases, Containers, App Service, Key Vault, Resource Manager, and DNS </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="12" data-aria-level="1"><span style="font-size: 14px;">Configure Microsoft Defender for Servers </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="13" data-aria-level="1"><span style="font-size: 14px;">Configure Microsoft Defender for Azure SQL Database </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="14" data-aria-level="1"><span style="font-size: 14px;">Manage and respond to security alerts in Microsoft Defender for Cloud </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="15" data-aria-level="1"><span style="font-size: 14px;">Configure workflow automation by using Microsoft Defender for Cloud </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335551500":0,"335552541":1,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}" aria-setsize="-1" data-aria-posinset="16" data-aria-level="1"><span style="font-size: 14px;">Evaluate vulnerability scans from Microsoft Defender for Server </span></li>
</ul>
<p aria-level="4"> </p>
<h4 aria-level="4"><span style="color: #0780c2;">Configure and manage security monitoring and automation solutions </span></h4>
<ul>
<li><span style="font-size: 14px;">Monitor security events by using Azure Monitor </span></li>
<li><span style="font-size: 14px;">Configure data connectors in Microsoft Sentinel </span></li>
<li><span style="font-size: 14px;">Create and customize analytics rules in Microsoft Sentinel </span></li>
<li><span style="font-size: 14px;">Evaluate alerts and incidents in Microsoft Sentinel </span></li>
<li><span style="font-size: 14px;">Configure automation in Microsoft Sentinel </span></li>
</ul>
<p> </p>
<p><strong>Notes:</strong></p>
<ul style="font-weight: 400;">
<li data-leveltext="" data-font="Symbol" data-listid="17" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":360,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span style="font-size: 14px;">The bullets that follow each of the skills measured are intended to illustrate how we are assessing that skill. Related topics may be covered in the exam. </span></li>
<li data-leveltext="" data-font="Symbol" data-listid="17" data-list-defn-props="{"335552541":1,"335559684":-2,"335559685":360,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span style="font-size: 14px;">Most questions cover features that are general availability (GA). The exam may contain questions on Preview features if those features are commonly used. </span></li>
</ul>
<p> </p>
<p> </p> <u><a target="_blank" href="https://docs.measureup.com/knowledgebase/system-requirements/">System Requirements</a></u>https://www.measureup.com/media/catalog/product/m/i/microsoft_az-500_pt.png69.3instock9969.33029.7Microsoft252https://www.measureup.com/media/catalog/product/m/i/microsoft_az-500_pt.png62916582/measureup/measureup/Microsoft/Microsoft Technical/measureup/Microsoft/Microsoft Technical/Microsoft Practice Tests/measureup/Microsoft2019-11-18T15:00:23+0000