Spend Less & Save More with our Exciting End-of-Year offers (BUY 1 GET 1 FREE) | Offer ending in:
D H M S Grab Now

What’s new in AZ-500?

Microsoft Azure is the world’s second-largest cloud computing platform, and it is increasingly expanding. It was first introduced in 2010 and has since accumulated a significant market share. In contrast to other Cloud service providers, it offers more services in more domains to more countries. More than 80% of Fortune 500 companies have shown their trust in Microsoft Azure for their cloud service needs, and more are on the way to do so. It’s a web-based application that lets us access and control Microsoft’s resources and services. Azure’s service offerings are revised and optimized on a regular basis to ensure customer satisfaction. Since cloud providers own massive server farms with a large number of workers, storage frameworks, and essential components that are critical to an organization’s activity, its security is a major concern.

What’s new in AZ-500

Microsoft Azure Security AZ-500 Certification

The Microsoft Azure Security course gives IT professionals the expertise and skills they need to enforce security measures, keep an organization’s security posture up to date, and detect and fix security vulnerabilities. This is a Microsoft-certified course known as the AZ-500 or Azure Security Engineer Associate. The ‘Microsoft Certified: Azure Security Engineer Associate Certification’ is awarded to candidates who pass the AZ-500 exam. Microsoft Azure ensures the confidentiality, honesty, and accessibility of client data while also enabling open transparency. Azure’s architecture is built from the ground to serve a large number of clients at the same time, and it provides a solid basis on which businesses can fulfill their security requirements. The Microsoft Azure Security Technologies AZ-500 certification is a new role-based affirmation program from Microsoft that covers the entire Security domain of Microsoft Azure Cloud administration.

If you are willing to do the Microsoft Azure Security (AZ-500) Certification, then it is recommended to do the following certifications prior to the Microsoft AZ-500 Certification:

  1. Microsoft Azure Fundamentals AZ-900: It provides an indispensable knowledge of different modules of Microsoft Azure. You can choose the AZ-900 – Microsoft Azure Fundamentals Online Training & Certification Course with InfosecTrain.
  2. Microsoft Azure Administrator AZ-104: This certification authorizes the proficiency of a candidate in heading the cloud services that include computing, networking, storage, security, and other Microsoft Azure cloud potential. You can choose the AZ-104 Microsoft Azure Administrator Training & Certification with InfosecTrain.

The New AZ-500 Certification

In the last few months, Microsoft has released new updates for the AZ-500 certification exam. In November 2020, AZ-500 received a significant update, followed by an incremental update on January 27, 2021, and a smaller incremental update on March 23, 2021. Since all of these enhancements are additive and incremental, it is quite a relief for the candidates who have already started their preparations. Microsoft did not remove any existing domains or features, but it did introduce some new features to the domains that were already there. The new AZ-500 exam emphasizes more on hands-on training, which is pretty standard of associate-level Microsoft exams.


The new AZ-500 exam incorporates the following domains:

Domain 1: Manage Identity and Access 30%-35%

Information Technology can use Microsoft Azure Identity and Access Management tools to defend access to applications and resources beyond the data center and into the cloud. As a result, additional levels of validation, such as multi-factor authentication and conditional access policies, are allowed.

  • Configure Azure Active Directory for Azure workloads and subscriptions
  • Configure Azure AD Privileged Identity Management
  • Configure security for an Azure subscription

There are not many changes in the features of this domain. There is a single addition in the skills measured:

  • Manage Administrative Units

Domain 2: Implement Platform Protection 15%-20%

Understanding cloud security and creating a stable network is the focus of Microsoft Azure Implementing Platform Protection. Implementing host protection, platform security, and subscription security are the major areas of focus.

  • Understand cloud security
  • Build a network
  • Secure network
  • Implement host security
  • Implement platform security
  • Implement subscription security

There are not many changes in the features of this domain as well. There is a single addition in the skills measured:

  • Implement Azure Firewall Manager

Domain 3: Manage Security Operations 25%-30%

Configuring security resources and protocols, as well as handling security alerts, are all part of Microsoft Azure Security Operations Management. The main focus will be on resolving security concerns and establishing security baselines.

  • Configure security services
  • Configure security policies by using Azure Security Center
  • Manage security alerts
  • Respond to and remediate security issues
  • Create security baselines

There are a few changes in the features of this domain. There are two additions in the skills measured:

  • Configure Workflow Automation by using Azure Security Center
  • Configure a playbook by using Azure Sentinel

Domain 4: Secure Data and Applications 20%-25%

Microsoft Azure Security Operations Management is all about configuring security services and policies, along with managing security alerts. The major focus is to learn about remediating security issues and creating security baselines.

  • Configure security policies to manage data
  • Configure security for data infrastructure
  • Configure encryption for data at rest
  • Understand application security
  • Implement security for application lifecycle
  • Secure applications
  • Configure and manage Azure Key Vault

This domain is where the bulk of changes came into play. There are three new additions in the skills measured:

  • Configure Azure Defender for Storage
  • Configure Azure Defender for SQL
  • Configure Azure Defender for Azure Key Vault

Branding Changes

Apart from the changes in the domains, there are some changes in the Azure Defender branding as well. The list of changes is mentioned below:

  • Azure Security Center (ASC) Standard will now be referred to as Azure Defender for Servers or Azure Defender for Kubernetes.
  • Azure Security Center for IoT will now be referred to as Azure Defender for IoT.
  • Advanced Threat Protection for SQL will now be referred to as Azure Defender for SQL.

There are certain new features of Azure Defender that will be added to the documentation. They are:

  • Azure Defender for Servers
  • Azure Defender for Kubernetes
  • Azure Defender for Resource Manager
  • Azure Defender for Storage
  • Azure Defender for DNS
  • Azure Defender for SQL
  • Azure Defender for IoT

Azure’s prior knowledge recommended for AZ-500 Exam

Like the MS-500 exam, the AZ-500 Azure Security Engineer Exam covers a broad variety of topics and technologies. If you’re thinking about taking this exam, you should be fairly knowledgeable about Azure technologies. You must be able to fully understand the diverse Azure platform technologies as well as how to protect them. It is recommended to take the Azure AZ-900 (Azure Fundamentals) or the AZ-104 (Azure Administrator) exam first to introduce yourself to Azure technologies. This is certainly not essential for taking the AZ-500 exam, yet it is a fair start.

Exam details

Exam Pattern Subjective and Objective
Duration 150 minutes
No. of questions 40-60
Passing score 70% (700 out of 1000)
Language English, Japanese, Chinese (Simplified), and Korean

AZ-500 with InfosecTrain

Training helps you have better knowledge and reinforces your origin of any subject, so it is imperative to pump for the appropriate training provider. You must also make sure that the training center is certified and acknowledged by proper authorities. We at InfosecTrain have exceptionally learned trainers who have expertise in their fields. We are a leading training provider and are globally recognized. Earning Microsoft Azure certification is an absolute asset on so many levels. So, start your preparations by making the right choice of Microsoft AZ-500 Certification: Azure Security Technologies Training & Certification with InfosecTrain.


Devyani Bisht ( )
Content Writer
Devyani Bisht is a B.Tech graduate in Information Technology. She has 3.5 years of experience in the domain of Client Interaction. She really enjoys writing blogs and is a keen learner. She is currently working as a Technical Services Analyst with InfosecTrain.