AZ-500 Study App for iOS — Microsoft Azure Security Engineer

Get exam-ready for AZ-500 (Microsoft Azure Security Engineer) on iPhone or iPad. Azure Mastery uses on-device AI to predict your readiness score across all four AZ-500 domains, build a personalised study plan from your weak spots, and surface topics you're forgetting — all without sending a single byte off your device.

The exam

What is the AZ-500 exam?

AZ-500 is the Microsoft Certified: Azure Security Engineer Associate exam — the credential hiring managers expect when posting "Cloud Security Engineer", "Azure Security Specialist", or "Cloud Security Operations" roles. It's the natural next step after AZ-104 for anyone administering Azure environments who's now responsible for the security posture of those environments. It also pairs with SC-900 on the way up to the SC-100 Cybersecurity Architect Expert credential.

AZ-500 is hands-on and operational. It validates that you can manage identity and access (Microsoft Entra ID, Conditional Access, PIM, application access); secure networking (NSGs, Azure Firewall, DDoS Protection, Private Link); secure compute, storage, and databases (encryption, key management, Defender plans for SQL / Storage / Containers); and run a live security operation using Microsoft Defender for Cloud and Microsoft Sentinel — including KQL queries, analytics rules, and incident triage. Expect scenario questions that show you a config snippet or attack signal and ask what you'd do next.

Microsoft updated the AZ-500 skills outline on 22 January 2026. Every question in Azure Mastery's AZ-500 bank is mapped to the current outline — no leftover questions on retired services. Read the official outline at learn.microsoft.com.

• Questions40–60 multiple choice
• Duration100 minutes (120 min seat)
• Pass score700 / 1000
• CostUSD $165 (≈ £128 UK)
• ValidityRenew annually (Associate)
• FormatOnline or test centre

Skills measured · January 2026

AZ-500 exam objectives

Four domains, with weights set by Microsoft's January 2026 update. Every domain summary below is paraphrased from the official skills outline; bullet-level objectives in Azure Mastery are tagged so you always know which domain you're being tested on and where your weak spots cluster.

Designed for AZ-500

How Azure Mastery helps you pass AZ-500

Azure Mastery ships with 326 AZ-500 practice questions, every one written specifically against the current (January 2026) skills outline — not generic security trivia. Each question carries a domain tag mapped to the official four domains (identity and access, networking, compute/storage/databases, Defender for Cloud + Sentinel), so you always know which area you're being tested on and where your weak spots are clustered. KQL snippets, Conditional Access JSON, and Defender plan scenarios appear in roughly a third of the questions — matching the format of the live exam.

The on-device Exam IQ engine predicts your AZ-500 score before you sit the exam. After roughly 30 questions it has enough signal to give a confidence-scored prediction (e.g. "708 ±60, 68% confidence") — and tells you the specific topics that are dragging your readiness down. No vague "study more" advice; just a ranked list of objectives where improvement would move your score the furthest.

The adaptive study plan rebuilds itself from your answer history. Get a Conditional Access scenario wrong? You'll see another Entra access-management question in the next session. Master "Defender for SQL vs Defender for Storage" three sessions running and the engine backs off, surfacing fresh Sentinel KQL or Key Vault scenarios. The plan optimises for the gap between where you are and the 700 pass score, not for blind volume.

Knowledge decay tracking matters more for AZ-500 than for foundational exams — four security domains span a lot of surface area, and the topic you mastered three weeks into your study window is the topic you'll forget by exam day if you stop revising. Azure Mastery tracks every topic's decay curve and flags topics approaching expiry. The padlock icon on the Today screen is your "revisit before you forget" cue, and weak-spot drills automatically pull from decayed topics first.

Real exam simulation mode runs at AZ-500's actual length and time pressure: a randomised 40–60-question set drawn from the full 326-question bank, weighted by domain percentages from the January 2026 outline, with the 100-minute timer running and no jumping back to flag-and-review. It's the closest you can get to the live Pearson VUE / online-proctored experience without sitting the exam.

Everything runs on-device. Your answer history, your readiness gauge, your decay alerts — none of it leaves your iPhone or iPad. No account required to start, no tracking, no sync server. Privacy-first by design.

6-week study plan

Suggested AZ-500 study plan

Most candidates pass AZ-500 after four to eight weeks of focused study, depending on prior Azure security experience. The six-week plan below maps onto the four AZ-500 domains, Azure Mastery's adaptive sessions, and the in-app exam simulator. Adjust pace to taste — the readiness gauge tells you when you're done, not the calendar.

1. Identity and networking foundations

   • Days 1–3: Microsoft Entra identity types, authentication methods, password protection, MFA, passwordless. Conditional Access rules — named locations, sign-in risk, session controls.
   • Days 4–6: Privileged Identity Management (eligibility, activation, access reviews), Microsoft Entra ID Protection (risky users, risky sign-ins), application access (enterprise apps, app registrations, app proxy).
   • Days 7–10: Azure RBAC, custom roles, Azure ABAC, managed identities. Then network segmentation: NSGs, ASGs, service tags. Azure Bastion, JIT VM access.
   • Days 11–14: Azure Firewall (rules, threat intelligence, Firewall Manager), DDoS Protection, Web Application Firewall on App Gateway and Front Door. Private Link / Private Endpoints / service endpoints.

2. Workload protection and Key Vault

   • Days 15–17: Compute hardening — VM updates, disk encryption (host encryption, ADE, customer-managed keys), AKS security (network policies, Microsoft Entra integration, secrets management).
   • Days 18–20: App Service security (network restrictions, authentication, custom domains/TLS), Container Registry (signing, scanning), Container Apps and Container Instances security.
   • Days 21–23: Storage security — SAS tokens, stored access policies, customer-managed keys, immutable storage. Database security — TDE, Always Encrypted, dynamic data masking, Defender for SQL.
   • Days 24–28: Azure Key Vault end-to-end — keys, secrets, certificates, access policies vs RBAC, soft-delete and purge protection. The cross-cutting story — every other workload depends on it.

3. Defender for Cloud, Sentinel, simulate

   • Days 29–32: Microsoft Defender for Cloud — Secure Score, regulatory compliance, workload protection plans (Servers, App Service, Storage, SQL, Containers), recommendations and exemptions, just-in-time VM access.
   • Days 33–37: Microsoft Sentinel — data connectors, analytics rules and watchlists, KQL hunting queries, incident investigation, automation via Logic App playbooks, workbooks.
   • Days 38–40: Run Focus Weak Spots every morning — the app surfaces the highest-leverage questions for your weakest domains. Defender + Sentinel is 30–35% of the exam, so weight your time accordingly.
   • Days 41–42: Two end-to-end Exam Simulator runs at full 100-minute length. Review carefully after each. If readiness gauge is 750+ with reasonable confidence, schedule the exam.

Inside the app

Every Microsoft question type, on iPhone

AZ-500's question bank uses the same formats Microsoft puts on the live exam — not just multiple choice. Each visualisation below is a faithful mock of how the type renders inside Azure Mastery on iPhone and iPad. Exam-simulator mode runs all of them at full 100-minute length with no flag-and-review jumps, mirroring Pearson VUE.

Frequently asked

AZ-500 FAQs

Where AZ-500 fits

Certification paths that include AZ-500

AZ-500 is the Azure-specific security Associate cert. It pairs with SC-900 on the way into security work, and feeds into the SC-100 Cybersecurity Architect Expert credential alongside SC-200 / SC-300. Tap any linked exam below to see its dedicated study app page.

Before / after AZ-500

Related Azure certifications

AZ-500 sits in the middle of the security cert path. AZ-104 builds the operational base it assumes; SC-900 introduces the cross-cutting Microsoft security model. Pair AZ-500 with one or both for the strongest foundation.