After the AZ-900 Azure Fundamentals certification, I also received a voucher for the AZ-500. Back then in September, I thought why not. And the preparation I did actually did not fall short in terms of the total amount of time spent on the materials, although it was across almost 4 months of time, bits and bits, always after work or on weekends. This post should provide a very short overview of what I did and how the different materials have helped me for the exam, so that you can maybe reduce the amount of time spent on preparation.
I have read through the following materials
- Official learning modules composed for AZ-500 (drawback: not everything included that is in scope of the exam outline)
- Udemy Practice Tests: https://www.udemy.com/course/azure-az-500-security-technologies-practice-test/ (test quality not very good)
- Examtopics (real exam questions covering 30% of my actual exam questions)
Official Learning Modules
The modules themselves are not bad. Well described materials and sandboxes are provided for you to test out the actual implementation steps. The sandbox was also easy to deploy although there are some modules requiring trial premium licenses that did not work me (the trial licenses did not provision after clicking on them). Therefore I would suggest to go through the possible practise exercises if you have never implemented anything in Azure. I even created a transcript, which is a copy of the content of the modules in one file. In the end, that was not 100% helpful, since with 400 pages, it is difficult to read through for learning.
Udemy Practice Test
The test collections I did were covering the right topics, however, the questions do not go along the lines of the real exam questions. Although a case study is conceptualized, the question options are not well thought through. Even some ridiculous options are given such as “Tralse”, or “False, and I should start looking for a new job”.
This is THE preparation material, just as the collection provided for AZ-900. It contains 168 questions coming from the actual exams (30% of the questions appeared actually in the exam). I don’t know the real sources behind this, but it is the best one available. The provider lists the answers, however, many people also discuss below the questions, and for some, the correct answer is discussed within there. Therefore, when you go through the questions, make sure to check out the discussion section, especially when there are more than 10 messages (indication that the given answer by the website could be wrong).
For the exam, I got 60 questions, where 5 are grouped into a separate section in the end and attached to a case study (the Chicago and SF company case). So, I did not get any of the simulation questions. I managed to pass with a score of 763 out of 1000.
Questions that I got wrong were mostly within security incident / operations (only about 50% correct). Therefore, if you can spend more time within the log analytics module or security center, it would better your chances.